OMEMO

OMEMO is an extension to the Extensible Messaging and Presence Protocol (XMPP) for multi-client end-to-end encryption developed by Andreas Straub. According to Straub, OMEMO uses the Double Ratchet Algorithm "to provide multi-end to multi-end encryption, allowing messages to be synchronized securely across multiple clients, even if some of them are offline". The name "OMEMO" is a recursive acronym for "OMEMO Multi-End Message and Object Encryption". It is an open standard based on the Double Ratchet Algorithm and the Personal Eventing Protocol (PEP, XEP-0163). OMEMO offers future and forward secrecy and deniability with message synchronization and offline delivery.

Features

In comparison with OTR, the OMEMO protocol offers many-to-many encrypted chat, offline messages queuing, forward secrecy, file transfer, verifiability and deniability at the cost of slightly larger message size overhead.

History

The protocol was developed and first implemented by Andreas Straub as a Google Summer of Code project in 2015. The project's goal was to implement a double-ratchet-based multi-end to multi-end encryption scheme into an Android XMPP-based instant messaging client called Conversations. It was introduced in Conversations and submitted to the XMPP Standards Foundation (XSF) as a proposed XMPP Extension Protocol (XEP) in the autumn of 2015 and got accepted as XEP-0384 in December 2016.

In July 2016, the ChatSecure project announced that they would implement OMEMO in the next releases. ChatSecure v4.0 supports OMEMO and was released on January 17, 2017.

A first experimental release of an OMEMO plugin for the cross-platform XMPP client Gajim was made available on December 26, 2015.

In June 2016, the non-profit computer security consultancy firm Radically Open Security published an analysis of the OMEMO protocol.

Client support

Selected clients supporting OMEMO (full list of clients also exists):

• BeagleIM (macOS)
• ChatSecure (iOS)
• Conversations (Android)
• Converse.js (Browser-based)
• Dino (Linux, macOS)
• Gajim (Linux, Windows, BSD)
• Kaidan (Linux)
• Monal (iOS)
• Movim (Browser-based)
• Psi via official plugin (Linux, Windows, macOS)
• Psi+ via official plugin (Linux, Windows, macOS, Haiku, FreeBSD)
• libpurple clients such as Pidgin or Finch via experimental plugin
• Adium via an Xtra based on the libpurple plugin
• Profanity via experimental plugin (BSD, Linux, macOS, Windows)
• SiskinIM (iOS)

Library support

• Smack supports OMEMO using the two modules smack-omemo and smack-omemo-signal
• XMPPFramework (macOS, iOS, tvOS) supports OMEMO via the OMEMOModule extension when used in conjunction with the SignalProtocol-ObjC library.

References

External links

• Homepage
• XEP-0384: OMEMO Encryption (Experimental)
• Python library for implementing OMEMO in other clients
• OMEMO protocol implementation in C
• OMEMO Top - OMEMO support toplist in instant message clients

1. Curve25519
2. Signal Protocol
3. Conversations (software)
4. Off-the-record messaging
5. ChatSecure
6. Profanity (instant messaging client)
7. Comparison of instant messaging protocols
8. Gajim
9. Psi (instant messaging client)
10. Asaf Avidan
11. XMPP
12. Cryptocat
13. List of free and open-source Android applications
14. Double Ratchet Algorithm
15. Forward secrecy
16. Pablo Soto (software developer)
17. Spark (XMPP client)
18. Comparison of VoIP software