Upload
wei-ning-huang
View
1.148
Download
0
Embed Size (px)
Citation preview
About the Speaker • 正在水深火熱中的碩二學生
• 熱愛Python及Open Source
• Involved open source projects: o Gummi LaTeX Editor
o cppman
o PyTox
o ProjectTox-Core
o Toxic
o jToxcore
o …
• More info: http://azhuang.me
Outline • What is Tox?
• Functionality
• Architecture and Design
• Pitfalls and Solutions
• In Progress Features
• Client and Bindings
• Live Demo
What is anyway? • FOSS messaging network, supports A/V (GPLv3)
• Decentralized architecture
• End-to-end encryption
What is anyway? • FOSS messaging network, supports A/V (GPLv3)
• Decentralized architecture
• End-to-end encryption
• Configuration free (does not require registration)
What is anyway? • FOSS messaging network, supports A/V (GPLv3)
• Decentralized architecture
• End-to-end encryption
• Configuration free (does not require registration)
• Secure and easy to use
What is anyway? • FOSS messaging network, supports A/V (GPLv3)
• Decentralized architecture
• End-to-end encryption
• Configuration free (does not require registration)
• Secure and easy to use
• A Skype replacement
Why are we doing this? • We want a free(as in Freedom) and secure
alternative for , since it is “Microsofted”....
Why are we doing this? • We want a free(as in Freedom) and secure
alternative for , since it is “Microsofted”....
• "We don't want to be the next secure chatting program, we want to be the next secure chatting program that people actually use." - Someone on IRC
Why are we doing this? • We want a free(as in Freedom) and secure
alternative for , since it is “Microsofted”....
• "We don't want to be the next secure chatting program, we want to be the next secure chatting program that people actually use." - Someone on IRC
• Current secure chat programs aren't easy to use, at least not for our parents and grandparents normal people
Who started this? • irungentoo
o Real identity is a mystery :P
o Most of the code is implemented by him
Who started this? • irungentoo
o Real identity is a mystery :P
o Most of the code is implemented by him
• Project started up Jun 23, 2013
Who started this? • irungentoo
o Real identity is a mystery :P
o Most of the code is implemented by him
• Project started up Jun 23, 2013
• There are currently about 10 active tox.im developers, including me.
Architecture and Design • Separated core and client, Tox is a library.
• Current implemented features in core:
Architecture and Design • Separated core and client, Tox is a library.
• Current implemented features in core: o Text messages
• Read receipt
• Typing status
Architecture and Design • Separated core and client, Tox is a library.
• Current implemented features in core: o Text messages
• Read receipt
• Typing status
o File transfer (way faster than Skype)
Architecture and Design • Separated core and client, Tox is a library.
• Current implemented features in core: o Text messages
• Read receipt
• Typing status
o File transfer (way faster than Skype)
o Group chat (IRC-like, currently invitation only)
Architecture and Design • Separated core and client, Tox is a library.
• Current implemented features in core: o Text messages
• Read receipt
• Typing status
o File transfer (way faster than Skype)
o Group chat (IRC-like, currently invitation only)
o Audio / Video call support
• Currently only 1-to-1 call supported
• 1-to-many and many-to-many support on the way!
Architecture and Design • Separated core and client, Tox is a library.
• Current implemented features in core: o Text messages
• Read receipt
• Typing status
o File transfer (way faster than Skype)
o Group chat (IRC-like, currently invitation only)
o Audio / Video call support
• Currently only 1-to-1 call supported
• 1-to-many and many-to-many support on the way!
o All communication between clients are encrypted.
DHT • Distributed Hash Table similar to BitTorrent
• Hash table contains ID to IP-Port mapping
Bootstrap Server
Client
NAT
Client Client
LAN Discovery
Client
Client Boostrap
Hole punching
NAT
Friend Requests • Friend requests are routed between clients
• Client list or a list of clients whose ID are mathematically (XOR) closest to us
Friend Requests • Friend requests are routed between clients
• Client list or a list of clients whose ID are mathematically (XOR) closest to us
Alice
Jack
Lucy
Bob
Request
Request
Got Alice’s IP_Port
Using the UDP Protocal • Using UDP, easier for hole punching
• A Lossless UDP protocol on top of UDP
Using the UDP Protocal • Using UDP, easier for hole punching
• A Lossless UDP protocol on top of UDP
• Allow packet drop for A/V data packet
Using the UDP Protocal • Using UDP, easier for hole punching
• A Lossless UDP protocol on top of UDP
• Allow packet drop for A/V data packet
• NAT Traversal: Most NAT works, but symmetric NAT are problematic for now
Encryption • Using Elliptic Curve Cryptography
o Short key length, but still secure
• Using NaCl (Networking and Cryptography library)
Encryption • Using Elliptic Curve Cryptography
o Short key length, but still secure
• Using NaCl (Networking and Cryptography library) o libsodium is prefered
Encryption • Using Elliptic Curve Cryptography
o Short key length, but still secure
• Using NaCl (Networking and Cryptography library) o libsodium is prefered
o crypto_box: curve25519xsalsa20poly1305
• curve25519 for Key exchange
• xsalsa20 for encryption
• poly1305 for message authentication
Encryption • Using Elliptic Curve Cryptography
o Short key length, but still secure
• Using NaCl (Networking and Cryptography library) o libsodium is prefered
o crypto_box: curve25519xsalsa20poly1305
• curve25519 for Key exchange
• xsalsa20 for encryption
• poly1305 for message authentication
• ID == Public Key o Example ID:
4E9D1B82DEE3BD3D4DDA62190873EA40737251A43445E4D517E66230BC4507233533EDD01F24
Pitfalls and Solutions • Attack against DHT
o Sybil attacks: attacker with large resource (e.g. governments) can create a large number of pseudo nodes that does nothing or disrupt network.
Pitfalls and Solutions • Attack against DHT
o Sybil attacks: attacker with large resource (e.g. governments) can create a large number of pseudo nodes that does nothing or disrupt network.
• Metadata Leaking o When routing friend requests, nodes leaks information
about the request’s ID and IP mapping.
o Possible to identify a users’s real identity with IP
Pitfalls and Solutions • Attack against DHT
o Sybil attacks: attacker with large resource (e.g. governments) can create a large number of pseudo nodes that does nothing or disrupt network.
• Metadata Leaking o When routing friend requests, nodes leaks information
about the request’s ID and IP mapping.
o Possible to identify a users’s real identity with IP
• How do we safely exchange ID (Public Key) o Key being swap by a MITM?
Solutions • Attack against DHT
o Periodically check all client’s behavior to see if it’s a bad node.
o The criteria of a good node is strict.
Solutions • Attack against DHT
o Periodically check all client’s behavior to see if it’s a bad node.
o The criteria of a good node is strict.
• Metadata Leaking o Don’t use their long term keypair in DHT, generate a
temporary one when sending friend requests.
o Onion routing for friend requests
Solutions • Attack against DHT
o Periodically check all client’s behavior to see if it’s a bad node.
o The criteria of a good node is strict.
• Metadata Leaking o Don’t use their long term keypair in DHT, generate a
temporary one when sending friend requests.
o Onion routing for friend requests
• How do we safely exchange ID (Public Key) o DNS lookup!
DNS User Discovery • Use DNS TXT record to store the ID, for example:
o tox://[email protected] will be mapped to at TXT record ‘tox1._tox.azhuang.me’
DNS User Discovery • Use DNS TXT record to store the ID, for example:
o tox://[email protected] will be mapped to at TXT record ‘tox1._tox.azhuang.me’
o ‘v=tox1;id=4E9D1B82DEE3BD3D4DDA62190873EA40737251A43445E4D517E66230BC4507233533EDD01F24’
DNS User Discovery • Use DNS TXT record to store the ID, for example:
o tox://[email protected] will be mapped to at TXT record ‘tox1._tox.azhuang.me’
o ‘v=tox1;id=4E9D1B82DEE3BD3D4DDA62190873EA40737251A43445E4D517E66230BC4507233533EDD01F24’
• To prevent DNS poisoning or MITM, use the tox2 protocol (requires a extra pin): o 'v=tox2;pub=4E9D1B82DEE3BD3D4DDA62190873EA407372
51A43445E4D517E66230BC450723;check=1F24‘
DNS User Discovery • Use DNS TXT record to store the ID, for example:
o tox://[email protected] will be mapped to at TXT record ‘tox1._tox.azhuang.me’
o ‘v=tox1;id=4E9D1B82DEE3BD3D4DDA62190873EA40737251A43445E4D517E66230BC4507233533EDD01F24’
• To prevent DNS poisoning or MITM, use the tox2 protocol (requires a extra pin): o 'v=tox2;pub=4E9D1B82DEE3BD3D4DDA62190873EA407372
51A43445E4D517E66230BC450723;check=1F24‘
• tox.se will be available for the public
In Progress Features • DHT Hardening
o Research for more attach patterns
• TCP Server o Route traffic for clients behind symmetric NAT or
enterprise firewalls
o Act like a “Super node” in the Skype network
In Progress Features • DHT Hardening
o Research for more attach patterns
• TCP Server o Route traffic for clients behind symmetric NAT or
enterprise firewalls
o Act like a “Super node” in the Skype network
• A/V improvements o Congestion control and variable bitrate support
o A/V synchronization
Clients and Bindings • Support most platforms
o Windows, Linux, Mac
• Toxic (Ncurses CLI), has audio call support
• Venom (Vala with GTK+)
• Poison (MacOS only)
Clients and Bindings • Support most platforms
o Windows, Linux, Mac
• Toxic (Ncurses CLI), has audio call support
• Venom (Vala with GTK+)
• Poison (MacOS only)
o Mobile
• AnTox (Android), supports QR code scanning
• Toxicity (iOS)
Clients and Bindings • Support most platforms
o Windows, Linux, Mac
• Toxic (Ncurses CLI), has audio call support
• Venom (Vala with GTK+)
• Poison (MacOS only)
o Mobile
• AnTox (Android), supports QR code scanning
• Toxicity (iOS)
• Language bindings: o Python: PyTox (full A/V support)
o jTorecore: used in Antox
How to use? • Just launch any client, and it will generate a
public/private key pair for you
• No login required
How to use? • Just launch any client, and it will generate a
public/private key pair for you
• No login required
• Send your public key to you friends
How to use? • Just launch any client, and it will generate a
public/private key pair for you
• No login required
• Send your public key to you friends
• Add you friends with their public key
How to use? • Just launch any client, and it will generate a
public/private key pair for you
• No login required
• Send your public key to you friends
• Add you friends with their public key
• Start chatting!
PyTox • CDD (Conference Driven Developemnt)
• No A/V support 2 days ago… o The video implementation in core even has some critical
bugs
PyTox • CDD (Conference Driven Developemnt)
• No A/V support 2 days ago… o The video implementation in core even has some critical
bugs
• Full A/V support implemented before OSDC.tw!
PyTox • CDD (Conference Driven Developemnt)
• No A/V support 2 days ago… o The video implementation in core even has some critical
bugs
• Full A/V support implemented before OSDC.tw!
• Leverage the power of Python o An EchoBot can be implement in less than 50 lines of
Python code
o SyncBot: a PoC of PyTox, syncing messages between Tox groupchat and freenode #tox-ontopic
Join Us! • Wiki:
o http://wiki.tox.im/
• Github: o ProjectTox-Core:
https://github.com/irungentoo/ProjectTox-Core
o PyTox: https://github.com/aitjcize/PyTox
• Freenode IRC o #tox, #tox-dev, #tox-ontopic