[Standards] OMEMO Key Agreement

Ignat Gavrilov ignat.gavrilov at mailfence.com
Tue May 30 20:53:45 UTC 2017


can you please describe the concrete benefits of your approach?
The only difference I can spot is that it's more implementation work for those that use libsignal (which at this point in time seems to be all implementations) and less for libsodium (which happens to not implement many other parts of the protocol as well and thus require a lot of work nonetheless).

I wouldn't use neither so I don't care about that part ;)
Is there any difference from a crypto perspective that I missed? As far as I can tell, this is only a constant factor for any attack I can imagine, if at all.


"Remko Tronçon" <remko at el-tramo.be> wrote:

On 29 May 2017 at 07:53, Remko Tronçon <remko at el-tramo.be> wrote:

I may have a solution to our OMEMO key agreement discussion that satisfies all of us.

FYI, to get some more confidence in this approach, I prototyped it using both libsignal and libsodium:

The libsignal prototype actually mimics the 2 parts of libsignal that need to be patched; patching the library itself should be even less work/code (but I couldn't find an OMEMO client for my platform to apply the changes myself).

Standards mailing list
Info: https://mail.jabber.org/mailman/listinfo/standards
Unsubscribe: Standards-unsubscribe at xmpp.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/standards/attachments/20170530/22a0d13f/attachment.html>

More information about the Standards mailing list