The Evolution of Encrypted IM Messenging Platforms – The Rise and Future of the OMEMO Protocol – An Analysis

Dear blog readers,

I’ve decided to share with everyone an article that I’ve been recently working on namely the rise of the OMEMO real-time Jabber/XMPP encryption protocol and also discuss in-depth the security risks involved in OMEMO type of communications including to offer practical security and privacy recommendation advice which I originally wrote for my ex-employer Armadillo Phone.

In a modern and vibrant secure and encrypted mobile device ecosystem facing various hardware and physical security type of threats including the general rise of insecure WiFi hotspots and various other factors including the rise of various nation-state and rogue and malicious advanced persistent threat type of malicious and fraudulent campaigns a new protocol has recently emerged called OMEMO basically limiting the burden of online ID verification mechanisms and adding a new set of privacy and security enhancing features to modern instant messaging applications making it hard potentially virtually impossible for a malicious attacker to eavesdrop and intercept an OMEMO user’s personal private including sensitive and personally identifiable information further aiming to commit financial fraud and launch a variety of social engineering campaigns aimed at targeting the victim’s address book and the confidentiality availability and integrity of their devices further exposing the mobile device to a multi-tude of malicious and fraudulent software and rogue and malicious campaigns.

Protocol Introduction

What exactly is OMEMO? Long story short it’s an OTR and OpenPGP-based communication protocol that actually has a lot of new improvements in terms of privacy and security including interoperability between multiple IM clients and mobile applications courtesy of different vendors. Compared to OTR (Off-the-Record) which basically allows single-user type of secure and encrypted communication the OMEMO protocol actually allows multi-user type of data and information exchange further strengthening the protocol’s position on the market for secure mobile IM (instant messaging) applications.

Basic OTR Protocol Overview in the context of the global growing cybercrime trend

Throughout the years Jabber’s OTR (Off-the-Record) plugin and feature quickly became the de-facto communication channel for a huge portion of Eastern European and Russia-based cybercriminals looking for ways to properly offer and present their cybercrime-friendly services including to actively communicate with each other for the purpose of managing and launching cybercrime-friendly online communities including to actually offer a newly launched cybercrime-friendly service or a tool and actually reach out to current and potential customers in a secure fashion. It should be worth pointing out over 98% of Russian and Eastern European cybercrime-friendly propositions actively rely on the use of public and private proprietary Jabber-based servers and active OTR (Off-the-Record) type of communications. How does the process work in terms of Russian and Eastern European cybercrime gangs and groups? Pretty simple. Basically the cybercriminal in question would either use a custom-made and set up proprietary Jabber-server or a publicly accessible one in combination with a popular off-the-shelf or proprietary offshore VPN service provider to actually attempt to hide the actual metadata from law enforcement and would then include the actual contact details in terms of user ID within the actual cybercrime-friendly proposition which on the majority of occasions is a newly launched stolen and compromised credit card shop or a newly launched cybercrime-friendly service aiming to assist novice or experienced cybercriminals on their way to commit financial fraud online.

The following mobile device IM clients are known be currently compatible with the OMEMO secure and privacy-enhancing protocol:

• BeagleIM
• ChatSecure
• Conversations
• Cryptocat
• Dino
• Gajim
• Psi
• Adium
• Profanity
• SiskinIM

Possible Threat Modelling Scenarios

It should be worth pointing out that on the vast majority of occasions the majority of IM-based encryption protocols are perfectly suited to respond and actually protect against a large portion of modern eavesdropping and surveillance campaigns. It should be also noted that a direct compromise of the actual mobile device or a device in question might be successfully acting as the “weakest link” in the entire secure and privacy-conscious communication chain including the actual impersonation attacks launched against a specific participant in the actual communication next to good old fashioned social engineering type of campaigns.

Possible physical security and network-based attack scenarios:

 – physical device compromise 

A possible device compromise through device stealing or actually obtaining a physical copy of the device for digital forensic examination by third-parties. Users interested in protecting their personal including sensitive IM communication should definitely look into using time-expiring messages with a short period of time and actually take advantage of Armadillo Phone’s built-in advanced physical protection features including the availability of anti-theft token and NRC physical authentication card including heavy reliance on off-the-shelf and heavily modified going beyond industry-standards implementation of popular encryption ciphers.

 – network communication provider compromise 

Among the key factors to consider when attempting to actually launch an encrypted IM conversation with a colleague or a friend including possible third-party that also includes a journalist or a free speech writer is to ensure that the network infrastructure provider has taken all the necessary measures to protect its network from external and internal cyber attacks including plain simple social engineering attempts and active network-based reconnaissance and actual network-based infrastructure compromise. A possible attack surface mitigation scenario here would be the use of a vendor-specific VPN (Virtual Private Network) further ensuring that the actual metadata including actual traffic obfuscation will prevent possible man-in-the-middle attacks launched through the use of insecure WiFi hotspots or the actual GSM-based 3G/4G/5G type of network connectivity infrastructure.

The Armadillo Phone has a built-in VPN (Virtual Private Network) service built-in which is free of charge and can heavily assist in possible network-based metadata obfuscation including actual network-traffic obfuscation making it harder for a malicious attacker including rogue actors to actually attempt to launch a possible eavesdropping or active traffic interception or surveillance campaign.

A rather practical and often neglected privacy-conscious advice would be to periodically verify the actual participant’s fingerprint by asking a very specific question that only he knows the answer to.

Stay tuned!

*** This is a Security Bloggers Network syndicated blog from Dancho Danchev's Blog - Mind Streams of Information Security Knowledge authored by Dancho Danchev. Read the original post at: http://ddanchev.blogspot.com/2022/01/the-evolution-of-encrypted-im.html