[Standards] OMEMO Key Agreement
sebastian.verschoor at gmail.com
Mon Jun 5 19:33:41 UTC 2017
On 3 June 2017 at 04:10, VanitasVitae <vanitasvitae at riseup.net> wrote:
> Hi Sebastian!
> As a cryptographic expert, what would be your advise for future
> development of the protocol?
> As you may have read, the reason of this discussion is the fact that there
> are concerns that it is not trivial to implement OMEMO in non-GPL apps due
> to the lack of a permissive XEdDSA implementation. Thats also the reason
> why OMEMO was (prematurely) specified based on Olm instead of libsignal.
> Would you rather suggest to put the efforts into a permissive XEdDSA
> implementation or what would be your advice?
I was going to suggest using seperate key-pairs: one for signing and one
for DH. However, upon closer inspection it seems that the
X3DH-specification requires XEdDSA signatures (
so if you did that you would no longer follow the open specs, which I
believe (from previous discussions) is not desirable.
So the other option is to implement XEdDSA. The specs aren't super
complicated, so I think I could do that, based on the public domain
Curve25519 code in supercop. It would be a public domain implementation in
C (I believe most languages can call C through an FFI?)
> Greetings Vanitasvitae
> Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail
> Standards mailing list
> Info: https://mail.jabber.org/mailman/listinfo/standards
> Unsubscribe: Standards-unsubscribe at xmpp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Standards