[messaging] fyi: metadata-eliminating tor-based chat program: Ricochet

Trevor Perrin trevp at trevp.net
Sun Sep 21 13:23:24 PDT 2014


On Sun, Sep 21, 2014 at 1:08 PM, Mike Hearn <mike at plan99.net> wrote:
> There's no particular reason you need Tor hidden services for this. Any
> server that implements a mail queue type protocol, doesn't keep logs and
> accepts connections via Tor would satisfy the desire to avoid leaving any
> metadata trails. After all, the core assumption behind hidden services being
> hidden is that Tor nodes do not keep logs that could be correlated together
> to reveal the underlying circuits. Nothing stops you having the same
> assumption for a separate network of chat relay servers.

It's not clear exactly what you're proposing.

I think Ricochet / Invisible.im is aiming for peer-to-peer
(serverless) chat between pseudonymous users.

If you give up peer-to-peer you could have both parties connect to a
chat server via Tor.  But then the server can tell which pseudonyms
are talking (unless, I suppose, you start doing tricky things with
shared secrets like Pond/Petmail delivery tokens).

If you give up pseudonymity you could have both parties make a direct
peer-to-peer connection.

But if you want pseudonymity and peer-to-peer, it seems like you need
*some* sort of pseudonymizing layer like Hidden Services or Nym
Servers or Pond mailboxes or something?


Trevor


More information about the Messaging mailing list