axolotl, OMEMO vs OpenPGP

Bernhard Reiter bernhard at intevation.de
Mon Mar 21 16:33:34 CET 2016


Hi Friends of GnuPG,

right now I am thinking about the properties and use cases
for OpenPGP compared to axolotl [1] and OMEMO [2].

The advertisment page for Conversation's OMEMO support [3]
claims that it is superior to OpenPGP:

| OMEMO not only gives you a better encryption features than OpenPGP and OTR 
| but is also much easier to setup.  

And I wonder in which situations this is true.
OMEMO says it does the trick of being "forward secret" and 
offline capable. Is this even possible while being end-to-end, 
e.g. not trusting a service provider?

If I am offline I could not create ephemeral session keys
or does this depend on previously exchanged keys?

Any thoughts?
Does somebody has pointer to in depth analysis?

Best,
Bernhard

[1] https://en.wikipedia.org/wiki/Axolotl_%28protocol%29
[2] https://en.wikipedia.org/wiki/OMEMO
[3] https://conversations.im/omemo/
-- 
www.intevation.de/~bernhard (CEO)    www.fsfe.org (Founding GA Member)
Intevation GmbH, Osnabrück, Germany; Amtsgericht Osnabrück, HRB 18998
Owned and run by Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20160321/1c8ff833/attachment.sig>


More information about the Gnupg-devel mailing list