OMEMO
{{Short description|Extension to XMPP for multi-client end-to-end encryption}}
{{Use mdy dates|date=October 2023}}
OMEMO is an extension to the Extensible Messaging and Presence Protocol (XMPP) for multi-client end-to-end encryption developed by Andreas Straub. According to Straub, OMEMO uses the Double Ratchet Algorithm "to provide multi-end to multi-end encryption, allowing messages to be synchronized securely across multiple clients, even if some of them are offline". The name "OMEMO" is a recursive acronym for "OMEMO Multi-End Message and Object Encryption".
It is an open standard based on the Double Ratchet Algorithm and the Personal Eventing Protocol (PEP, XEP-0163).
OMEMO offers future and forward secrecy and deniability with message synchronization and offline delivery.
Features
In comparison with OTR, the OMEMO protocol offers many-to-many encrypted chat, offline messages queuing, forward secrecy, file transfer, verifiability and deniability at the cost of slightly larger message size overhead.{{Cite web|url=https://conversations.im/omemo/|title=OMEMO Multi-End Message and Object Encryption|website=conversations.im|language=en|access-date=2019-01-22}}
History
The protocol was developed and first implemented by Andreas Straub as a Google Summer of Code project in 2015. The project's goal was to implement a double-ratchet-based multi-end to multi-end encryption scheme into an Android XMPP-based instant messaging client called Conversations.
It was introduced in Conversations and submitted to the XMPP Standards Foundation (XSF) as a proposed XMPP Extension Protocol (XEP) in the autumn of 2015 and got accepted as [https://xmpp.org/extensions/xep-0384.html XEP-0384] in December 2016.
In July 2016, the ChatSecure project announced that they would implement OMEMO in the next releases. ChatSecure v4.0 supports OMEMO and was released on January 17, 2017.{{cite web|url=https://chatsecure.org/blog/chatsecure-v323-xmpp-push/|title=ChatSecure iOS v3.2.3 - XMPP Push|date = 2016-07-25|access-date = 2016-09-07}}{{cite web|url=https://chatsecure.org/blog/chatsecure-v4-released/|title=ChatSecure v4.0 - OMEMO and Signal Protocol|date = 2017-01-17|access-date = 2017-02-07}}
A first experimental release of an OMEMO plugin for the cross-platform XMPP client Gajim was made available on December 26, 2015.
In June 2016, the non-profit computer security consultancy firm Radically Open Security published an analysis of the OMEMO protocol.{{Cite web |last=Radically Open Security |date=2016-06-01 |title=OMEMO: Cryptographic Analysis Report |url=https://conversations.im/omemo/audit.pdf |url-status=live |archive-url=https://web.archive.org/web/20250404065504/https://conversations.im/omemo/audit.pdf |archive-date=2025-04-04 |access-date=2025-04-10 |publisher=Radically Open Security |place=Amsterdam |language=en}}
Client support
Selected clients supporting OMEMO (full list of clients also exists{{Cite web|url=http://omemo.top/|title=Are we OMEMO yet?|website=Are we OMEMO yet?|language=en-US|access-date=2019-01-22}}):
- [https://beagle.im/ BeagleIM] (macOS){{Cite web|url= https://tigase.org/blog/beagleim-and-siskin-just-got-oemo-support/|title=Beagle OMEMO support|date=July 7, 2019 }}
- ChatSecure (iOS){{Cite web|url=https://chatsecure.org/blog/chatsecure-v4-released/|title=ChatSecure v4.0 - OMEMO and Signal Protocol|website=chatsecure.org|date=17 January 2017 |access-date=2017-01-17}}
- Conversations (Android)
- Converse.js (Browser-based){{Cite web|url=https://github.com/conversejs/converse.js/issues/497|title=XEP-0384: OMEMO Encryption · Issue #497 · conversejs/converse.js|website=GitHub|language=en|access-date=2019-11-20}}
- Dino (Linux, macOS){{Cite web|url=https://dino.im|title=Dino - Modern Jabber/XMPP Client using GTK+/Vala
|website=dino.im|access-date=2017-11-06}}
- Gajim (Linux, Windows, BSD){{Cite web |last=Developers |first=Gajim |title=Gajim 1.8.0 |url=https://gajim.org/post/2023-05-27-gajim-1.8.0-released/ |access-date=2023-06-15 |website=Gajim |language=en}}
- Kaidan (Linux){{Cite web |url=https://www.kaidan.im/2023/05/05/kaidan-0.9.0/ |title=Kaidan 0.9: End-to-End Encryption & XMPP Providers |date=2023-05-05 |access-date=2023-10-20 |website=Kaidan}}
- Movim (Browser-based){{Cite web|url=https://mov.im/?node/pubsub.movim.eu/Movim/end-to-end-encryption-in-movim-omemo-is-finally-there-yudZPP/|title=End to end encryption in Movim - OMEMO is (finally) there!|website=mov.im|access-date=2021-12-15}}
- Psi via official plugin (Linux, Windows, macOS)
- Psi+ via official plugin (Linux, Windows, macOS, Haiku, FreeBSD)
- libpurple clients such as Pidgin or Finch via experimental plugin
- Adium via an Xtra based on the libpurple plugin
- Profanity via experimental plugin (BSD, Linux, macOS, Windows)
- [https://siskin.im/ SiskinIM] (iOS){{Cite web
|url=https://tigase.net/blog-entry/beagleim-and-siskinim-just-got-omemo-support
|title=BeagleIM and SiskinIM just got OMEMO support
|website=tigase.net
|access-date=2019-06-07}}
Library support
- Smack supports OMEMO using the two modules smack-omemo and smack-omemo-signal{{Cite web|url=https://community.igniterealtime.org/blogs/ignite/2017/06/06/smack-v42-introduces-omemo-support|title=Ignite Realtime Blog: Smack v4.2 Introduces OME... {{!}} Ignite Realtime|last=Schaub|first=Paul|website=community.igniterealtime.org|date=6 June 2017|language=en|access-date=2017-07-11}}
- XMPPFramework (macOS, iOS, tvOS) {{Cite web|url=https://github.com/robbiehanson/XMPPFramework|title=Robbiehanson/XMPPFramework|website=GitHub |date=26 October 2021}} supports OMEMO via the OMEMOModule extension {{Cite web|url=https://github.com/robbiehanson/XMPPFramework/blob/master/Extensions/OMEMO/OMEMOModule.h|title = Robbiehanson/XMPPFramework| website=GitHub |date = 26 October 2021}} when used in conjunction with the SignalProtocol-ObjC library.{{Cite web|url=https://github.com/ChatSecure/SignalProtocol-ObjC|title = SignalProtocolObjC| website=GitHub |date = 30 January 2021}}
References
{{Reflist|colwidth=30em|refs=
|url= https://conversations.im/omemo/
|title= OMEMO Multi-End Message and Object Encryption
|author= Daniel Gultsch
|access-date= 2015-11-23}}
|author= Bahtiar Gadimov
|title= Initial OMEMO commit
|url= https://dev.gajim.org/gajim/gajim-plugins/commit/67d6ed441dc059a8b9a74dc3840711b2c8322d4e
|date= 2015-12-26
|website= dev.gajim.org
|access-date= 2017-09-08}}
|url= https://dev.gajim.org/gajim/gajim-plugins/wikis/OmemoGajimPlugin
|title= Omemogajimplugin · Wiki · gajim / gajim-plugins · GitLab
|author= Bahtiar Gadimov
|display-authors=etal
|access-date= 2016-12-04}}
|url= https://github.com/psi-im/plugins/tree/master/generic/omemoplugin
|title= OMEMO for Psi · GitHub
|author= Vyacheslav Karpukhin
|website= GitHub
|access-date= 2018-03-04}}
|url= https://github.com/psi-plus/psi-plus-snapshots/tree/master/plugins/generic/omemoplugin
|title= Psi+ snapshots
|author= Vyacheslav Karpukhin
|website= GitHub
|access-date= 2018-03-04}}
|url=https://mail.jabber.org/pipermail/standards/2016-December/031712.html
|title=
|date = 2016-12-07
|access-date = 2016-12-23}}
|url=https://github.com/ReneVolution/profanity-omemo-plugin
|title=profanity-omemo-plugin: A Python plugin to use (axolotl / Signal Protocol) encryption for the profanity XMPP messenger
|author= René Calles
|website=GitHub
|access-date=2017-01-10}}
|url=https://github.com/gkdr/lurch
|title=lurch - OMEMO for libpurple
|author= Richard Bayerle
|website=GitHub
|access-date=2017-02-12}}
|url=https://github.com/shtrom/Lurch4Adium
|title=Lurch4Adium - OMEMO Xtra for Adium
|author= Olivier Mehani
|website=GitHub
|access-date=2017-06-08}}
}}
External links
- [https://conversations.im/omemo/ Homepage]
- [https://xmpp.org/extensions/xep-0384.html XEP-0384: OMEMO Encryption] (Experimental)
- [https://github.com/omemo/python-omemo Python library for implementing OMEMO in other clients]
- [https://github.com/gkdr/libomemo OMEMO protocol implementation in C]
- [http://omemo.top/ OMEMO Top] - OMEMO support toplist in instant message clients
{{Cryptographic software}}
Category:End-to-end encryption
Category:Free security software
Category:Cryptographic protocols