Tech pages/OMEMO

XEP-0384: OMEMO Encryption is an end-to-end encryption mechanism for use with XMPP. It is based around the Double Ratchet Algorithm as known from the messaging application Signal.

More background information can be found on Wikipedia.

Mind the Namespace
Unfortunately there are different versions of OMEMO encryption existing, that are incompatible to each other.

"siacs" OMEMO
Protocol specification versions 0.2.0 to 0.3.0 are identified by the namespace of "eu.siacs.conversations.axolotl". Those are the versions with (currently) the greatest adoption in the ecosystem. If you need to have an implementation with compatibility to the status quo, you should implement this version. Note however, that you might end up needing to rework your implementation if the ecosystem moves to the next iteration.

"OMEMO:0"
Identified by the namespace " urn:xmpp:omemo:0 ", specification versions 0.0.2 and 0.1.0 describe a protocol which has no known implementations. You should not implement this version.

"OMEMO:1"
The specification versions 0.4 up to the most recent version (0.6 at the time of writing) are identified by the namespace of " urn:xmpp:omemo:1 " and describe an improved, yet sparsely adopted version of the protocol. If you intend to implement a future proof encryption protocol, you should go with "OMEMO:1".

Criticism

 * The use of the term "Identity Key" is unfortunate. Better suited would be "device key", as it does not make sense that a user has multiple identities.

Further resources

 * Siacs OMEMO Quickstart
 * Using PEP with a different access model
 * Usage in MUCs