Security & Privacy

XMPP is a federated protocol, which means you can freely choose a trustworthy server for yourself while still chatting with contacts that are using other servers. The communication between Onion Messenger and the XMPP server as well as the communication between the individual servers is TLS encrypted.

This way, not only your messages are safe but more importantly it is impossible for an outside attacker to intercept your meta data (with whom you are chatting) without attacking your server first.

On top of that, Onion Messenger gives you the choice to enable one of three end-to-end encryption mechanisms. The first one is OMEMO, a state of the art multi-end-to-multi-end encryption method which is very easy to setup and gives you forward secrecy and plausible deniability.

For backwards compatibility reasons Onion Messenger also supports OpenPGP.