OMEMO

Last updated

Logo of OMEMO OMEMO logo.svg
Logo of OMEMO

OMEMO is an extension to the Extensible Messaging and Presence Protocol (XMPP) for multi-client end-to-end encryption developed by Andreas Straub. According to Straub, OMEMO uses the Double Ratchet Algorithm "to provide multi-end to multi-end encryption, allowing messages to be synchronized securely across multiple clients, even if some of them are offline". [1] The name "OMEMO" is a recursive acronym for "OMEMO Multi-End Message and Object Encryption". It is an open standard based on the Double Ratchet Algorithm and the Personal Eventing Protocol (PEP, XEP-0163). [2] OMEMO offers future and forward secrecy and deniability with message synchronization and offline delivery.

Contents

Features

In comparison with OTR, the OMEMO protocol offers many-to-many encrypted chat, offline messages queuing, forward secrecy, file transfer, verifiability and deniability at the cost of slightly larger message size overhead. [3]

History

The protocol was developed and first implemented by Andreas Straub as a Google Summer of Code project in 2015. The project's goal was to implement a double-ratchet-based multi-end to multi-end encryption scheme into an Android XMPP-based instant messaging client called Conversations. It was introduced in Conversations and submitted to the XMPP Standards Foundation (XSF) as a proposed XMPP Extension Protocol (XEP) in the autumn of 2015 and got accepted as XEP-0384 in December 2016. [1]

In July 2016, the ChatSecure project announced that they would implement OMEMO in the next releases. ChatSecure v4.0 supports OMEMO and was released on January 17, 2017. [4] [5]

A first experimental release of an OMEMO plugin for the cross-platform XMPP client Gajim was made available on December 26, 2015. [6]

In June 2016, the non-profit computer security consultancy firm Radically Open Security published an analysis of the OMEMO protocol. [7]

Client support

Several notable clients support OMEMO, including: [8]

Library support

Related Research Articles

<span class="mw-page-title-main">Irssi</span> Text-mode IRC client

Irssi is an Internet Relay Chat (IRC) client program for Linux, FreeBSD, macOS and Microsoft Windows. It was originally written by Timo Sirainen, and released under the terms of the GNU GPL-2.0-or-later in January 1999.

<span class="mw-page-title-main">Pidgin (software)</span> Open-source multi-platform instant messaging client

Pidgin is a free and open-source multi-platform instant messaging client, based on a library named libpurple that has support for many instant messaging protocols, allowing the user to simultaneously log in to various services from a single application, with a single interface for both popular and obsolete protocols, thus avoiding the hassle of having to deal with new software for each device and protocol.

<span class="mw-page-title-main">XMPP</span> Communications protocol for message-oriented middleware

Extensible Messaging and Presence Protocol is an open communication protocol designed for instant messaging (IM), presence information, and contact list maintenance. Based on XML, it enables the near-real-time exchange of structured data between two or more network entities. Designed to be extensible, the protocol offers a multitude of applications beyond traditional IM in the broader realm of message-oriented middleware, including signalling for VoIP, video, file transfer, gaming and other uses.

<span class="mw-page-title-main">Psi (instant messaging client)</span> Instant messaging client

Psi is a free instant messaging client for the XMPP protocol which uses the Qt toolkit. It runs on Linux, Windows, macOS and OS/2.

The landscape for instant messaging involves cross-platform instant messaging clients that can handle one or multiple protocols. Clients that use the same protocol can typically federate and talk to one another. The following table compares general and technical information for cross-platform instant messaging clients in active development, each of which have their own article that provide further information.

<span class="mw-page-title-main">Google Talk</span> Instant messaging service

Google Talk was an instant messaging service that provided both text and voice communication. The instant messaging service was variously referred to colloquially as Gchat, Gtalk, or Gmessage among its users.

The following is a comparison of instant messaging protocols. It contains basic general information about the protocols.

<span class="mw-page-title-main">Gajim</span> Free instant messaging client for the XMPP protocol

Gajim is an instant messaging client for the XMPP protocol which uses the GTK toolkit. The name Gajim is a recursive acronym for Gajim's a jabber instant messenger. Gajim runs on Linux, BSD, macOS, and Microsoft Windows. Released under the GPL-3.0-only license, Gajim is free software. A 2009 round-up of similar software on Tom's Hardware found version 0.12.1 "the lightest and fastest jabber IM client".

Off-the-Record Messaging (OTR) is a cryptographic protocol that provides encryption for instant messaging conversations. OTR uses a combination of AES symmetric-key algorithm with 128 bits key length, the Diffie–Hellman key exchange with 1536 bits group size, and the SHA-1 hash function. In addition to authentication and encryption, OTR provides forward secrecy and malleable encryption.

<span class="mw-page-title-main">Jingle (protocol)</span> Peer-to-peer communications protocol

Jingle is an extension to XMPP which adds peer-to-peer (P2P) session control (signaling) for multimedia interactions such as in Voice over IP (VoIP) or videoconferencing communications. It was designed by Google and the XMPP Standards Foundation. The multimedia streams are delivered using the Real-time Transport Protocol (RTP). If needed, NAT traversal is assisted using Interactive Connectivity Establishment (ICE).

In cryptography, Curve25519 is an elliptic curve used in elliptic-curve cryptography (ECC) offering 128 bits of security and designed for use with the Elliptic-curve Diffie–Hellman (ECDH) key agreement scheme. It is one of the fastest curves in ECC, and is not covered by any known patents. The reference implementation is public domain software.

Profanity is a text mode instant messaging interface that supports the XMPP protocol. It supports Linux, macOS, Windows, FreeBSD, and Android.

<span class="mw-page-title-main">ChatSecure</span> Messaging application

ChatSecure is a messaging application for iOS which allows OTR and OMEMO encryption for the XMPP protocol. ChatSecure is free and open source software available under the GPL-3.0-or-later license.

Finch is an open-source console-based instant messaging client, based on the libpurple library. Libpurple has support for many commonly used instant messaging protocols, allowing the user to log in to various services from one application. Finch uses GLib and ncurses.

<span class="mw-page-title-main">Spark (XMPP client)</span>

Spark is an open-source instant messaging program that allows users to communicate in real time. It can be integrated with the Openfire server to provide additional features such as controlling the various Spark functionalities from a central management console, or integrating with a proprietary customer support service known as Fastpath which allows its users to interact with the platform using the Spark client. Being a cross-platform application, Spark can run on various systems. Installers for Windows, macOS and Linux are available on the official website.

In cryptography, the Double Ratchet Algorithm is a key management algorithm that was developed by Trevor Perrin and Moxie Marlinspike in 2013. It can be used as part of a cryptographic protocol to provide end-to-end encryption for instant messaging. After an initial key exchange it manages the ongoing renewal and maintenance of short-lived session keys. It combines a cryptographic so-called "ratchet" based on the Diffie–Hellman key exchange (DH) and a ratchet based on a key derivation function (KDF), such as a hash function, and is therefore called a double ratchet.

The Signal Protocol is a non-federated cryptographic protocol that provides end-to-end encryption for voice and instant messaging conversations. The protocol was developed by Open Whisper Systems in 2013 and was first introduced in the open-source TextSecure app, which later became Signal. Several closed-source applications have implemented the protocol, such as WhatsApp, which is said to encrypt the conversations of "more than a billion people worldwide" or Google who provides end-to-end encryption by default to all RCS-based conversations between users of their Google Messages app for one-to-one conversations. Facebook Messenger also say they offer the protocol for optional Secret Conversations, as does Skype for its Private Conversations.

Wire is an encrypted communication and collaboration app created by Wire Swiss. It is available for iOS, Android, Windows, macOS, Linux, and web browsers such as Firefox. Wire offers a collaboration suite featuring messenger, voice calls, video calls, conference calls, file-sharing, and external collaboration – all protected by a secure end-to-end-encryption. Wire offers three solutions built on its security technology: Wire Pro – which offers Wire's collaboration feature for businesses, Wire Enterprise – includes Wire Pro capabilities with added features for large-scale or regulated organizations, and Wire Red – the on-demand crisis collaboration suite. They also offer Wire Personal, which is a secure messaging app for personal use.

<span class="mw-page-title-main">Xabber</span> Open source instant messaging software

Xabber is a XMPP client for the Android Operating System. It is developed as an open source Project on GitHub and is licensed under the GNU GPL v.3 license. The original developers are from a software company called Redsolution, Inc. Xabber is available on the Android Play Store and on F-Droid.

<span class="mw-page-title-main">Conversations (software)</span> Free software instant messaging client for the XMPP protocol

Conversations is a free software, instant messaging client application software for Android. It is largely based on recognized open standards such as the Extensible Messaging and Presence Protocol (XMPP) and Transport Layer Security (TLS).

References

  1. 1 2 "[Standards] NEW: XEP-0384 (OMEMO Encryption)". December 7, 2016. Retrieved December 23, 2016.
  2. Daniel Gultsch. "OMEMO Multi-End Message and Object Encryption" . Retrieved November 23, 2015.
  3. "OMEMO Multi-End Message and Object Encryption". conversations.im. Retrieved January 22, 2019.
  4. "ChatSecure iOS v3.2.3 - XMPP Push". July 25, 2016. Retrieved September 7, 2016.
  5. "ChatSecure v4.0 - OMEMO and Signal Protocol". January 17, 2017. Retrieved February 7, 2017.
  6. Bahtiar Gadimov (December 26, 2015). "Initial OMEMO commit". dev.gajim.org. Retrieved September 8, 2017.
  7. OMEMO: Cryptographic Analysis Report. June 2016
  8. "Are we OMEMO yet?". Are we OMEMO yet?. Retrieved January 22, 2019.
  9. "ChatSecure v4.0 - OMEMO and Signal Protocol". chatsecure.org. January 17, 2017. Retrieved January 17, 2017.
  10. Bahtiar Gadimov; et al. "Omemogajimplugin · Wiki · gajim / gajim-plugins · GitLab" . Retrieved December 4, 2016.
  11. Developers, Gajim. "Gajim 1.8.0". Gajim. Retrieved June 15, 2023.
  12. "End to end encryption in Movim - OMEMO is (finally) there!". mov.im. Retrieved December 15, 2021.
  13. Vyacheslav Karpukhin. "OMEMO for Psi · GitHub". GitHub . Retrieved March 4, 2018.
  14. Vyacheslav Karpukhin. "Psi+ snapshots". GitHub . Retrieved March 4, 2018.
  15. Richard Bayerle. "lurch - OMEMO for libpurple". GitHub . Retrieved February 12, 2017.
  16. Olivier Mehani. "Lurch4Adium - OMEMO Xtra for Adium". GitHub . Retrieved June 8, 2017.
  17. René Calles. "profanity-omemo-plugin: A Python plugin to use (axolotl / Signal Protocol) encryption for the profanity XMPP messenger". GitHub . Retrieved January 10, 2017.
  18. Schaub, Paul (June 6, 2017). "Ignite Realtime Blog: Smack v4.2 Introduces OME... | Ignite Realtime". community.igniterealtime.org. Retrieved July 11, 2017.
  19. "Robbiehanson/XMPPFramework". GitHub . October 26, 2021.
  20. "Robbiehanson/XMPPFramework". GitHub . October 26, 2021.
  21. "SignalProtocolObjC". GitHub . January 30, 2021.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.