Can a chat service that doesn’t use central servers be more secure than one that does? BitTorrent is saying yes, and is now privately alpha testing such a service.
A private alpha of the peer-to-peer serverless service was announced in September, but software engineer Abraham Goldoor offered more details on Thursday on the BitTorrent Engineering Blog. He said that, given a stream of reports about the massive collection of phone records and other telecommunications by the U.S. National Security Agency (NSA), the company wanted to provide a more secure chat service.
BitTorrent is currently accepting signups on its site for participating in the alpha test.
Cryptographic Key Pair
The engineering issues for a serverless chat with “no central authority” have included how logins would be handled, where usernames and passwords would be stored, and how connections would be routed between users.
To solve these issues, BitTorrent Chat doesn’t offer normal logins. Instead, a user’s identity is established through a cryptographic key pair. This technique allows for anonymous chatting, since the the public key and the user’s private key are the identity. To prevent anyone who acquires the private key from gaining access to all past or future messages, the service also utilizes a temporary encryption key that is generated only for that conversation.
A distributed hash table is employed to correspond a public key to an IP address, which removes the need for a central server for message routing.
Goldoor said that this “web of peers” is like serial communications between neighbors. “You ask your closest neighbor if they know of the person you are looking for,” he wrote. “You then ask their neighbors, and their neighbors’ neighbors, and so on.” Eventually, he said, you find a neighbor -- that is, a peer -- who knows the address of your intended correspondent, and the address is returned only to the user who originated the request.
Goldoor said that the distributed hash table’s protocol has been updated to support encryption, so that this neighbor-asking-neighbor sequence can be handled securely and in private. Distributed hash tables are utilized in BitTorrent’s better known peer-to-peer file-sharing.
In a related post on the main BitTorrent Blog, Director of Communications Christian Averill wrote on Thursday that all current chat apps depend on “centralized, cloud-based servers that store user messages,” which leads to vulnerability by snooping from NSA or hackers.
Averill's post went on to say, "Over the past 6 months, it’s become increasingly clear that we need to devote hackathons, hours and resources to developing a messaging app that protects user privacy. We’ve seen this basic right of communication compromised, over and over again, in 2013. User control has become a casualty of centralization. The thing is, Internet doesn’t need to work this way."
It’s not evident how the company intends to make money on this chat service, or if it does intend to do so. The new distributed hash table has been made available as open source on github. It’s possible that, as with many other freemium services, additional features and services will be offered for a fee, or perhaps the service, free during alpha, will become a fee-based offering. BitTorrent has also not made clear how it intends to rollout or support the new service, and what the performance of such a service might be if there were, say, millions of users.