XEP-0384: OMEMO version 0.4 #903

iNPUTmice · 2020-03-10T08:22:48Z

As promised three years ago we got together and created a new 'libsignal-free' iteration of the OMEMO specification. This new iteration is the result of almost five years of implementation experience. It is the combined work of Andreas Straub, Daniel Gultsch, Tim Henkes, Klaus Herberth, Paul Schaub and Marvin Wißfeld.

Incorporate the double ratchet protocol specification.
Use one node to store all bundles. One item per bundle.
Recommend 'open' access model for both PEP nodes.
Specify OMEMO encryption for XEP-0045 Multi-User Chats.
Use XEP-0420: Stanza Content Encryption.
Use AES256/CBC to encrypt SCE payload.
Change namespace to urn:xmpp:omemo:1
Use wrapping 'keys' element for key elements in 'header'.
Define threat model

Find a rendered version here: https://gultsch.de/files/xep-0384.html

Note to editor: Feel free to squash this into one commit.

Regarding authorship see Council Minutes from 2020-01-22.

…s algorithm

Signed-off-by: Maxime “pep” Buquet <pep@bouah.net>

Sessions are device-to-device relationships. When we talk about 'opting-out' we want to communicate a _preference_ for an entire account not just on specific device-to-device relationship. The actual double ratchet sessions will also remain intact. So it is not reversing what ever we did in 'Starting a session' but just switching back from omemo to plain. (When we currently do that manuelly we also wouldn’t touch the actual underlying sessions) I would like to note at this point that we don’t have a way of 'opting-in' either. Nowhere do we say that a client MUST use OMEMO if they discover that the other side has bundles. Therefor I find it strange that the opt-out was a MUST and i weakend it to SHOULD. (we don’t say that a client SHOULD start omemo when it discovers support either so I even find a SHOULD too strong)

CLAassistant · 2020-03-10T08:22:59Z

All committers have signed the CLA.

iNPUTmice and others added 30 commits March 7, 2020 18:13

XEP-0384: put bundles in different items of the same node

7fbc5a7

XEP-0384: add label attribute to bundle

88d58a7

XEP-0384: fix s/list/devices/

170cc7b

XEP-0384: rename bundle node to bundles

70bdbf3

XEP-0384: add section about ending a session

5ffb127

XEP-0384: wrap key elements in keys with jid attribute

efd28fd

XEP-0384: add missing signed prekey signature

4908f44

XEP-0384: change namespace to urn:xmpp:omemo:1

38eb801

delete rendered version of XEP-0384

d203e84

XEP-0384: explain that access model should be open

8cc7ce6

XEP-0384: add business rule on heartbeat messages

27b1307

Added technical protocol details

5013178

Add SCE usage and remove some Signal references

c662094

XEP-0384: mention keys wrapper in 'receiving a message'

cd73b56

XEP-0384: remove key transport message

d914cd2

OMEMO is not only 1:1

94067ef

Be less harsh to OTR :P

9932fd4

Mention XEP-0373

433b111

Added more protocol details and improved some sections

5e434f9

XEP-0384: define encrypted element

928d6ff

Added information about OMEMOKeyExchange and the key exchange flow

f60fdbe

Protobuf structures improved

94c8f01

XEP-0384: update requirements

b0efdf0

More consistent use of Double Ratchet encryption scheme vs protocol v…

834bf3f

…s algorithm

XEP-0384: define group chats

f17f864

The HMAC has to be encrypted for each device using the Double Ratchet

98c5419

Flipped jid and email to satisfy the DTD validation, added own email

a4e6f0a

XEP-0384: group chat message sending

27b2dd2

Business rules about broken session healing

dd4f34e

consistent casing of device id

ccaff4b

iNPUTmice and others added 19 commits March 8, 2020 17:16

XEP-0384: add version log

030329e

Handled a lot of TODOs in the XEP

2e28c9c

XEP-0384: move label from bundle to devices

649e389

XEP-0384: thank chaosdorf and modify device event example

8ac3c35

depend on xep-0060

24d8279

Minor clarification

20e29ee

XEP-0384: server side requirments

779af89

fixed typos

11af6f0

XEP-0384: update XML schema

c7a29c7

Implementation notes about deactivating OMEMO, switched to 32 byte keys

5f1fb48

s/devicelist node/devices node/ + unicode chars

d4f1790

fixed typos

c55d88b

xep-0384: use entities for NSs

45b6821

Signed-off-by: Maxime “pep” Buquet <pep@bouah.net>

xep-0384: fix typos

ff176e7

Signed-off-by: Maxime “pep” Buquet <pep@bouah.net>

XEP-0384: add sce as dependency

22a6085

Add vanitasvitae jid

74577e9

A lot of smaller improvements

0ab5532

XEP-0384: mention that sending to group chat involves offline members

91cf806

jubalh mentioned this pull request Mar 10, 2020

OMEMO feature tracker profanity-im/profanity#1070

Closed

11 tasks

Ppjet6 mentioned this pull request Mar 10, 2020

add defined IV size for GCM. clarified text #894

Closed

Echolon mentioned this pull request Mar 10, 2020

Future: Implement (new) OMEMO:1 monal-im/Monal#372

Closed

Ppjet6 added the Ready To Merge No acknowledgements of other parties are needed anymore. There may be changes to do at merge time. label Mar 10, 2020

Ppjet6 merged commit 54529a5 into xsf:master Mar 10, 2020

ericonr mentioned this pull request Nov 30, 2020

lurch / libomemo: 12-byte IVs patch void-linux/void-packages#26757

Closed

Fearyncess mentioned this pull request Jan 1, 2021

lurch / libomemo: 12-byte IVs patch AOSC-Dev/aosc-os-abbs#2568

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

XEP-0384: OMEMO version 0.4 #903

XEP-0384: OMEMO version 0.4 #903

iNPUTmice commented Mar 10, 2020

CLAassistant commented Mar 10, 2020 •

edited

Loading

XEP-0384: OMEMO version 0.4 #903

XEP-0384: OMEMO version 0.4 #903

Conversation

iNPUTmice commented Mar 10, 2020

CLAassistant commented Mar 10, 2020 • edited Loading

CLAassistant commented Mar 10, 2020 •

edited

Loading