Should we consider using Simplex instead of the current default and by Whonix documentation preferred XMPP with OMEMO encryption?
I found following statements:
1. Metadata on XMPP chat
XMPP server can see your digital identity like your public key (this is important for the comparison); who is communicating with whom; when one is communicating (the precise timeframe); for how long the session goes; login-logout times; whole social graph; size of the messages; packet patterns; the encryption is quantum-nonresistant.
2. MITM attack XMPP chat
The XMPP server can act as a Man In The Middle and if the attack is successful, the server can read the messages of the communicating parties in the plain, unencrypted. The only protection is to check the fingerprints of the communicating parties through a separate secure channel.
Advantages of Simplex over XMPP
- basically no metadata leaking to the servers
- there are no identities, not even random numbers, server don’t have any way to identify a “user” because there are no “users” to spy on
- multilayer connection padding where every message has the same size (this even improves on Tor), frustrating the adversarial message size attack. Servers and network observers cannot distinguish in between messages - all messages have precisely the same size.
- all messages are mixed, so the order in which they were received is not the same order they were sent out (this even improves on Tor), frustrating the correlation attacks
- the SimpleX uses quantum resistant NTRU as a very robust encapsulation mechanism combining the standard encryption with the PQC, battle-proved in the wild for many years instead of the KEM that seems to be sensitive to some attacks, because it is based on latices
- you can have a unique connection to your every contact with the Incognito mode functionality, in a single app, using completely different channels and servers (that don’t see a shit) for every contact
- it is MITM resistant, no need to manually prove anything
- e2ee voice messages, voice calls, video calls
- it has not only PFS but also the BIR (Break In Recovery) feature
- it has the Unidirectional Message Queues, that frustrate the adversary analysis of packet direction flows
- no need to check the fingerprint manually through a different secure channel - MITM is not possible
- no identity to spy on, not even a temporary numbers
- every single contact can be connected to you through a different channel - no social graph building possible
- message padding - no size analysis possible
- message mixing - all deanon attacks related to the order of the messages are dead. This even improves Tor anonymity.
- PQ encryption for 10+ years of information protection lifetime
I could not find information about OMEMO and post-quantum security.