[messaging] fyi: metadata-eliminating tor-based chat program: Ricochet

Trevor Perrin trevp at trevp.net
Fri Sep 19 17:03:33 PDT 2014


On Fri, Sep 19, 2014 at 1:38 PM, Tim Bray <tbray at textuality.com> wrote:
> A number of things about this one made me kind of uneasy.  The clichéd tone
> of the article “high-school dropout trumps NSA!”  The complete absence of
> input from anyone who wasn’t a  project insider, and the dissing of
> competitors who are actually shipping working software.

Seems like a critique of the journalism, not the project.

The project looks like a simple-ish chat protocol using Tor Hidden
Services for peer-to-peer connections.  I think it relies on Tor HS
for encryption and server-auth, and adds some fairly simple
client-auth.

There's a slew of new apps using the model of "Tor Hidden Services for
peer-to-peer connections".  We had a thread about that for email-like
messaging, e.g.

https://moderncrypto.org/mail-archive/messaging/2014/000434.html
https://moderncrypto.org/mail-archive/messaging/2014/000447.html

The advantage of this model is that your metadata isn't seen by a
server.  A less obvious disadvantage is that, compared to proposals
where both parties use Tor as clients to communicate via some server,
users might be exposed to things like:
 - hacking / DoS targeted at your Hidden Service
 - deanonymizing users via Hidden Service attacks
 - deanonymizing users via monitoring HS uptimes
 - linking users via monitoring Alice's HS uptime, and correlating it
with Bob's polling to see if Alice is up

I also don't know how well Tor HS would scale to large numbers of
people using it this way.  But that would be a good question for a HS
expert (do we have one?)


Trevor


More information about the Messaging mailing list