ProjectTox: Free as in freedom Skype replacement

ProjectTox Free as in freedom Skype

replacement

Wei-Ning Huang (AZ)

About the Speaker • 正在水深火熱中的碩二學生

• 熱愛Python及Open Source

• Involved open source projects: o Gummi LaTeX Editor

o cppman

o PyTox

o ProjectTox-Core

o Toxic

o jToxcore

o …

• More info: http://azhuang.me

Outline • What is Tox?

• Functionality

• Architecture and Design

• Pitfalls and Solutions

• In Progress Features

• Client and Bindings

• Live Demo

What is anyway?

What is anyway? • FOSS messaging network, supports A/V (GPLv3)

What is anyway? • FOSS messaging network, supports A/V (GPLv3)

• Decentralized architecture

What is anyway? • FOSS messaging network, supports A/V (GPLv3)

• Decentralized architecture

• End-to-end encryption

What is anyway? • FOSS messaging network, supports A/V (GPLv3)

• Decentralized architecture

• End-to-end encryption

• Configuration free (does not require registration)

What is anyway? • FOSS messaging network, supports A/V (GPLv3)

• Decentralized architecture

• End-to-end encryption

• Configuration free (does not require registration)

• Secure and easy to use

What is anyway? • FOSS messaging network, supports A/V (GPLv3)

• Decentralized architecture

• End-to-end encryption

• Configuration free (does not require registration)

• Secure and easy to use

• A Skype replacement

Why are we doing this?

Why are we doing this?

Why are we doing this?

Why are we doing this? 4chan/g/

Why are we doing this? 4chan/g/

Why are we doing this?

Why are we doing this?

Why are we doing this?

馬卡茸表示：如果沒做錯事，就不用怕監聽!

圖片來自插畫家謝立聖

Why are we doing this?

馬卡茸表示：如果沒做錯事，就不用怕監聽!

圖片來自插畫家謝立聖

???

Why are we doing this?

馬卡茸表示：如果沒做錯事，就不用怕監聽!

圖片來自插畫家謝立聖

???

Why are we doing this?

馬卡茸表示：如果沒做錯事，就不用怕監聽!

圖片來自插畫家謝立聖

憲法第十二條：「人民有祕密通訊之自由」

???

Why are we doing this?

Why are we doing this? • We want a free(as in Freedom) and secure

alternative for , since it is “Microsofted”....

Why are we doing this? • We want a free(as in Freedom) and secure

alternative for , since it is “Microsofted”....

• "We don't want to be the next secure chatting program, we want to be the next secure chatting program that people actually use." - Someone on IRC

Why are we doing this? • We want a free(as in Freedom) and secure

alternative for , since it is “Microsofted”....

• "We don't want to be the next secure chatting program, we want to be the next secure chatting program that people actually use." - Someone on IRC

• Current secure chat programs aren't easy to use, at least not for our parents and grandparents normal people

Who started this?

Who started this? • irungentoo

o Real identity is a mystery :P

o Most of the code is implemented by him

Who started this? • irungentoo

o Real identity is a mystery :P

o Most of the code is implemented by him

• Project started up Jun 23, 2013

Who started this? • irungentoo

o Real identity is a mystery :P

o Most of the code is implemented by him

• Project started up Jun 23, 2013

• There are currently about 10 active tox.im developers, including me.

Architecture and Design

Architecture and Design • Separated core and client, Tox is a library.

Architecture and Design • Separated core and client, Tox is a library.

• Current implemented features in core:

Architecture and Design • Separated core and client, Tox is a library.

• Current implemented features in core: o Text messages

• Read receipt

• Typing status

Architecture and Design • Separated core and client, Tox is a library.

• Current implemented features in core: o Text messages

• Read receipt

• Typing status

o File transfer (way faster than Skype)

Architecture and Design • Separated core and client, Tox is a library.

• Current implemented features in core: o Text messages

• Read receipt

• Typing status

o File transfer (way faster than Skype)

o Group chat (IRC-like, currently invitation only)

Architecture and Design • Separated core and client, Tox is a library.

• Current implemented features in core: o Text messages

• Read receipt

• Typing status

o File transfer (way faster than Skype)

o Group chat (IRC-like, currently invitation only)

o Audio / Video call support

• Currently only 1-to-1 call supported

• 1-to-many and many-to-many support on the way!

Architecture and Design • Separated core and client, Tox is a library.

• Current implemented features in core: o Text messages

• Read receipt

• Typing status

o File transfer (way faster than Skype)

o Group chat (IRC-like, currently invitation only)

o Audio / Video call support

• Currently only 1-to-1 call supported

• 1-to-many and many-to-many support on the way!

o All communication between clients are encrypted.

DHT

DHT • Distributed Hash Table similar to BitTorrent

DHT • Distributed Hash Table similar to BitTorrent

• Hash table contains ID to IP-Port mapping

DHT • Distributed Hash Table similar to BitTorrent

• Hash table contains ID to IP-Port mapping

Bootstrap Server

Client

NAT

Client Client

LAN Discovery

Client

Client Boostrap

Hole punching

NAT

Friend Requests

Friend Requests • Friend requests are routed between clients

Friend Requests • Friend requests are routed between clients

• Client list or a list of clients whose ID are mathematically (XOR) closest to us

Friend Requests • Friend requests are routed between clients

• Client list or a list of clients whose ID are mathematically (XOR) closest to us

Alice

Jack

Lucy

Bob

Request

Request

Got Alice’s IP_Port

Using the UDP Protocal • Using UDP, easier for hole punching

Using the UDP Protocal • Using UDP, easier for hole punching

• A Lossless UDP protocol on top of UDP

Using the UDP Protocal • Using UDP, easier for hole punching

• A Lossless UDP protocol on top of UDP

• Allow packet drop for A/V data packet

Using the UDP Protocal • Using UDP, easier for hole punching

• A Lossless UDP protocol on top of UDP

• Allow packet drop for A/V data packet

• NAT Traversal: Most NAT works, but symmetric NAT are problematic for now

Encryption • Using Elliptic Curve Cryptography

o Short key length, but still secure

Encryption • Using Elliptic Curve Cryptography

o Short key length, but still secure

• Using NaCl (Networking and Cryptography library)

Encryption • Using Elliptic Curve Cryptography

o Short key length, but still secure

• Using NaCl (Networking and Cryptography library) o libsodium is prefered

Encryption • Using Elliptic Curve Cryptography

o Short key length, but still secure

• Using NaCl (Networking and Cryptography library) o libsodium is prefered

o crypto_box: curve25519xsalsa20poly1305

• curve25519 for Key exchange

• xsalsa20 for encryption

• poly1305 for message authentication

Encryption • Using Elliptic Curve Cryptography

o Short key length, but still secure

• Using NaCl (Networking and Cryptography library) o libsodium is prefered

o crypto_box: curve25519xsalsa20poly1305

• curve25519 for Key exchange

• xsalsa20 for encryption

• poly1305 for message authentication

• ID == Public Key o Example ID:

4E9D1B82DEE3BD3D4DDA62190873EA40737251A43445E4D517E66230BC4507233533EDD01F24

Pitfalls and Solutions

Pitfalls and Solutions • Attack against DHT

o Sybil attacks: attacker with large resource (e.g. governments) can create a large number of pseudo nodes that does nothing or disrupt network.

Pitfalls and Solutions • Attack against DHT

o Sybil attacks: attacker with large resource (e.g. governments) can create a large number of pseudo nodes that does nothing or disrupt network.

• Metadata Leaking o When routing friend requests, nodes leaks information

about the request’s ID and IP mapping.

o Possible to identify a users’s real identity with IP

Pitfalls and Solutions • Attack against DHT

o Sybil attacks: attacker with large resource (e.g. governments) can create a large number of pseudo nodes that does nothing or disrupt network.

• Metadata Leaking o When routing friend requests, nodes leaks information

about the request’s ID and IP mapping.

o Possible to identify a users’s real identity with IP

• How do we safely exchange ID (Public Key) o Key being swap by a MITM?

Solutions • Attack against DHT

o Periodically check all client’s behavior to see if it’s a bad node.

o The criteria of a good node is strict.

Solutions • Attack against DHT

o Periodically check all client’s behavior to see if it’s a bad node.

o The criteria of a good node is strict.

• Metadata Leaking o Don’t use their long term keypair in DHT, generate a

temporary one when sending friend requests.

o Onion routing for friend requests

Solutions • Attack against DHT

o Periodically check all client’s behavior to see if it’s a bad node.

o The criteria of a good node is strict.

• Metadata Leaking o Don’t use their long term keypair in DHT, generate a

temporary one when sending friend requests.

o Onion routing for friend requests

• How do we safely exchange ID (Public Key) o DNS lookup!

DNS User Discovery

DNS User Discovery • Use DNS TXT record to store the ID, for example:

o tox://[email protected] will be mapped to at TXT record ‘tox1._tox.azhuang.me’

DNS User Discovery • Use DNS TXT record to store the ID, for example:

o tox://[email protected] will be mapped to at TXT record ‘tox1._tox.azhuang.me’

o ‘v=tox1;id=4E9D1B82DEE3BD3D4DDA62190873EA40737251A43445E4D517E66230BC4507233533EDD01F24’

DNS User Discovery • Use DNS TXT record to store the ID, for example:

o tox://[email protected] will be mapped to at TXT record ‘tox1._tox.azhuang.me’

o ‘v=tox1;id=4E9D1B82DEE3BD3D4DDA62190873EA40737251A43445E4D517E66230BC4507233533EDD01F24’

• To prevent DNS poisoning or MITM, use the tox2 protocol (requires a extra pin): o 'v=tox2;pub=4E9D1B82DEE3BD3D4DDA62190873EA407372

51A43445E4D517E66230BC450723;check=1F24‘

DNS User Discovery • Use DNS TXT record to store the ID, for example:

o tox://[email protected] will be mapped to at TXT record ‘tox1._tox.azhuang.me’

o ‘v=tox1;id=4E9D1B82DEE3BD3D4DDA62190873EA40737251A43445E4D517E66230BC4507233533EDD01F24’

• To prevent DNS poisoning or MITM, use the tox2 protocol (requires a extra pin): o 'v=tox2;pub=4E9D1B82DEE3BD3D4DDA62190873EA407372

51A43445E4D517E66230BC450723;check=1F24‘

• tox.se will be available for the public

In Progress Features

In Progress Features • DHT Hardening

o Research for more attach patterns

In Progress Features • DHT Hardening

o Research for more attach patterns

• TCP Server o Route traffic for clients behind symmetric NAT or

enterprise firewalls

o Act like a “Super node” in the Skype network

In Progress Features • DHT Hardening

o Research for more attach patterns

• TCP Server o Route traffic for clients behind symmetric NAT or

enterprise firewalls

o Act like a “Super node” in the Skype network

• A/V improvements o Congestion control and variable bitrate support

o A/V synchronization

Clients and Bindings

Clients and Bindings

Clients and Bindings • Support most platforms

Clients and Bindings • Support most platforms

o Windows, Linux, Mac

• Toxic (Ncurses CLI), has audio call support

• Venom (Vala with GTK+)

• Poison (MacOS only)

Clients and Bindings • Support most platforms

o Windows, Linux, Mac

• Toxic (Ncurses CLI), has audio call support

• Venom (Vala with GTK+)

• Poison (MacOS only)

o Mobile

• AnTox (Android), supports QR code scanning

• Toxicity (iOS)

Clients and Bindings • Support most platforms

o Windows, Linux, Mac

• Toxic (Ncurses CLI), has audio call support

• Venom (Vala with GTK+)

• Poison (MacOS only)

o Mobile

• AnTox (Android), supports QR code scanning

• Toxicity (iOS)

• Language bindings: o Python: PyTox (full A/V support)

o jTorecore: used in Antox

How to use? • Just launch any client, and it will generate a

public/private key pair for you

How to use? • Just launch any client, and it will generate a

public/private key pair for you

• No login required

How to use? • Just launch any client, and it will generate a

public/private key pair for you

• No login required

• Send your public key to you friends

How to use? • Just launch any client, and it will generate a

public/private key pair for you

• No login required

• Send your public key to you friends

• Add you friends with their public key

How to use? • Just launch any client, and it will generate a

public/private key pair for you

• No login required

• Send your public key to you friends

• Add you friends with their public key

• Start chatting!

PyTox

PyTox • CDD (Conference Driven Developemnt)

PyTox • CDD (Conference Driven Developemnt)

• No A/V support 2 days ago… o The video implementation in core even has some critical

bugs

PyTox • CDD (Conference Driven Developemnt)

• No A/V support 2 days ago… o The video implementation in core even has some critical

bugs

• Full A/V support implemented before OSDC.tw!

PyTox • CDD (Conference Driven Developemnt)

• No A/V support 2 days ago… o The video implementation in core even has some critical

bugs

• Full A/V support implemented before OSDC.tw!

• Leverage the power of Python o An EchoBot can be implement in less than 50 lines of

Python code

o SyncBot: a PoC of PyTox, syncing messages between Tox groupchat and freenode #tox-ontopic

PyTox

Live Demo

Join Us! • Wiki:

o http://wiki.tox.im/

• Github: o ProjectTox-Core:

https://github.com/irungentoo/ProjectTox-Core

o PyTox: https://github.com/aitjcize/PyTox

• Freenode IRC o #tox, #tox-dev, #tox-ontopic