-
Notifications
You must be signed in to change notification settings - Fork 20
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add Omemo Encryption Support #153
Comments
OMEMO is no longer a ProtoXEP. It became XEP-0384. |
Thank you, great point, I'll update the initial request accordingly. |
thanks for this issue. this is a duplicate of #101. unfortunately I don't have time atm to implement omemo, if you happen to have time, please send a PR along. |
I'd like to note that OMEMO is useful for more than just offline delivery. I saw in one of your recent blog posts...
However, Conversations supports OMEMO in MUCs under certain circumstances, so there is an option. |
A prerequisite to doing this would be to implement XEP-0163 which is used to distribute pre-keys in OMEMO. This would be useful for an end-to-end encrypted messaging protocol that I'm doing as well - which is architecturally very different from OMEMO, but could use XMPP/Matrix as "dumb transports". Implementing XEP-0163 is probably best done either in ermine/xmpp or as a separate opam package, and not in jackline itself. |
There was a bounty posted for this issue for $100. https://www.bountysource.com/issues/41164178-add-omemo-encryption-support |
so I evaluated a bit our options to move forward here:
and down the stack, crypto requires some ECC operations:
I'd go another way, and interface the output (C code with only some intrinsics, and no external calls) of fia crypto, a ECC development in Coq, correct by construction - and then interface this simple C code from OCaml (similar to what nocrypto does atm). see a recent draft submission of that project https://people.csail.mit.edu/jgross/personal-website/papers/2018-fiat-crypto-pldi-draft.pdf in the end, fiat-crypto contains a (rather complex) build chain, but is actively developed and they already have support for various ecc curves. i haven't checked whether they are sufficient for an omemo implementation (and am not sure about the exact differences between omemo and the noise protocol, neither between noise and signal). wireguard is another interesting project which is atm halted due to missing ecc (25519 as well? noise protocol framework?). what do you think? /cc @cfcs @dinosaure would be great to have omemo in jackline in 2018!!! |
Ok, I think it's time to take my time again on curve25519, I just talked with @samoht about this implementation (for others purposes) and I just read some comments about dino/dino (like my surname) which is an XMPP client (specially fit for my family) with an OMEMO support. Too much signals about it, so I will restart callipyge. |
@dinosaure that is great to hear :) what are your plans for |
Focus on API and, like |
Maybe we can just host the generated C code from |
|
I'm not entirely sure where this information belongs (it is broader than "omemo in jackline", but rather "ECC for OCaml"), there's hacl-ocaml-package which uses the exported hacl-c-code, vendored inside of tezos' repository (using a custom hacl branch): https://github.com/tezos/tezos/tree/master/vendors/ocaml-hacl see as well https://github.com/vbmithr/ocaml-hacl for an incomplete mirror thereof may be worth looking into that if the path forward is to use hacl |
|
Any news? |
Please add support for the new OMEMO XEP: http://xmpp.org/extensions/xep-0384.html
OMEMO is an XMPP Extension Protocol (XEP) for secure multi-client end-to-end encryption: http://conversations.im/omemo/ It offers Forward Secrecy and deniability while allowing you to keep the benefits of message synchronization and offline delivery.
OMEMO uses the Double Ratchet algorithm to establish secure sessions between every combination of devices: https://en.wikipedia.org/wiki/OMEMO
It's current support status in other XMPP clients is tracked here: http://www.omemo.top
The text was updated successfully, but these errors were encountered: