OMEMO (OMEMO Multi-End Message and Object Encryption) is a multi-end to multi-end payload encryption ("e2e") technology for XMPP services originally developed for and implemented by the Conversations XMPP client based on the double-ratchet algorithm popularized by the Signal Private Messenger service, and has been formally standardized as XEP-0384.
Requirements for OMEMO support¶
In order for OMEMO to function, both the XMPP server and the user’s XMPP client must implement certain features. For an OMEMO session to be established between two users, both users’s servers and clients must support the requirements. Note that due to XMPP’s federated paradigm, two user’s servers may be two different machines. These two servers should themselves communicate with each other over a secured channel, such as TLS/SSL and/or Tor’s Onion services.
Server requirements for OMEMO support¶
In order to establish an OMEMO session and exchange OMEMO-encrypted messages between a set of users, all of the users’s servers must implement support for the following XEPs:
- XEP-0030: Service Discovery ("disco").
- XEP-0060: Publish-Subscribe ("PubSub") (required dependency for Personal Eventing Protocol XEP-0163).
- XEP-0163: Personal Eventing Protocol ("PEP").
- XEP-0237: Roster Versioning.
See specific XMPP server pages, such as Prosody, for information on deploying OMEMO-capable server services.
Client requirements for OMEMO support¶
XMPP clients must independently support OMEMO. For more information and a list of which clients currently support or do not support OMEMO, see Are We OMEMO Yet?.
Serverless OMEMO¶
Currently, OMEMO seems incompatible with XMPP Serverless Messaging XEP-0174 due to OMEMO’s requirement of Personal Eventing Protocol (PEP) XEP-0163, for storing bundles of pre-keys associated with a given JabberID on that user’s server.
As an alternative to OMEMO, users can employ clients that support Off-The-Record (OTR) message encryption to protect data in motion over a local area network (LAN) or link-local messaging environment without a server, as this encryption technology does not require server-side storage of pre-keys.
Alternatives¶
See XMPP E2E Security.