OSDC.tw 2014 ProjectTox: Free as in freedom Skype replacement

1. ProjectTox
Free as in freedom Skype
replacement
Wei-Ning Huang (AZ)

2. About the Speaker
• 正在水深火熱中的碩二學生
• 熱愛Python及Open Source
• Involved open source projects:
o Gummi LaTeX Editor
o cppman
o PyTox
o ProjectTox-Core
o Toxic
o jToxcore
o …
• More info: http://azhuang.me

3. Outline
• What is Tox?
• Functionality
• Architecture and Design
• Pitfalls and Solutions
• In Progress Features
• Client and Bindings
• Live Demo

4. What is anyway?

5. What is anyway?
• FOSS messaging network, supports A/V (GPLv3)

6. What is anyway?
• FOSS messaging network, supports A/V (GPLv3)
• Decentralized architecture

7. What is anyway?
• FOSS messaging network, supports A/V (GPLv3)
• Decentralized architecture
• End-to-end encryption

8. What is anyway?
• FOSS messaging network, supports A/V (GPLv3)
• Decentralized architecture
• End-to-end encryption
• Configuration free (does not require registration)

9. What is anyway?
• FOSS messaging network, supports A/V (GPLv3)
• Decentralized architecture
• End-to-end encryption
• Configuration free (does not require registration)
• Secure and easy to use

10. What is anyway?
• FOSS messaging network, supports A/V (GPLv3)
• Decentralized architecture
• End-to-end encryption
• Configuration free (does not require registration)
• Secure and easy to use
• A Skype replacement

11. Why are we doing this?

12. Why are we doing this?

13. Why are we doing this?

14. Why are we doing this?
4chan/g/

15. Why are we doing this?
4chan/g/

16. Why are we doing this?

17. Why are we doing this?

18. Why are we doing this?
馬卡茸表示：如果沒做錯事，就不用怕監聽!
圖片來自插畫家謝立聖

19. Why are we doing this?
馬卡茸表示：如果沒做錯事，就不用怕監聽!
圖片來自插畫家謝立聖
???

20. Why are we doing this?
馬卡茸表示：如果沒做錯事，就不用怕監聽!
圖片來自插畫家謝立聖
???

21. Why are we doing this?
馬卡茸表示：如果沒做錯事，就不用怕監聽!
圖片來自插畫家謝立聖
憲法第十二條：「人民有祕密通訊之自由」
???

22. Why are we doing this?

23. Why are we doing this?
• We want a free(as in Freedom) and secure
alternative for , since it is “Microsofted”....

24. Why are we doing this?
• We want a free(as in Freedom) and secure
alternative for , since it is “Microsofted”....
• "We don't want to be the next secure chatting
program, we want to be the next secure chatting
program that people actually use." - Someone on
IRC

25. Why are we doing this?
• We want a free(as in Freedom) and secure
alternative for , since it is “Microsofted”....
• "We don't want to be the next secure chatting
program, we want to be the next secure chatting
program that people actually use." - Someone on
IRC
• Current secure chat programs aren't easy to use,
at least not for our parents and grandparents
normal people

26. Who started this?

27. Who started this?
• irungentoo
o Real identity is a mystery :P
o Most of the code is implemented by him

28. Who started this?
• irungentoo
o Real identity is a mystery :P
o Most of the code is implemented by him
• Project started up Jun 23, 2013

29. Who started this?
• irungentoo
o Real identity is a mystery :P
o Most of the code is implemented by him
• Project started up Jun 23, 2013
• There are currently about 10 active tox.im
developers, including me.

30. Architecture and Design

31. Architecture and Design
• Separated core and client, Tox is a library.

32. Architecture and Design
• Separated core and client, Tox is a library.
• Current implemented features in core:

33. Architecture and Design
• Separated core and client, Tox is a library.
• Current implemented features in core:
o Text messages
• Read receipt
• Typing status

34. Architecture and Design
• Separated core and client, Tox is a library.
• Current implemented features in core:
o Text messages
• Read receipt
• Typing status
o File transfer (way faster than Skype)

35. Architecture and Design
• Separated core and client, Tox is a library.
• Current implemented features in core:
o Text messages
• Read receipt
• Typing status
o File transfer (way faster than Skype)
o Group chat (IRC-like, currently invitation only)

36. Architecture and Design
• Separated core and client, Tox is a library.
• Current implemented features in core:
o Text messages
• Read receipt
• Typing status
o File transfer (way faster than Skype)
o Group chat (IRC-like, currently invitation only)
o Audio / Video call support
• Currently only 1-to-1 call supported
• 1-to-many and many-to-many support on the way!

37. Architecture and Design
• Separated core and client, Tox is a library.
• Current implemented features in core:
o Text messages
• Read receipt
• Typing status
o File transfer (way faster than Skype)
o Group chat (IRC-like, currently invitation only)
o Audio / Video call support
• Currently only 1-to-1 call supported
• 1-to-many and many-to-many support on the way!
o All communication between clients are encrypted.

38. DHT

39. DHT
• Distributed Hash Table similar to BitTorrent

40. DHT
• Distributed Hash Table similar to BitTorrent
• Hash table contains ID to IP-Port mapping

41. DHT
• Distributed Hash Table similar to BitTorrent
• Hash table contains ID to IP-Port mapping
Bootstrap
Server
Client
NAT
Client Client
LAN Discovery
Client
Client
Boostrap
Hole punching
NAT

42. Friend Requests

43. Friend Requests
• Friend requests are routed between clients

44. Friend Requests
• Friend requests are routed between clients
• Client list or a list of clients whose ID are
mathematically (XOR) closest to us

45. Friend Requests
• Friend requests are routed between clients
• Client list or a list of clients whose ID are
mathematically (XOR) closest to us
Alice
Jack
Lucy
Bob
Request
Request
Got Alice’s IP_Port

46. Using the UDP Protocal
• Using UDP, easier for hole punching

47. Using the UDP Protocal
• Using UDP, easier for hole punching
• A Lossless UDP protocol on top of UDP

48. Using the UDP Protocal
• Using UDP, easier for hole punching
• A Lossless UDP protocol on top of UDP
• Allow packet drop for A/V data packet

49. Using the UDP Protocal
• Using UDP, easier for hole punching
• A Lossless UDP protocol on top of UDP
• Allow packet drop for A/V data packet
• NAT Traversal: Most NAT works, but symmetric
NAT are problematic for now

50. Encryption
• Using Elliptic Curve Cryptography
o Short key length, but still secure

51. Encryption
• Using Elliptic Curve Cryptography
o Short key length, but still secure
• Using NaCl (Networking and Cryptography library)

52. Encryption
• Using Elliptic Curve Cryptography
o Short key length, but still secure
• Using NaCl (Networking and Cryptography library)
o libsodium is prefered

53. Encryption
• Using Elliptic Curve Cryptography
o Short key length, but still secure
• Using NaCl (Networking and Cryptography library)
o libsodium is prefered
o crypto_box: curve25519xsalsa20poly1305
• curve25519 for Key exchange
• xsalsa20 for encryption
• poly1305 for message authentication

54. Encryption
• Using Elliptic Curve Cryptography
o Short key length, but still secure
• Using NaCl (Networking and Cryptography library)
o libsodium is prefered
o crypto_box: curve25519xsalsa20poly1305
• curve25519 for Key exchange
• xsalsa20 for encryption
• poly1305 for message authentication
• ID == Public Key
o Example ID:
4E9D1B82DEE3BD3D4DDA62190873EA40737251A4
3445E4D517E66230BC4507233533EDD01F24

55. Pitfalls and Solutions

56. Pitfalls and Solutions
• Attack against DHT
o Sybil attacks: attacker with large resource (e.g.
governments) can create a large number of pseudo
nodes that does nothing or disrupt network.

57. Pitfalls and Solutions
• Attack against DHT
o Sybil attacks: attacker with large resource (e.g.
governments) can create a large number of pseudo
nodes that does nothing or disrupt network.
• Metadata Leaking
o When routing friend requests, nodes leaks information
about the request’s ID and IP mapping.
o Possible to identify a users’s real identity with IP

58. Pitfalls and Solutions
• Attack against DHT
o Sybil attacks: attacker with large resource (e.g.
governments) can create a large number of pseudo
nodes that does nothing or disrupt network.
• Metadata Leaking
o When routing friend requests, nodes leaks information
about the request’s ID and IP mapping.
o Possible to identify a users’s real identity with IP
• How do we safely exchange ID (Public Key)
o Key being swap by a MITM?

59. Solutions
• Attack against DHT
o Periodically check all client’s behavior to see if it’s a
bad node.
o The criteria of a good node is strict.

60. Solutions
• Attack against DHT
o Periodically check all client’s behavior to see if it’s a
bad node.
o The criteria of a good node is strict.
• Metadata Leaking
o Don’t use their long term keypair in DHT, generate a
temporary one when sending friend requests.
o Onion routing for friend requests

61. Solutions
• Attack against DHT
o Periodically check all client’s behavior to see if it’s a
bad node.
o The criteria of a good node is strict.
• Metadata Leaking
o Don’t use their long term keypair in DHT, generate a
temporary one when sending friend requests.
o Onion routing for friend requests
• How do we safely exchange ID (Public Key)
o DNS lookup!

62. DNS User Discovery

63. DNS User Discovery
• Use DNS TXT record to store the ID, for example:
o tox://tox1@azhuang.me will be mapped to at TXT record
‘tox1._tox.azhuang.me’

64. DNS User Discovery
• Use DNS TXT record to store the ID, for example:
o tox://tox1@azhuang.me will be mapped to at TXT record
‘tox1._tox.azhuang.me’
o ‘v=tox1;id=4E9D1B82DEE3BD3D4DDA62190873EA40
737251A43445E4D517E66230BC4507233533EDD01F2
4’

65. DNS User Discovery
• Use DNS TXT record to store the ID, for example:
o tox://tox1@azhuang.me will be mapped to at TXT record
‘tox1._tox.azhuang.me’
o ‘v=tox1;id=4E9D1B82DEE3BD3D4DDA62190873EA40
737251A43445E4D517E66230BC4507233533EDD01F2
4’
• To prevent DNS poisoning or MITM, use the
tox2 protocol (requires a extra pin):
o 'v=tox2;pub=4E9D1B82DEE3BD3D4DDA62190873EA407372
51A43445E4D517E66230BC450723;check=1F24‘

66. DNS User Discovery
• Use DNS TXT record to store the ID, for example:
o tox://tox1@azhuang.me will be mapped to at TXT record
‘tox1._tox.azhuang.me’
o ‘v=tox1;id=4E9D1B82DEE3BD3D4DDA62190873EA40
737251A43445E4D517E66230BC4507233533EDD01F2
4’
• To prevent DNS poisoning or MITM, use the
tox2 protocol (requires a extra pin):
o 'v=tox2;pub=4E9D1B82DEE3BD3D4DDA62190873EA407372
51A43445E4D517E66230BC450723;check=1F24‘
• tox.se will be available for the public 

67. In Progress Features

68. In Progress Features
• DHT Hardening
o Research for more attach patterns

69. In Progress Features
• DHT Hardening
o Research for more attach patterns
• TCP Server
o Route traffic for clients behind symmetric NAT or
enterprise firewalls
o Act like a “Super node” in the Skype network

70. In Progress Features
• DHT Hardening
o Research for more attach patterns
• TCP Server
o Route traffic for clients behind symmetric NAT or
enterprise firewalls
o Act like a “Super node” in the Skype network
• A/V improvements
o Congestion control and variable bitrate support
o A/V synchronization

71. Clients and Bindings

72. Clients and Bindings

73. Clients and Bindings
• Support most platforms

74. Clients and Bindings
• Support most platforms
o Windows, Linux, Mac
• Toxic (Ncurses CLI), has audio call support
• Venom (Vala with GTK+)
• Poison (MacOS only)

75. Clients and Bindings
• Support most platforms
o Windows, Linux, Mac
• Toxic (Ncurses CLI), has audio call support
• Venom (Vala with GTK+)
• Poison (MacOS only)
o Mobile
• AnTox (Android), supports QR code scanning
• Toxicity (iOS)

76. Clients and Bindings
• Support most platforms
o Windows, Linux, Mac
• Toxic (Ncurses CLI), has audio call support
• Venom (Vala with GTK+)
• Poison (MacOS only)
o Mobile
• AnTox (Android), supports QR code scanning
• Toxicity (iOS)
• Language bindings:
o Python: PyTox (full A/V support)
o jTorecore: used in Antox

77. How to use?
• Just launch any client, and it will generate a
public/private key pair for you

78. How to use?
• Just launch any client, and it will generate a
public/private key pair for you
• No login required

79. How to use?
• Just launch any client, and it will generate a
public/private key pair for you
• No login required
• Send your public key to you friends

80. How to use?
• Just launch any client, and it will generate a
public/private key pair for you
• No login required
• Send your public key to you friends
• Add you friends with their public key

81. How to use?
• Just launch any client, and it will generate a
public/private key pair for you
• No login required
• Send your public key to you friends
• Add you friends with their public key
• Start chatting!

82. PyTox

83. PyTox
• CDD (Conference Driven Developemnt)

84. PyTox
• CDD (Conference Driven Developemnt)
• No A/V support 2 days ago…
o The video implementation in core even has some critical
bugs

85. PyTox
• CDD (Conference Driven Developemnt)
• No A/V support 2 days ago…
o The video implementation in core even has some critical
bugs
• Full A/V support implemented before OSDC.tw!

86. PyTox
• CDD (Conference Driven Developemnt)
• No A/V support 2 days ago…
o The video implementation in core even has some critical
bugs
• Full A/V support implemented before OSDC.tw!
• Leverage the power of Python
o An EchoBot can be implement in less than 50 lines of
Python code
o SyncBot: a PoC of PyTox, syncing messages between
Tox groupchat and freenode #tox-ontopic

87. PyTox

88. Live Demo

89. Join Us!
• Wiki:
o http://wiki.tox.im/
• Github:
o ProjectTox-Core:
https://github.com/irungentoo/ProjectTox-Core
o PyTox: https://github.com/aitjcize/PyTox
• Freenode IRC
o #tox, #tox-dev, #tox-ontopic