OMEMO is an extension to the Extensible Messaging and Presence Protocol (XMPP) for multi-client end-to-end encryption developed by Andreas Straub. According to Straub, OMEMO uses the Double Ratchet Algorithm "to provide multi-end to multi-end encryption, allowing messages to be synchronized securely across multiple clients, even if some of them are offline".[1] The name "OMEMO" is a recursive acronym for "OMEMO Multi-End Message and Object Encryption". It is an open standard based on the Double Ratchet Algorithm and the Personal Eventing Protocol (PEP, XEP-0163).[2] OMEMO offers future and forward secrecy and deniability with message synchronization and offline delivery.

Logo of OMEMO

Features

edit

In comparison with OTR, the OMEMO protocol offers many-to-many encrypted chat, offline messages queuing, forward secrecy, file transfer, verifiability and deniability at the cost of slightly larger message size overhead.[3]

History

edit

The protocol was developed and first implemented by Andreas Straub as a Google Summer of Code project in 2015. The project's goal was to implement a double-ratchet-based multi-end to multi-end encryption scheme into an Android XMPP-based instant messaging client called Conversations. It was introduced in Conversations and submitted to the XMPP Standards Foundation (XSF) as a proposed XMPP Extension Protocol (XEP) in the autumn of 2015 and got accepted as XEP-0384 in December 2016.[1]

In July 2016, the ChatSecure project announced that they would implement OMEMO in the next releases. ChatSecure v4.0 supports OMEMO and was released on January 17, 2017.[4][5]

A first experimental release of an OMEMO plugin for the cross-platform XMPP client Gajim was made available on December 26, 2015.[6]

In June 2016, the non-profit computer security consultancy firm Radically Open Security published an analysis of the OMEMO protocol.[7]

Client support

edit

Selected clients supporting OMEMO (full list of clients also exists[8]):

Library support

edit
  • Smack supports OMEMO using the two modules smack-omemo and smack-omemo-signal[23]
  • XMPPFramework (macOS, iOS, tvOS) [24] supports OMEMO via the OMEMOModule extension [25] when used in conjunction with the SignalProtocol-ObjC library.[26]

References

edit
  1. ^ a b "[Standards] NEW: XEP-0384 (OMEMO Encryption)". December 7, 2016. Retrieved December 23, 2016.
  2. ^ Daniel Gultsch. "OMEMO Multi-End Message and Object Encryption". Retrieved November 23, 2015.
  3. ^ "OMEMO Multi-End Message and Object Encryption". conversations.im. Retrieved January 22, 2019.
  4. ^ "ChatSecure iOS v3.2.3 - XMPP Push". July 25, 2016. Retrieved September 7, 2016.
  5. ^ "ChatSecure v4.0 - OMEMO and Signal Protocol". January 17, 2017. Retrieved February 7, 2017.
  6. ^ Bahtiar Gadimov (December 26, 2015). "Initial OMEMO commit". dev.gajim.org. Retrieved September 8, 2017.
  7. ^ OMEMO: Cryptographic Analysis Report. June 2016
  8. ^ "Are we OMEMO yet?". Are we OMEMO yet?. Retrieved January 22, 2019.
  9. ^ "Beagle OMEMO support". July 7, 2019.
  10. ^ "ChatSecure v4.0 - OMEMO and Signal Protocol". chatsecure.org. January 17, 2017. Retrieved January 17, 2017.
  11. ^ "XEP-0384: OMEMO Encryption · Issue #497 · conversejs/converse.js". GitHub. Retrieved November 20, 2019.
  12. ^ "Dino - Modern Jabber/XMPP Client using GTK+/Vala". dino.im. Retrieved November 6, 2017.
  13. ^ Bahtiar Gadimov; et al. "Omemogajimplugin · Wiki · gajim / gajim-plugins · GitLab". Retrieved December 4, 2016.
  14. ^ Developers, Gajim. "Gajim 1.8.0". Gajim. Retrieved June 15, 2023.
  15. ^ "Kaidan 0.9: End-to-End Encryption & XMPP Providers". Kaidan. May 5, 2023. Retrieved October 20, 2023.
  16. ^ "End to end encryption in Movim - OMEMO is (finally) there!". mov.im. Retrieved December 15, 2021.
  17. ^ Vyacheslav Karpukhin. "OMEMO for Psi · GitHub". GitHub. Retrieved March 4, 2018.
  18. ^ Vyacheslav Karpukhin. "Psi+ snapshots". GitHub. Retrieved March 4, 2018.
  19. ^ Richard Bayerle. "lurch - OMEMO for libpurple". GitHub. Retrieved February 12, 2017.
  20. ^ Olivier Mehani. "Lurch4Adium - OMEMO Xtra for Adium". GitHub. Retrieved June 8, 2017.
  21. ^ René Calles. "profanity-omemo-plugin: A Python plugin to use (axolotl / Signal Protocol) encryption for the profanity XMPP messenger". GitHub. Retrieved January 10, 2017.
  22. ^ "BeagleIM and SiskinIM just got OMEMO support". tigase.net. Retrieved June 7, 2019.
  23. ^ Schaub, Paul (June 6, 2017). "Ignite Realtime Blog: Smack v4.2 Introduces OME... | Ignite Realtime". community.igniterealtime.org. Retrieved July 11, 2017.
  24. ^ "Robbiehanson/XMPPFramework". GitHub. October 26, 2021.
  25. ^ "Robbiehanson/XMPPFramework". GitHub. October 26, 2021.
  26. ^ "SignalProtocolObjC". GitHub. January 30, 2021.
edit