My name is Paul Schaub, I am a free software developer and computer science student from Germany.
I’m working on some free software projects in my spare time. In my opinion free software is very important to a free society, since only free software give the user freedom and control over the machine they are using.
This project started as part of my bachelors thesis. smack-omemo is an implementation of OMEMO encryption for the XMPP library Smack. I chose this as the topic of my bachelors thesis, since I’m very interested in cryptography and I believe, that using strong encryption is necessary for a functional democracy. Implementing this functionality is my political activism against the growing surveillance state.
The project is split into two parts. First there is smack-omemo, which encapsulates the XMPP logic and stanza elements. This module does not contain any code related to the double ratchet algorithm as used in the Signal protocol, which OMEMO is based on. Instead it defines some interfaces and abstract methods.
The second part is smack-omemo-signal, which is a concrete implementation of smack-omemo. It contains libsignal-protocol-java, which implements the double ratchet algorithm.
I had to split the project, since libsignal-protocol-java is licensed under the GPL, Smack on the other hand is Apache licensed. Also the modularization makes it easy to port the module to another double ratchet library at a later point in time.
Here you can find the code. Contributors are welcome 🙂
As part of my Google Summer of Code 2018 project, I created an implementation of XEP-0373 and XEP-0374 OpenPGP for XMPP: Instant Messaging for Smack. Together with smack-omemo, this is the second end-to-end encryption implementation I wrote and the second one included in Smack.
Since I needed an easy to use OpenPGP library for java and Android for my GSoC 2018 project, I created PGPainless (https://pgpainless.org).
PGPainless aims to be as simple to use as possible, while offering all functionality that is needed when dealing with OpenPGP encryption.
As a reaction to the german interior ministers decision to allow government spying on popular messengers, I wrote a tutorial in which I show, how easy it is, to create an OMEMO encrypted messenger in less than 200 lines of Java code. This is my political resistance against a dangerous decision made out of either malice or plain stupidity. The tutorial/blog post can be found here. Have fun playing around with it 🙂
When the government fails (or refuses) to protect your communications, you’ll have to take action yourselves.
For quite some time I was maintainig the dandelion* (inofficial) Android app for the social network diaspora* together with @gsantner. I spent many hours enhancing the overall experience of the app by adding features like proxy support and sharing functionalities. Also I spiced up the UI by implementing customizable color themes and animated fragments!
Here you can find the project. We are always looking for new contributors and translators!
A simulation of the Enigma machine for Android. I reverse engineered the mechanics of the cipher machine from Wikipedia articles and tested the interoperability using an online simulator. The app is written in java as most of my projects are.
EnigmAndroid is available on FDroid only, since I want to support free software and do not agree with Googles politics.
If you are interested, please feel free to check it out 🙂
I wrote my bachelors thesis about OMEMO encryption (in German). Here you can take a look for yourselves.
I participated in the Google Summer of Code as a student for the XMPP Standards Foundation. I contributed to Ignite Realtime’s Smack project to implement Jingle File Transfer (XEP-0234) combined with end-to-end encryption.
The project page with an overview of my work can be found here. Below is a list of blog posts I made during that period.
- My GSoC introduction
- GSoC: First week of community bonding
- GSoC: Second, third week of community bonding
- Last week of GSoC Community Bonding
- GSoC – Second week of coding
- Third Week of GSoC
- Fourth week of GSoC and OMEMO thoughts
- GSoC Week 4.1
- GSoC Week 5: Tests, fallbacks and politics
- GSoC Week 6 – Tests and Excitement
- GSoC: Week 7
- GSoC Week 8: Reworking
- GSoC Week 9: Bringing it back to life.
- GSoC Week 10: Finding that damn little bug
- GSoC Week 11: Practical Use
- GSoC Week 11.5: Success!
- Final GSoC Blog Post – Results
This year I got another opportunity to work full time on Smack for 3 months. This time my project is an implementation of OpenPGP for XMPP (XEP-0373 and XEP-0374) for Smack. As you can see, I really like cryptography 😉
The project page can be found here.
- Another Summer of Code with Smack
- Summer of Code: Preparations
- Summer of Code: The plan. Act 1: OpenPGP
- Summer of Code: Small steps
- Summer of Code: The Plan. Act 1: OpenPGP, Part Two
- Summer of Code: Quick Update
- Summer of Code: Bug found!
- Summer of Code: Advancing the prototype
- Summer of Code: Polishing the API
- Summer of Code: Command Line OX Client!
- Summer of Code: PGPainless 2.0
- Summer of Code: Evaluation and Key Lengths
- Summer of Code: The demotivating week
- Summer of Code: An (almost) three line fix to a three days problem
- Summer of Code: Checkstyle to the rescue!
- Summer of Code: Second evaluation phase
- Summer of Code: Plan for the grand finale
- Summer of Code: First PGPainless Release!
- Summer of Code: Finalizing the PR
- Summer of Code: Smack has OpenPGP Support!
XMPP Extension Protocols
- XEP-0391: Jingle Encrypted Transports (JET)
This extension is intended to allow end-to-end encrypted Jingle sessions.
- XEP-0396: Jingle Encrypted Transports – OMEMO
JET-OMEMO is a profile of XEP-0391 for OMEMO.
- XEP-0420: Stanza Content Encryption (SCE)
SCE is a proposal that extends the scope of e2ee in XMPP from just the body to arbitrary message extensions.
- XEP-0429: Special Interests Group End to End Encryption
SIG-E2EE proposes the formation of a work group that focuses on advancing end-to-end encryption mechanisms in XMPP.
If you want to get in touch with me, you can find me on mastodon. I’m also a supporter of the FSFE, so if you want to send me a mail, feel free to do so via my FSFE address. Here you can find my PGP-Key.
You can also reach out to me via XMPP: email@example.com
My OMEMO fingerprints are:
- e8a7b123 6b850b46 7a5092c0 bdfea86a 53e36842 83a1d5fe 26ef5872 dd0aef41 (Desktop)
- e64dc916 6dd34db6 4c9247bd 502c5969 e365a98f 3aa41c87 247d1204 87fdd32f (Phone)
- be383db9 bcea3a63 237b09c9 79d9bf17 5ec9aa57 4da2a980 09c0d5f8 6d621e64 (Laptop)