HOME     MENU     SEARCH     NEWSLETTER    
NEWS & INFORMATION FOR TECHNOLOGY PURCHASERS. UPDATED 11 MINUTES AGO.
You are here: Home / Computing / BitTorrent Tests Snoop-Free Chat
Must-Read Report:
Gartner rates the key capabilities for mobile & office endpoint backup.
Access the Report Now.
BitTorrent Tests Snoop-Free Chat Service
BitTorrent Tests Snoop-Free Chat Service
By Barry Levine / NewsFactor Network Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
DECEMBER
21
2013
Can a chat service that doesn’t use central servers be more secure than one that does? BitTorrent is saying yes, and is now privately alpha testing such a service.

A private alpha of the peer-to-peer serverless service was announced in September, but software engineer Abraham Goldoor offered more details on Thursday on the BitTorrent Engineering Blog. He said that, given a stream of reports about the massive collection of phone records and other telecommunications by the U.S. National Security Agency (NSA), the company wanted to provide a more secure chat service.

BitTorrent is currently accepting signups on its site for participating in the alpha test.

Cryptographic Key Pair

The engineering issues for a serverless chat with “no central authority” have included how logins would be handled, where usernames and passwords would be stored, and how connections would be routed between users.

To solve these issues, BitTorrent Chat doesn’t offer normal logins. Instead, a user’s identity is established through a cryptographic key pair. This technique allows for anonymous chatting, since the the public key and the user’s private key are the identity. To prevent anyone who acquires the private key from gaining access to all past or future messages, the service also utilizes a temporary encryption key that is generated only for that conversation.

A distributed hash table is employed to correspond a public key to an IP address, which removes the need for a central server for message routing.

Goldoor said that this “web of peers” is like serial communications between neighbors. “You ask your closest neighbor if they know of the person you are looking for,” he wrote. “You then ask their neighbors, and their neighbors’ neighbors, and so on.” Eventually, he said, you find a neighbor -- that is, a peer -- who knows the address of your intended correspondent, and the address is returned only to the user who originated the request.

Encrypted Protocol

Goldoor said that the distributed hash table’s protocol has been updated to support encryption, so that this neighbor-asking-neighbor sequence can be handled securely and in private. Distributed hash tables are utilized in BitTorrent’s better known peer-to-peer file-sharing.

In a related post on the main BitTorrent Blog, Director of Communications Christian Averill wrote on Thursday that all current chat apps depend on “centralized, cloud-based servers that store user messages,” which leads to vulnerability by snooping from NSA or hackers.

Averill's post went on to say, "Over the past 6 months, it’s become increasingly clear that we need to devote hackathons, hours and resources to developing a messaging app that protects user privacy. We’ve seen this basic right of communication compromised, over and over again, in 2013. User control has become a casualty of centralization. The thing is, Internet doesn’t need to work this way."

It’s not evident how the company intends to make money on this chat service, or if it does intend to do so. The new distributed hash table has been made available as open source on github. It’s possible that, as with many other freemium services, additional features and services will be offered for a fee, or perhaps the service, free during alpha, will become a fee-based offering. BitTorrent has also not made clear how it intends to rollout or support the new service, and what the performance of such a service might be if there were, say, millions of users.

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
TOP STORIES NOW
MAY INTEREST YOU
Neustar, Inc. (NYSE: NSR) is a trusted, neutral provider of real-time information and analysis to the Internet, telecommunications, information services, financial services, retail, media and advertising sectors. Neustar applies its advanced, secure technologies in location, identification, and evaluation to help its customers promote and protect their businesses. More information is available at www.neustar.biz.
MORE IN COMPUTING
Product Information and Resources for Technology You Can Use To Boost Your Business
© Copyright 2014 NewsFactor Network, Inc. All rights reserved. Member of Accuserve Ad Network.