[Standards] OMEMO Key Agreement

Remko Tronçon remko at el-tramo.be
Wed May 31 06:59:00 UTC 2017

Hi Ignat,

can you please describe the concrete benefits of your approach?

It gets rid of the non-standard XEdDSA dependency, which is blocking me
(and likely others) in creating independent implementations that don't
depend on libsignal. (see the other threads for my reasons).

> The only difference I can spot is that it's more implementation work for
> those that use libsignal (which at this point in time seems to be all
> implementations) and less for libsodium (which happens to not implement
> many other parts of the protocol as well and thus require a lot of work
> nonetheless).

Libolm implements the rest of the protocol. I used libsodium to prove that
anyone can create an independent implementation. If you want to use libolm,
you'd need to change the 3DH to X3DH (same as in the prototype), and pass
in an extra key (Olm doesn't have signed one-time prekeys).

So it's a little bit of work for libsignal, and a bit more work for libolm.
It's a compromise.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/standards/attachments/20170531/3de7c7fc/attachment.html>

More information about the Standards mailing list