Profanity Illustration

User Guide

OMEMO Encryption


Current state

Profanity has OMEMO support since 0.7.0. Regular 1:1 chats should work without problems. We consider OMEMO MUC as experimental. You might encounter problems there. Make sure to check our tracker bug for details. And report anything you find on the issue tracker.

Enabling carbons (/carbons on) is recommended in order to enhance OMEMO and overall chat experience.

To be able to read on other devices (eg your phone) what you wrote on profanity you need to trust the fingerprints of your other devices manually (/omemo fingerprint ).

Filetranser is OMEMO encrypted since Profanity 0.10.0 via the proto XEP.

/omemo fingerprint does autocomplete all fingerprints not just the ones for the JID mentioned.

Building with OMEMO support

OMEMO is an XMPP Extension Protocol (XEP) for secure multi-client end-to-end encryption. It is an open standard based on a Double Ratchet and PEP.

Profanity supports OMEMO only if you build from current git master. Support is planned for the 0.7.0 release.

If you have libsignal-protocol-c installed, support will be included by default. To force the build to fail if support cannot be included, configure with the following:

./configure --enable-omemo

Supported libsignal-protocol-c versions are 2.3.1, and 2.3.2.


Generating Crypto Materials

Before you can start using OMEMO for a particular account, you must generate the cryptographic material. Use the following command:

/omemo gen

A message will appear informing you that the key is being generated which may take a few minutes. We use /dev/random for this.

If the generation takes a long time you can try to move the mouse or install an entropy daemon, such as haveged, to increase the available entropy.

Once you have generated a key, you will not need to do so again. If you want to check your own fingerprint or see the fingerprints of your other devices type:

/omemo fingerprint

Hint: To be able to receive messages from your other devices you need to enable carbons. Also trust your own devices analogous to your buddies fingerprints, as described in the next paragraph.

/carbons on

Fingerprint authentication

Before you can start talking with a contact you need to authenticate him by trusting his fingerprint(s).

You should exchange fingerprints with your contact's via another secure communication channel. To display your fingerprint, use the following command:

/omemo fingerprint

To view the fingerprint of a contact use the following command:

/omemo fingerprint bob

If the fingerprint you see matches the fingerprint you communicated via another means, you can manually authenticate the contact with the following command:

/omemo trust 7ef54f6a-af23d766-efc9a4ea-da6fca40-3e8a5c82-9c46e4a4-e4c7230f-937b9144

You can untrust a contact at anytime using the following command:

/omemo untrust 7ef54f6a-af23d766-efc9a4ea-da6fca40-3e8a5c82-9c46e4a4-e4c7230f-937b9144

Starting a private conversation

Once the cryptographic material is present and you trusted your contacts fingerprint(s) you can start a private conversation with another contact that uses an OMEMO capable client

To start a new conversation using OMEMO:

/omemo start bob@ejabberd.local

If you are already in a conversation window without OMEMO, you can start sending encrypted messages with the same command omitting the contact:

/omemo start bob

The [OMEMO] shown in the titlebar indicates that the conversation is now encrypted.

Setting OMEMO policy

By default, OMEMO sessions must be started manually using the /omemo start command.

The following three settings are available:

manual - The default. Unencrypted messaging is allowed, OMEMO sessions must be started manually.

automatic - If you start an OMEMO session with a contact once via /omemo start it will remember the OMEMO session for this contact. So if you restart Profanity and use /msg bob@ejabberd.local it will OMEMO encrypt the conversation. You can stop this with /omemo stop.

always - OMEMO sessions are always started. Until you use /omemo stop.

User Interface options

By default, an indicator is displayed in the titlebar when no encryption is being used.

This indicator can be removed using the /encwarn command.

/encwarn off

Both incoming and outgoing plaintext messages are always preceeded by the '-' character.

By default OMEMO encrypted messages are preceeded by the '*' character.

This character can be changed using the /omemo char command.

/omemo char O

OMEMO message logging

The /omemo log command may be used with the following options to control if and how OMEMO messages are recorded in chat logs.

OMEMO messages will be logged in plaintext
OMEMO messages will be logged, but the message will be replaced with the text '[redacted]'.
OMEMO messages will not be logged.

For the on and redact settings, chat logging must also be enabled with the /chlog command.