PFS/OTR/OMEMO encryption

[daniele-athome]

Title speaks for itself :-)
Also consider the Axolotol ratchet: https://www.whispersystems.org/blog/advanced-ratcheting/
Conversations already implemented OMEMO: http://conversations.im/omemo

---

https://github.com/igniterealtime/Smack/blob/4.3/documentation/extensions/omemo.md
(Future) https://github.com/igniterealtime/Smack/blob/master/documentation/extensions/omemo.md

[geileszeuch]

Maybe you should consider the whole TextSecure-V2 protocol which uses elliptic curve encryption and has several advantages over OTR.

[mimi89999]

👍

[pravi]

@daniele-athome we are looking for students to work on projects like kontalk (see https://www.loomio.org/d/59Jl3bds/private-messaging-focused-phase-2), would you mentor students to implement this feature? OMEMO support in conversations was added by a student as part of google summer of code. We can ask students to submit proposals and we can select if we are happy with the proposal. We'll also crowd fund so we can pay them like gsoc.

[daniele-athome]

Sure that would be great. I was indeed delaying PFS after implementing group chat, but we can develop those two in at the same time if another person helps me out so we can work out practical implementation of OMEMO in group chat and sort out issues about that. Please let me know what you need.

[pravi]

@daniele-athome thanks. We'll start visiting colleges and look for interested students. I'll keep you posted.

[vanitasvitae]

Hi! I just want to let you know, that I'm working on a Smack module for OMEMO as part of my bachelors thesis. Since afaik Kontalk is based on Smack, it might use it in the future ;)

[daniele-athome]

@vanitasvitae that's great news! Looking forward to it. And good luck with your thesis!

[ghost]

OMEMO support is vital part of mobile security!

I hope it will be implemented.

[keshto]

👍

[vanitasvitae]

Zom started to implement OMEMO using smack-omemo and smack-omemo-signal. I'd love to get more feedback from client developers that use the code 👍

[webratte]

For me as a interested user it sounds like a good idea to give OMEMO implementation in Kontalk the highest priority (beside bug fixes).

[abika]

I spend some time playing with it. However, because PubSub is currently not supported by the Kontalk server I couldn't really test it. Still, it looks very promising.

[daniele-athome]

Thanks @abika.
I believe that Tigase can support PubSub. I'll do some research on our test server.

[vanitasvitae]

Hi!
Just to keep you updated: Smack included OMEMO support in 4.2.0, but due to some ongoing API changes the OMEMO modules were temporarily excluded from 4.2.1 and the recently released 4.2.2. I'm aiming for 4.2.3 including the OMEMO modules again, because my rework is nearly finished :)

[daniele-athome]

Good to know. I was just planning to start soon. Thanks for your work, looking forward to Smack 4.2.3 :-)

[vanitasvitae]

@daniele-athome Good news: My OMEMO rework made it into Smack 4.4.0-alpha1!

[daniele-athome]

That's great @vanitasvitae, thank you!! I'll do some experiments with Smack 4.4 in a separate branch.

[daniele-athome]

@vanitasvitae I see there is some OMEMO code in Smack 4.3, is it upgraded with your work that got included in 4.4? I mean can I begin experimenting with Smack 4.3 without going all full-edge on an alpha?

[vanitasvitae]

There are significat API changes between 4.3 and the current master/4.4.

[daniele-athome]

I don't know if I can wait for Smack 4.4... especially now that the really nice guys at Prism Break have removed us from their website since we don't implement OMEMO.
I'll test the code from 4.3 for now. Then I'll inspect this big commit.

[vanitasvitae]

Maybe try to keep the OMEMO stuff modular, so replacing the implementation later can be done more easily :)

[daniele-athome]

I've begun experimenting with OMEMO from Smack 4.3.0 - which I had to compile by myself because the smack-omemo components for 4.3.0 were not deployed to Maven Central.
The experiments were very successful :-)

@vanitasvitae by the way, would you know anything about this: https://mail.jabber.org/pipermail/standards/2018-September/035348.html

[daniele-athome]

Some work going on in #1256.

[CrimsonFork]

Just a little heads up - I haven't tried it yet, but aTalk is an XMPP messenger that came to F-Droid lately and claims to have, among other types, OMEMO encryption.

[daniele-athome]

@vanitasvitae I realized now that you replied to the thread I pointed you to, before I asked you!! :D sorry...

[vanitasvitae]

@daniele-athome no problem ;)

You may be interested in this PR btw ;)

[daniele-athome]

You may be interested in this PR btw ;)

Oh I missed that in the XMPP mailing list! Thanks I'll take a look.

[vanitasvitae]

Oh I missed that in the XMPP mailing list! Thanks I'll take a look.

The editor did not yet merge this PR, so the announcement mail + extensive discussion is still due to come. Nevertheless, please don't hesitate to give feedback in this thread.

So, enough thread hijacking :D