RetroShare - a tool for private communication and data exchange

in #security5 years ago

Retroshare - a cryptographically secure decentralized platform for anonymous communication and file sharing. The system allows you to organize separate server less Friend-to-Friend network or a global network (that in fact exists now) with a certain range of people - for example, your friends, family, colleagues or just strangers. It contacts you directly only with those people whom you have given permission. This is an important feature that makes such network be a network of special decentralized class in which unauthorized connections to your computer without your goodwill are forbidden. Networks of this type are called "Private p2p", "Darknet".

Dark networks like RetroShare have two important characteristic features:

  • monitoring of file-sharing and communication of users are complicated by the outside forces, that is - by potential enemy, not connected to the network;
  • outside the so-called "near" network environment of RetroShare it is impossible to reliably determine even the fact of connecting the user to the network.

The first sign distinguishes the dark (private) anonymous network from public anonymous networks where statistics, for example, on IP-addresses of nodes-participants is calculated by simple direct observation with the connection to the network or without it. The second feature is the fact that the connection to an arbitrary network node is impossible without confirmation of such transactions with the counterparty.

It should be noted that even within the so-called "trusted" environment there is an opportunity to communicate and exchange data through anonymous individuals a system which identifier is not connected with the user's personal certificate. The quantity of new anonymous individuals is not limited; the user is free to create and delete his own personality.

All connections are encrypted with SSL, the authenticity of the participants is provided by PGP keys. The system is not subject to censorship and any extraneous control or monitoring due to its distributed structure and is very resistant to blocking and other forms of outer hostile interests.

Available options:

  • Instant messaging and e-mail
  • Public and private chats
  • VoIP - Voice and video communication
  • File sharing
  • Forums
  • Channels

File sharing speed approaches the capacity limits of your channel.

Messaging is possible on behalf of anonymous individuals and directly between network nodes. In the first case, offline delivery is available, messages are stored on units of common friends. Voice and video are available only for communication nodes from a trusted environment. That is - those nodes to which certificates were previously exchanged.

Anonymous identifiers system (personalities) also provides an opportunity to communicate with people outside the range of your friends, messages are sent through the chain of series-connected nodes. Thus, communication is possible with any person from the network, with which connection is not established.

Forums are fully distributed and distributed on the basis of subscription. The interesting forum is mirrored on your node and becomes available throughout your environment. Any person of your environment has the ability to subscribe to a forum that is interesting to him, and thus, valuable content, "spreads" far from over the network. Forums are available for offline reading and posting.

The files are identified individually by SHA-hash and hence remain accessible regardless of renaming and / or moving within the folder with an open access. File links are simple text boxes with the name and hash, similar to the ed2k and magnet.

Connections are established by TCP / UDP IPv4, IPv6. It is possible to work through the anonymizing tor / i2p network.

Two people must once exchange public keys (in any convenient way) - and after this, all the communication opportunities will be available.

But there are problems, shortcomings, and disadvantages.

For example:

  • VOiP is not yet debugged, the quality is lame and is not comparable with Skype and analogs.
  • There is a lack of some features that have become common in other systems, such as streaming
  • The interface seems overloaded - a consequence of the abundance of functions.

You should also take into account the characteristics of distributed and cryptographic systems:

  • It is not possible to delete sent messages and posts.
  • There is no way to recover a forgotten password. It is also impossible to change it.
  • In the case of loss or failure of a key disk with the profile, there is no way to recover the data.


And why do we need another cryptosystem?

The thing is that RetroShare, perhaps, is the first platform that provides a reliable and secure cryptography in a relatively easy-to-use form. It gives a lot of efficient and useful services immediately.

The system also has an open source code, written in Qt / C ++, there is an assembly for all common desktop OSes. It supports for plug-ins to extend the functionality.

Official website: retroshare.sf.net
Developer Blog: retroshareteam.wordpress.com
Source Code: github.com/RetroShare

References: 1, 2

Follow me, to learn more about popular science, math, and technologies

With Love,
Kate

Image credit: 1, 2, 3, 4

Sort:  

It has been a while since I last used Retroshare. Thanks for reminding me of its excisting, will give it another go again soon.

Hope you'll find it useful

From what I remember I thought it could become very usefull.
Looking forward to try it again.

Could you record a teleconference through retroshare?