Tox (protocol)

Last updated
Tox
Stable release
0.2.18 / 18 April 2022;23 months ago (2022-04-18) [1]
Repository
Written in C
Operating system Linux, OS X, Windows, Android, iOS, FreeBSD, OpenIndiana, Sailfish OS
Type VoIP, Instant messaging, Videoconferencing
License GPL-3.0-or-later.
Website tox.chat   OOjs UI icon edit-ltr-progressive.svg

Tox is a peer-to-peer instant-messaging and video-calling protocol that offers end-to-end encryption. The stated goal of the project is to provide secure yet easily accessible communication for everyone. [2] A reference implementation of the protocol is published as free and open-source software under the terms of the GNU GPL-3.0-or-later.

Contents

History

Inception

An idea of developing a secure peer-to-peer messenger which would later turn into Tox sparked on the anonymous imageboard 4chan [3] amidst the allegations that Skype provided the NSA with access to their infrastructure and encryption, just before they were bought by Microsoft. [4] [5]

The initial commit to GitHub was pushed on June 23, 2013, by a user named irungentoo. [6] Unofficial community builds became available as early as on August 23, 2013, [7] with the first official builds made available in October 2013. [8] On July 12, 2014, Tox entered an alpha stage in development and a redesigned download page was created for the occasion. [9]

Project's fork and Rust implementation

Sometime during 2016, the original reference implementation saw a steady decline in development activity, [10] with the last known commit currently dated Oct 2018. [11] This caused the project to split, with those interested in continuing the development creating a new fork of Tox core [12] called "c-toxcore" around the end of September 2016.

Currently c-toxcore is being developed by a collective known as the TokTok Project. [13] They describe their mission as "to promote universal freedom of expression and to preserve unrestricted information exchange". [14] Their current goals are to continue slow iterative development of the existing core implementation, along with in-parallel development of a new reference implementation in Rust. [13] [15]

Initially, the Rust implementation of the protocol library was split in two halves, one handling most of the grunt work of communication with the network, and another one responsible specifically for bootstrap node operation. In December 2022 those were merged, with developers stating that code was now mature enough to support basic communication and bootstrap node operations using TCP connections. As of June 2023 the development is still ongoing, but no client implementations using Rust core library is available yet. [15]

Although the original core library implementation and its forks have been available for the general public for almost a decade, none of them have been reviewed by a competent third-party security researcher.

In 2017, WireGuard's author Jason A. Donenfeld opened an issue on the project's GitHub page [16] where he stated that c-toxcore is vulnerable to key compromise impersonation (KCI) attacks. Donenfeld attributed his find to the fact that Tox is relying on "homebrew crypto" developed by "non-experts" to facilitate handshakes. He also criticized some other design choices used by Tox developers as well, like using raw ECDH values as encryption keys.

This report has caused developers to put an additional disclaimer on the project's GitHub page, [17] stating that Tox is an experimental cryptographic network library that has not been formally audited by an independent third party that specializes in cryptography or cryptanalysis, with a separate disclaimer that users may use it on their own risk.

In March 2023, a post on the project's blog [18] stated that one of the community members is working to redesign the cryptographic mechanism used by Tox to perform handshakes using the AKE mechanisms used in the Noise Protocol Framework. This post also contains a detailed explanation of the original vulnerability.

Tox Foundation controversy

During the first two years of its life, the project's business and monetary side was handled by Tox Foundation, a California-registered corporation. [19] On July 6, 2015 an issue was open on the project's GitHub, where a third party stated [20] that Tox Foundation's sole board member, Sean Qureshi, used an amount of money in the thousands of US dollars to pay for their college tuition, [21] with those funds coming from Tox Foundation's participation in Google Summer of Code. When asked for additional clarification, irungentoo, on behalf of the project's team, confirmed the allegations. [22] On July 11, 2015 the project's infrastructure and repositories were moved to a new locations, due to the fact that Qureshi controlled the original project's domains and servers. In the project's blog the development team has announced their "disassociation" with Tox Foundation and Qureshi in particular, and further addressed the issue. [23] This situation caused many prominent contributors to cease Tox-related activity. [24]

Features

Encryption of traffic

Users are assigned a public and private key, and they connect to each other directly in a fully distributed, peer-to-peer network. Users have the ability to message friends, join chat rooms with friends or strangers, voice/video chat, and send each other files. All traffic over Tox is end-to-end encrypted using the NaCl library, which provides authenticated encryption and perfect forward secrecy.

Additional messaging features

Tox clients aim to provide support for various secure and anonymised communication features; while every client supports messaging, additional features like group messaging, voice and video calling, voice and video conferencing, typing indicators, message read-receipts, file sharing, profile encryption, and desktop streaming are supported to various degrees by mobile and desktop clients. Additional features can be implemented by any client as long as they are supported by the core protocol. Features that are not related to the core networking system are left up to the client. Client developers are strongly encouraged to adhere to the Tox Client Standard [25] in order to maintain cross-client compatibility and uphold best security practices.

Usability as an instant messenger

Though several apps that use the Tox protocol seem similar in function to regular instant messaging apps, the lack of central servers similar to XMPP or Matrix currently has the consequence that both parties of the chat need to be online for the message to be sent and received. The Tox enabled messengers deal with this in separate ways: some prevent the user from sending the message if the other party has disconnected, while others show the message as being sent when in reality it is stored in the sender's phone waiting to be delivered when the receiving party reconnects to the network. [26]

Reception

Tox received some significant publicity in its early conceptual stage, catching the attention of global online tech news sites. [27] [28] [29] [30] On August 15, 2013, Tox was number five on GitHub's top trending list. [31] Concerns about metadata leaks were raised, and developers responded by implementing Onion routing for the friend-finding process. [32] Tox was accepted into the Google Summer of Code as a Mentoring Organization in 2014 and 2015. [33] [34]

See also

Related Research Articles

<span class="mw-page-title-main">Pidgin (software)</span> Open-source multi-platform instant messaging client

Pidgin is a free and open-source multi-platform instant messaging client, based on a library named libpurple that has support for many instant messaging protocols, allowing the user to simultaneously log in to various services from a single application, with a single interface for both popular and obsolete protocols, thus avoiding the hassle of having to deal with new software for each device and protocol.

<span class="mw-page-title-main">Skype</span> Telecommunications software service/application

Skype is a proprietary telecommunications application operated by Skype Technologies, a division of Microsoft, best known for VoIP-based videotelephony, videoconferencing and voice calls. It also has instant messaging, file transfer, debit-based calls to landline and mobile telephones, and other features. It is available on various desktop, mobile, and video game console platforms.

End-to-end encryption (E2EE) is a private communication system in which only communicating users can participate. As such, no one, including the communication system provider, telecom providers, Internet providers or malicious actors, can access the cryptographic keys needed to converse.

The following is a comparison of instant messaging protocols. It contains basic general information about the protocols.

Off-the-record Messaging (OTR) is a cryptographic protocol that provides encryption for instant messaging conversations. OTR uses a combination of AES symmetric-key algorithm with 128 bits key length, the Diffie–Hellman key exchange with 1536 bits group size, and the SHA-1 hash function. In addition to authentication and encryption, OTR provides forward secrecy and malleable encryption.

Protocol encryption (PE), message stream encryption (MSE) or protocol header encrypt (PHE) are related features of some peer-to-peer file-sharing clients, including BitTorrent clients. They attempt to enhance privacy and confidentiality. In addition, they attempt to make traffic harder to identify by third parties including internet service providers (ISPs). However, encryption will not protect one from DMCA notices from sharing not legal content, as one is still uploading material and the monitoring firms can merely connect to the swarm.

<span class="mw-page-title-main">TorChat</span> Anonymous instant messaging application

TorChat was a peer-to-peer anonymous instant messenger that used Tor onion services as its underlying network. It provided cryptographically secure text messaging and file transfers. The characteristics of Tor's onion services ensure that all traffic between the clients is encrypted and that it is very difficult to tell who is communicating with whom and where a given client is physically located.

<span class="mw-page-title-main">Jami (software)</span> Distributed multimedia communications platform

Jami is a SIP-compatible distributed peer-to-peer softphone and SIP-based instant messenger for Linux, Microsoft Windows, macOS, iOS, and Android. Jami was developed and maintained by the Canadian company Savoir-faire Linux, and with the help of a global community of users and contributors, Jami positions itself as a potential free Skype replacement.

<span class="mw-page-title-main">Cryptocat</span> Open source encrypted chat application

Cryptocat is a discontinued open-source desktop application intended to allow encrypted online chatting available for Windows, OS X, and Linux. It uses end-to-end encryption to secure all communications to other Cryptocat users. Users are given the option of independently verifying their buddies' device lists and are notified when a buddy's device list is modified and all updates are verified through the built-in update downloader.

<span class="mw-page-title-main">Twister (software)</span> Blog software

Twister is a decentralized, experimental peer-to-peer microblogging program which uses end-to-end encryption to safeguard communications. Based on BitTorrent- and Bitcoin-like protocols, it has been likened to a distributed version of Twitter.

TextSecure was an encrypted messaging application for Android that was developed from 2010 to 2015. It was a predecessor to Signal and the first application to use the Signal Protocol, which has since been implemented into WhatsApp and other applications. TextSecure used end-to-end encryption to secure the transmission of text messages, group messages, attachments and media messages to other TextSecure users.

<span class="mw-page-title-main">Ricochet (software)</span> Instant messaging software

Ricochet or Ricochet IM is a free software, multi-platform, instant messaging software project originally developed by John Brooks and later adopted as the official instant messaging client project of the Invisible.im group. A goal of the Invisible.im group is to help people maintain privacy by developing a "metadata free" instant messaging client.

<span class="mw-page-title-main">Matrix (protocol)</span> Networking protocol for real-time communication and data synchronization

Matrix is an open standard and communication protocol for real-time communication. It aims to make real-time communication work seamlessly between different service providers, in the way that standard Simple Mail Transfer Protocol email currently does for store-and-forward email service, by allowing users with accounts at one communications service provider to communicate with users of a different service provider via online chat, voice over IP, and videotelephony. It therefore serves a similar purpose to protocols like XMPP, but is not based on any existing communication protocol.

<span class="mw-page-title-main">OMEMO</span> Extension to XMPP for multi-client end-to-end encryption

OMEMO is an extension to the Extensible Messaging and Presence Protocol (XMPP) for multi-client end-to-end encryption developed by Andreas Straub. According to Straub, OMEMO uses the Double Ratchet Algorithm "to provide multi-end to multi-end encryption, allowing messages to be synchronized securely across multiple clients, even if some of them are offline". The name "OMEMO" is a recursive acronym for "OMEMO Multi-End Message and Object Encryption". It is an open standard based on the Double Ratchet Algorithm and the Personal Eventing Protocol . OMEMO offers future and forward secrecy and deniability with message synchronization and offline delivery.

In cryptography, the Double Ratchet Algorithm is a key management algorithm that was developed by Trevor Perrin and Moxie Marlinspike in 2013. It can be used as part of a cryptographic protocol to provide end-to-end encryption for instant messaging. After an initial key exchange it manages the ongoing renewal and maintenance of short-lived session keys. It combines a cryptographic so-called "ratchet" based on the Diffie–Hellman key exchange (DH) and a ratchet based on a key derivation function (KDF), such as a hash function, and is therefore called a double ratchet.

The Signal Protocol is a non-federated cryptographic protocol that provides end-to-end encryption for voice and instant messaging conversations. The protocol was developed by Open Whisper Systems in 2013 and was first introduced in the open-source TextSecure app, which later became Signal. Several closed-source applications have implemented the protocol, such as WhatsApp, which is said to encrypt the conversations of "more than a billion people worldwide" or Google who provides end-to-end encryption by default to all RCS-based conversations between users of their Google Messages app for one-to-one conversations. Facebook Messenger also say they offer the protocol for optional Secret Conversations, as does Skype for its Private Conversations.

Wire is an encrypted communication and collaboration app created by Wire Swiss. It is available for iOS, Android, Windows, macOS, Linux, and web browsers such as Firefox. Wire offers a collaboration suite featuring messenger, voice calls, video calls, conference calls, file-sharing, and external collaboration – all protected by a secure end-to-end-encryption. Wire offers three solutions built on its security technology: Wire Pro – which offers Wire's collaboration feature for businesses, Wire Enterprise – includes Wire Pro capabilities with added features for large-scale or regulated organizations, and Wire Red – the on-demand crisis collaboration suite. They also offer Wire Personal, which is a secure messaging app for personal use.

Autocrypt is a cryptographic protocol for email clients aiming to simplify key exchange and enabling encryption. Version 1.0 of the Autocrypt specification was released in December 2017 and makes no attempt to protect against MITM attacks. It is implemented on top of OpenPGP replacing its complex key management by fully automated exchange of cryptographic keys between peers.

<span class="mw-page-title-main">Secure Scuttlebutt</span> Decentralized social network

Secure Scuttlebutt (SSB) is a peer-to peer communication protocol, mesh network, and self-hosted social media ecosystem. Each user hosts their own content and the content of the peers they follow, which provides fault tolerance and eventual consistency. Messages are digitally signed and added to an append-only list of messages published by an author. SSB is primarily used for implementing distributed social networks, and utilizes cryptography to assure that content remains unforged as it is propagated through the network.

<span class="mw-page-title-main">Conversations (software)</span> Free software instant messaging client for the XMPP protocol

Conversations is a free software, instant messaging client application software for Android. It is largely based on recognized open standards such as the Extensible Messaging and Presence Protocol (XMPP) and Transport Layer Security (TLS).

References

  1. "GitHub - TokTok/c-toxcore: The future of online communications". TokTok Project. 2022-03-05. Retrieved 2022-03-05.
  2. "Secure Messaging for Everyone". Tox. Retrieved 6 August 2015.
  3. "Daily reminder that Skype reads the URLs you send, your browser profile, sends encrypted data to Microsoft data centers and gives your conversations to the NSA". 4chan (mirrored). 2013-06-23.
  4. Bogdan Popa (20 June 2013). "Skype Provided Backdoor Access to the NSA Before Microsoft Takeover (NYT)". Softpedia.
  5. Bogdan Popa (31 December 2014). "Leaked Documents Show the NSA Had Full Access to Skype Chats". Softpedia.
  6. "Initial commit". GitHub. Retrieved 18 February 2014.
  7. "Binaries - Tox". 2013-08-23. Archived from the original on 2013-10-04.
  8. "Binaries - Tox". 2013-10-04. Archived from the original on 2013-10-04.
  9. "Binaries - Tox". 2014-08-09. Archived from the original on 2014-08-09.
  10. "Commits · irungentoo/toxcore". GitHub. Retrieved 2023-05-18.
  11. "Fix memory leak when closing TCP connection. · irungentoo/toxcore@bf69b54". GitHub. Retrieved 2023-05-20.
  12. "Commits · TokTok/c-toxcore". GitHub. Retrieved 2023-05-18.
  13. 1 2 "The TokTok Project - Home". toktok.ltd. Retrieved 2023-05-18.
  14. "The TokTok Project - Mission". toktok.ltd. Retrieved 2023-05-18.
  15. 1 2 Tox, tox-rs, 2023-05-08, retrieved 2023-05-18
  16. "Tox Handshake Vulnerable to KCI · Issue #426 · TokTok/c-toxcore". GitHub. Retrieved 2023-05-20.
  17. TokTok/c-toxcore, TokTok Project, 2023-05-18, retrieved 2023-05-20
  18. "Redesign of Tox's Cryptographic Handshake – Tox Blog". 2023-03-02. Retrieved 2023-05-20.
  19. "Tox Foundation - BusinessesCalifornia". www.businessescalifornia.com. Archived from the original on 2016-03-21.
  20. "Current situation of Tox · Issue #1379 · irungentoo/toxcore". GitHub. Retrieved 2023-05-20.
  21. "Current situation of Tox · Issue #1379 · irungentoo/toxcore". GitHub. Retrieved 2023-05-20.
  22. "Current situation of Tox · Issue #1379 · irungentoo/toxcore". GitHub. Retrieved 2023-05-20.
  23. "Current Situation – Tox Blog". 2015-07-11. Retrieved 2023-05-20.
  24. "A split within the Tox project". LWN.net. Nathan Willis. 15 July 2015. Retrieved 14 February 2016.
  25. "Tox Client Standard" . Retrieved 7 November 2015.
  26. "users:troubleshooting - Tox Wiki". wiki.tox.chat. Retrieved 2019-04-26.
  27. Kar, Saroj (5 August 2013). "Tox: A Replacement For Skype And Your Privacy?". Silicon Angle. Retrieved 19 February 2014.
  28. Grüner, Sebastian (30 July 2013). "Skype-Alternative Freier und sicherer Videochat mit Tox" [More free and secure video chat with Tox]. Golem.de (in German). Retrieved 19 February 2014.
  29. "Проект Tox развивает свободную альтернативу Skype" [Tox project develops free Skype replacement]. opennet.ru (in Russian). 30 July 2013. Retrieved 19 February 2014.
  30. Nitschke, Manuel (2 August 2013). "Skype-Alternative Tox zum Ausprobieren" [Tox Skype replacement tested]. heise.de (in German). Retrieved 19 February 2014.
  31. Asay, Matt (15 August 2013). "GitHub's new 'Trending' Feature Lets You See The Future". ReadWrite.com. Retrieved 19 February 2014.
  32. "Prevent_Tracking.txt". GitHub. Retrieved 20 February 2014.
  33. "Project Tox". GSoC 2014. Retrieved 7 March 2015.
  34. "Project Tox". GSoC 2015. Retrieved 7 March 2015.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.