• Decentralized architecture • End-to-end encryption • Configuration free (does not require registration) • Secure and easy to use • A Skype replacement
in Freedom) and secure alternative for , since it is “Microsofted”.... • "We don't want to be the next secure chatting program, we want to be the next secure chatting program that people actually use." - Someone on IRC
in Freedom) and secure alternative for , since it is “Microsofted”.... • "We don't want to be the next secure chatting program, we want to be the next secure chatting program that people actually use." - Someone on IRC • Current secure chat programs aren't easy to use, at least not for our parents and grandparents normal people
mystery :P o Most of the code is implemented by him • Project started up Jun 23, 2013 • There are currently about 10 active tox.im developers, including me.
a library. • Current implemented features in core: o Text messages • Read receipt • Typing status o File transfer (way faster than Skype) o Group chat (IRC-like, currently invitation only)
a library. • Current implemented features in core: o Text messages • Read receipt • Typing status o File transfer (way faster than Skype) o Group chat (IRC-like, currently invitation only) o Audio / Video call support • Currently only 1-to-1 call supported • 1-to-many and many-to-many support on the way!
a library. • Current implemented features in core: o Text messages • Read receipt • Typing status o File transfer (way faster than Skype) o Group chat (IRC-like, currently invitation only) o Audio / Video call support • Currently only 1-to-1 call supported • 1-to-many and many-to-many support on the way! o All communication between clients are encrypted.
punching • A Lossless UDP protocol on top of UDP • Allow packet drop for A/V data packet • NAT Traversal: Most NAT works, but symmetric NAT are problematic for now
but still secure • Using NaCl (Networking and Cryptography library) o libsodium is prefered o crypto_box: curve25519xsalsa20poly1305 • curve25519 for Key exchange • xsalsa20 for encryption • poly1305 for message authentication
but still secure • Using NaCl (Networking and Cryptography library) o libsodium is prefered o crypto_box: curve25519xsalsa20poly1305 • curve25519 for Key exchange • xsalsa20 for encryption • poly1305 for message authentication • ID == Public Key o Example ID: 4E9D1B82DEE3BD3D4DDA62190873EA40737251A4 3445E4D517E66230BC4507233533EDD01F24
attacker with large resource (e.g. governments) can create a large number of pseudo nodes that does nothing or disrupt network. • Metadata Leaking o When routing friend requests, nodes leaks information about the request’s ID and IP mapping. o Possible to identify a users’s real identity with IP
attacker with large resource (e.g. governments) can create a large number of pseudo nodes that does nothing or disrupt network. • Metadata Leaking o When routing friend requests, nodes leaks information about the request’s ID and IP mapping. o Possible to identify a users’s real identity with IP • How do we safely exchange ID (Public Key) o Key being swap by a MITM?
behavior to see if it’s a bad node. o The criteria of a good node is strict. • Metadata Leaking o Don’t use their long term keypair in DHT, generate a temporary one when sending friend requests. o Onion routing for friend requests
behavior to see if it’s a bad node. o The criteria of a good node is strict. • Metadata Leaking o Don’t use their long term keypair in DHT, generate a temporary one when sending friend requests. o Onion routing for friend requests • How do we safely exchange ID (Public Key) o DNS lookup!
the ID, for example: o tox://[email protected] will be mapped to at TXT record ‘tox1._tox.azhuang.me’ o ‘v=tox1;id=4E9D1B82DEE3BD3D4DDA62190873EA40 737251A43445E4D517E66230BC4507233533EDD01F2 4’
the ID, for example: o tox://[email protected] will be mapped to at TXT record ‘tox1._tox.azhuang.me’ o ‘v=tox1;id=4E9D1B82DEE3BD3D4DDA62190873EA40 737251A43445E4D517E66230BC4507233533EDD01F2 4’ • To prevent DNS poisoning or MITM, use the tox2 protocol (requires a extra pin): o 'v=tox2;pub=4E9D1B82DEE3BD3D4DDA62190873EA407372 51A43445E4D517E66230BC450723;check=1F24‘
the ID, for example: o tox://[email protected] will be mapped to at TXT record ‘tox1._tox.azhuang.me’ o ‘v=tox1;id=4E9D1B82DEE3BD3D4DDA62190873EA40 737251A43445E4D517E66230BC4507233533EDD01F2 4’ • To prevent DNS poisoning or MITM, use the tox2 protocol (requires a extra pin): o 'v=tox2;pub=4E9D1B82DEE3BD3D4DDA62190873EA407372 51A43445E4D517E66230BC450723;check=1F24‘ • tox.se will be available for the public
attach patterns • TCP Server o Route traffic for clients behind symmetric NAT or enterprise firewalls o Act like a “Super node” in the Skype network • A/V improvements o Congestion control and variable bitrate support o A/V synchronization
Mac • Toxic (Ncurses CLI), has audio call support • Venom (Vala with GTK+) • Poison (MacOS only) o Mobile • AnTox (Android), supports QR code scanning • Toxicity (iOS)
Mac • Toxic (Ncurses CLI), has audio call support • Venom (Vala with GTK+) • Poison (MacOS only) o Mobile • AnTox (Android), supports QR code scanning • Toxicity (iOS) • Language bindings: o Python: PyTox (full A/V support) o jTorecore: used in Antox
will generate a public/private key pair for you • No login required • Send your public key to you friends • Add you friends with their public key • Start chatting!
2 days ago… o The video implementation in core even has some critical bugs • Full A/V support implemented before OSDC.tw! • Leverage the power of Python o An EchoBot can be implement in less than 50 lines of Python code o SyncBot: a PoC of PyTox, syncing messages between Tox groupchat and freenode #tox-ontopic