OMEMO is an extension of the XMPP protocol used by Secure Chat, which allows multi-client end-to-end encryption (necessary for encrypted group chats). The acronym stands for “OMEMO Multi-End Message and Object Encryption.” The protocol uses the Double Ratchet cryptographic algorithm, which creates a secure connection between multiple parties using chains of keys. Each message key is calculated from the previous one using key derivation functions (KDF) that cannot be reversed. The key chains developed on the participating devices are identical but irreversible. Even if a key is compromised, it cannot be used to decrypt more than one message in the conversation.
OMEMO provides the following features:
- Symmetric end-to-end encryption. Messages are encrypted on the sender’s end and decrypted on all recipients’ ends with the same key. The algorithm facilitates the key exchange.
- Forward secrecy. Unique ephemeral keys are used for every message. If a set is compromised, all other messages remain encrypted with different keys.
- Independent key renewal. The algorithm does not need a peer or public key infrastructure to get new keys. It uses irreversible KDFs to calculate ephemeral keys from the ones used for the previous message.
- Plausible deniability. If a message gets intercepted, snoopers will not be able to determine who has sent it.
- No lost or out-of-order messages. Each message has a session number embedded in its header. This way, if a message gets lost or undelivered, it will not mess up the key derivation chain.