BitTorrent Tests Snoop-Free Chat Service

Can a chat service that doesnEUt use central servers be more secure than one that does? BitTorrent is saying yes, and is now privately alpha testing such a service.

A private alpha of the peer-to-peer serverless service was announced in September, but software engineer Abraham Goldoor offered more details on Thursday on the BitTorrent Engineering Blog. He said that, given a stream of reports about the massive collection of phone records and other telecommunications by the U.S. National Security Agency (NSA), the company wanted to provide a more secure chat service.

BitTorrent is currently accepting signups on its site for participating in the alpha test.

Cryptographic Key Pair

The engineering issues for a serverless chat with EUno central authorityEU have included how logins would be handled, where usernames and passwords would be stored, and how connections would be routed between users.

To solve these issues, BitTorrent Chat doesnEUt offer normal logins. Instead, a userEUs identity is established through a cryptographic key pair. This technique allows for anonymous chatting, since the the public key and the userEUs private key are the identity. To prevent anyone who acquires the private key from gaining access to all past or future messages, the service also utilizes a temporary encryption key that is generated only for that conversation.

A distributed hash table is employed to correspond a public key to an IP address, which removes the need for a central server for message routing.

Goldoor said that this EUweb of peersEU is like serial communications between neighbors. EUYou ask your closest neighbor if they know of the person you are looking for,EU he wrote. EUYou then ask their neighbors, and their neighborsEU neighbors, and so on.EU Eventually, he said, you find a neighbor -- that is, a peer -- who knows the address of your intended correspondent, and the address...

Comments are closed.

BitTorrent Tests Snoop-Free Chat Service

Can a chat service that doesnEUt use central servers be more secure than one that does? BitTorrent is saying yes, and is now privately alpha testing such a service.

A private alpha of the peer-to-peer serverless service was announced in September, but software engineer Abraham Goldoor offered more details on Thursday on the BitTorrent Engineering Blog. He said that, given a stream of reports about the massive collection of phone records and other telecommunications by the U.S. National Security Agency (NSA), the company wanted to provide a more secure chat service.

BitTorrent is currently accepting signups on its site for participating in the alpha test.

Cryptographic Key Pair

The engineering issues for a serverless chat with EUno central authorityEU have included how logins would be handled, where usernames and passwords would be stored, and how connections would be routed between users.

To solve these issues, BitTorrent Chat doesnEUt offer normal logins. Instead, a userEUs identity is established through a cryptographic key pair. This technique allows for anonymous chatting, since the the public key and the userEUs private key are the identity. To prevent anyone who acquires the private key from gaining access to all past or future messages, the service also utilizes a temporary encryption key that is generated only for that conversation.

A distributed hash table is employed to correspond a public key to an IP address, which removes the need for a central server for message routing.

Goldoor said that this EUweb of peersEU is like serial communications between neighbors. EUYou ask your closest neighbor if they know of the person you are looking for,EU he wrote. EUYou then ask their neighbors, and their neighborsEU neighbors, and so on.EU Eventually, he said, you find a neighbor -- that is, a peer -- who knows the address of your intended correspondent, and the address...

Comments are closed.