Difference between revisions of "XMPP client encryption"

From WIKI
(Comparison OMEMO vs PGP vs OTR)
(Comparison OMEMO vs PGP vs OTR)
Line 51: Line 51:
 
| style="background-color:#98ff98"| No
 
| style="background-color:#98ff98"| No
 
| style="background-color:#98ff98"| No
 
| style="background-color:#98ff98"| No
| style="background-color:#98ff98"| No. By default on [https://404.city/ 404.city] it is forbidden to connect to servers that have invalid certificates, invalid connection will be reset. '''Warning:''' many servers have valide sertificate, but allow connections with other untrusted servers
+
| style="background-color:#98ff98"| No. By default on [https://404.city/ 404.city] it is forbidden to connect to servers that have invalid certificates, invalid connection will be reset. '''Warning:''' many servers have valide sertificate, but allow connections with other untrusted servers. Using untrusted servers allows the ISP to watch messages without e2e
   
 
|-
 
|-

Revision as of 11:43, 23 June 2020

XMPP-client E2E encryption - This is the encryption that XMPP clients produces. The keys are stored on devices and the message text is not available to the server.

OMEMO

Logo of OMEMO
  • Easy for use. Can be used for newbies and housewives.
  • Medium security level. The most modern encryption level. Open-source cloned protocol for Signal and WhatsApp encryption.
  • correspondence synchronization available
  • Stable working on bad internet connections
  • Not available to recover old messages after re-installing XMPP client

PGP

Richard Stallman use PGP
  • Hard for use. Suitable for Stallman.
  • The highest level of security, but if the key is stolen from the device, it is possible to recover old deleted messages. Used by NSA, american goverement and military
  • correspondence synchronization available
  • Stable working on bad internet connections
  • Available to recover old messages after re-installing XMPP client

OTR

Julian Assange's and Wikileaks used OTR
  • medium difficulty for use
  • Medium security level. Julian Assange's and Wikileaks favorite cipher. OTR was used by Snowden to contact journalists.
  • correspondence synchronization is not available
  • Unstable working with bad internet connections
  • Not available to recover old messages after re-installing XMPP client

Plain text

  • Easy for use
  • Bad security level. E2E is not used. Only server-side encryption Your messages are encrypted on the way to the server, but is not encrypted at the server.
  • Correspondence synchronization by default
  • Stable working with bad internet connections
  • Available to recover old messages after re-installing XMPP client


Comparison OMEMO vs PGP vs OTR

OMEMO PGP OTR Plain text
Can your ISP see the text of your messages? No No No No. By default on 404.city it is forbidden to connect to servers that have invalid certificates, invalid connection will be reset. Warning: many servers have valide sertificate, but allow connections with other untrusted servers. Using untrusted servers allows the ISP to watch messages without e2e
Can your server see the text of your messages? No No No Yes


Encryption in group chats Yes (For private room. In group chats with free access, e2e encryption loses its meaning) No No No
Encryption files Yes Partical (Manual ecncrypt files availble) No (some clients support) No


Strong encryption Home use Military use Home use No
Recovery old history from server if key avalible No Yes No Yes
Independent Audit of Encryption Security Yes Yes Yes No encryption
Offline message delivery Yes Yes Message Delivery Failures Yes
User-friendly Yes No No Yes
Connect multiple devices Yes Yes No Yes

Recomendation

As part of this review. It is recommended to use OMEMO or PGP encryption, because OTR is an outdated encryption that does not support new features. The use of clear text in messages is acceptable for the transfer of of non-sensitive data.