[Standards] Proposed XMPP Extension: OMEMO Encryption

Fabian Beutel fabian.beutel at gmx.de
Tue Apr 12 16:08:55 UTC 2016


Hey everyone,

as I'm currently trying to implement OMEMO out of curiosity, I wanted to
bring up a few points that might be of interest to the discussion:

1. There still seems to be no real protocol specification, but there has
been a "whitepaper" by Whatsapp [1] that describes the protocol used,
which is not suitable as a standards specification but is a nice
introduction for understanding the protocol - if anyone is interested.

2. A minor issue, but as you probably know, the people from
OpenWhisperSystems have renamed their protocol from Axolotl to Signal
and seem to be eager to push these changes throughaut their repositories.
An updated OMEMO proposal should probably reflect that change, as
references to Axolotl may become less clear when the Signal-people
remove all appearences of the old name.

3. There have been discussions on this list to use v2 of the Axolotl
protocol. However, it seems that the OWS people have removed support for
v2 from most of their libraries ([2] for the Java lib, [3] for the C
lib). That could indeed be a problem if v2 would be the default version,
as probably most people will want to rely on the reference
implementations...

Best regards,
Fabian


[1] https://www.whatsapp.com/security/WhatsApp-Security-Whitepaper.pdf
[2]
https://github.com/WhisperSystems/libsignal-protocol-java/commit/87b5b940fbf9624ad0302721f6e54d7e5250df70
[3]
https://github.com/WhisperSystems/libsignal-protocol-c/commit/57d85a0dc81a4e6d59ac20633a08040f57a29ddb


More information about the Standards mailing list