Freedombone Blog

Freedom in the Cloud

Adding Padding to OMEMO

I've enabled OMEMO padding within DarkMessenger. This regularizes the message lengths to a minimum of 64 bytes, and thereafter quantized in chunks of 32 bytes. If you are a passive adversary listening on the wire then regardless of how random-looking the cyphertext may be, message lengths still reveal some (probably small, but not zero) amount of information about the conversation. It may be possible to use small and common messages, such as "hi" or "ok", or common emojis, as cribs to then begin to attempt decryption. Having a minimum message length and quantized plaintext lengths removes that as a possibility such that from the passive "bulk surveillance" point of view messages all look quite similar and are harder to track through multiple onion unwraps.

OMEMO padding was a patch I submitted a few years ago, but because it's not in the XEP it never made it into production. A random sequence of spaces and tabs are added before the beginning and after the end of every message such that its length becomes a multiple of 32. On the receiving end the plaintext is trimmed to remove the padding. This has the advantage that even if the message "hi" is being sent an adversary doesn't necessarily know where within the 64 byte padded string the text begins.

The new DarkMessenger version (1.1.00) can be downloaded here.