Ring Secure, Distributed Messaging, a Better Alternative to a Phone Number

Many of the difficulties incurred by people who want to stop using mobile phones, or even just mobile voice and text plans, are related to the difficulty of contacting people who do use mobile phones with voice and text plans as their primary form of communication. With the age of smartphones, however, it has become possible for people to create apps which supplement the functionality of the device, including adding things like instant messaging over the internet or, in the case of the Ring messaging system, a distributed network providing functionality that is like telephony but which doesn't require a central authority to assign unique names and numbers. There are in fact many messaging systems which can be used in much the same way as Ring, and many of them will be included here, Ring is just the first one I'm writing about.

What are the Key Differences between Ring and SMS messages?

Ring is designed to be similar to use to other messaging systems, but under the hood, it's pretty different. One thing you'll quickly notice is that Ring uses identifiers that are long and complicated compared to phone numbers. This is because in order to guarantee that all the identifiers are unique, all the identifiers have to have a sufficient amount of randomness. This is achieved using cryptographic techniques, and it helps Ring achieve the following three properties.

Ring is "Distributed"

Ring does not use a central server to help you find your contacts, instead it uses a Distributed Hash Table known as OpenDHT. This means that once you have joined the Ring network, you can always find contacts by using their Ring ID and you can't be denied service by denying you access to Ring's services. The job of being the service is in some senses shared by every "Peer" in the Ring.

As an aside, Peer-to-Peer technology and philosophy has gotten a COMPLETELY UNDESERVED bad rep due to it's frequent association with the file sharing community. Fuck that. You are a PEER. You deserve to be treated like a PEER. Subordinating you to a corporation that wants to tell you how to communicate is downright sick. Use Peer-to-Peer technology wherever possible, just respect people's privacy and property.

Ring is "Authenticated"

Ring users, once they have shared their contact information and confirmed their identities initially, can guarantee that the subsequent conversations with the same ring ID are being carried on with someone who has the private key corresponding to that ID. Anything else, and messaging just won't work and therefore, Ring guarantees to the maximum known extent that you will be talking to the person that you think you are talking to.

Similarly, if you are using a device which doesn't have your Ring keys, you'll be identified as a different user since your identity is verified cryptographically. Lose your Ring keys, you'll be unable to re-create them. This is a good thing, otherwise, someone could forge them and impersonate you.

Ring is "Encrypted"

Ring also encrypts connections between peers, after authenticating them, using new keys for each connection. This gives it Forward Secrecy, which means that even if your equipment is confiscated, they cannot retrieve keys from your device which can be used to decrypt enciphered data that had been intercepted by some other channel.

When Ring is Installed

Once you have Ring started up for the first time, you'll be asked to create an account. This isn't really an account like you're used to, though, remember Ring doesn't have a server. Instead, creating an account generates an identity for you on the DHT, and involves generating cryptographic keys and certificates, then downloading the data necessary to connect with the DHT, so on very old hardware, it can sometimes take up to about 2 minutes. Usually much less though.

Once you've done that, you're ready to add contacts and make calls. Get a friend to sign up and add their Ring ID, and make a call. It just works. That is what Peer-to-Peer technology presents to you, simple, direct connections to people who's identities are cryptographically authentic, with no dependencies on external services.

Phone Free Information Center

Tox Secure, Distributed Messaging, a(another) Better Alternative to a Phone Number

Another distributed messaging application, much like Ring, is the Tox messaging system, which consists of an open-source common library called toxcore and a group of Tox clients which you can use to chat with authentication and with guarantees of strong encryption algorithms. Eventually, toxcore may see itself used as a way of communicating for applications other than simple instant messaging clients, so the focus when developing the library is to make it as difficult for a developer to make a mistake in implementation as possible. To that end, it uses the NaCl/LibSodium crypto libraries to implement only peer-reviewed, highly regarded algorithms, and implements basic functionality of the clients with callbacks, leaving clients to implement the logic of displaying conversations. Toxcore is reasonably easy to use to implement a chat client well.

Besides the enthusiasm I feel for the Tox project and the toxcore library, it's actually very similar to Ring in it's basic functionality. It is also distributed, authenticated, and encrypted, but besides it's more focused goals it has a few differences with Ring. These are kind of technical, if you're not interested, just go above and download the Antox client for your Android phone.

Dissociated DHT Discovery

When you join the Tox distributed hash table(DHT) you do so initially with a cryptographic ID which is NOT associated with the Tox ID displayed by your program. This DHT ID is used to discover your friends, who are the only ones who get your real ID. This is because if you had to connect with your long-term ID, a person who was able to observe the whole DHT could tell when your Tox ID comes online because the same long-term ID would be found. This allows you to expose your online status and your real IP address only to your friends and removes many potential concerns about the potential mass observervation of metadata over the Tox DHT.

Group Bots

Tox also has a few programs known as group bots. What they do is they run and let people connect to them, either in a totally open way or by allowing people to send invitations to other Tox ID's. For now, this is what makes group chats possible and it makes it possible to host a group chat which is completely dissociated from your regular Tox client.

Ratox!

Ratox is goddamn exciting. I can't believe it was defunct for so long. What Ratox is is a Tox client which enables you to interact with Tox through a unix like filesystem. This means that you can script your interaction with this Tox client to use as a message drop box, or an answering machine, or any other possible application you could imagine. It's also absolutely tiny and very efficient, making it ideal for something like a Raspberry Pi which could be connected to a battery to maximize the uptime of your Ratox instance.

Language Bindings

Lastly, Tox has bindings to libtoxcore available in pretty much any language anyone programs in, including Java, Go, Python, Vala, Ruby, Haskell, Objective-C, and whatever the crap else. There are tools to make it easy to use in some of those languages, some of them have multiple bindings depending on how deeply you want to interact with the core library. These bindings all link to the Tox core libraries written in C for now, so everyone benefits from the updates to the core as well.

Once Tox is installed

Now that you've got a Tox client, it's time to start exchanging ID's with people you know in person. Encourage your friends and family to use Tox, add their ID's and you'll be able to chat with them as long as you both have connectivit, regardless of whether you are both on the same LAN, using wi-fi to connect to the internet, or one or both of you have a data plan. Peer-to-Peer technology is cool because it means that everyone using it is a first-class user no matter where their connection originates, that's part of the beauty of it. With no dependencies on external services, you can use Tox to chat directly to your peers.

Phone Free Information Center

Ostel Secure, Distributed Messaging, a(another) Better Alternative to a Phone Number

Coming Soon!