RetroShare - a tool for private communication and data exchange

Published on March 11, 2016

RetroShare - a tool for private communication and data exchange

    After a year in beta and release candidate status, the final release of Retroshare version 0.6.0 took place.

    The program has been developing for the past 10 years. The previous version 0.5.5 was released in the fall of 2013 and gained considerable popularity among cryptography specialists, decentralized network enthusiasts and ordinary Internet users, for whom file sharing and communication security is not an empty phrase. However, it should be noted that on one of the most popular Runet resources there is not a single material about the RetroShare cryptoplatform, a couple of references to it were found only in the comments. The following text can be considered a modest attempt to correct this omission.

    So Retroshare- A cryptographically secure decentralized platform for anonymous communication and file sharing. The system allows you to organize separate serverless Friend-to-Friend networks or one global network (which in fact exists today) with a certain circle of people - for example, your friends, family, colleagues, or just strangers. Connections are established directly only with those participants to whom you have given permission. This is an important feature that moves such networks into a special class of decentralized networks in which unauthorized connections to your computer are prohibited without your good will. Networks of this type are called “Private p2p”, “Darknet” or simply “Dark network”.

    Dark networks like RetroShare, among other things, have two important characteristic features:

    1) it is difficult to monitor the file-sharing and communication activities of the user by forces from outside, that is, from the side of a potential adversary that is not connected to the network;
    2) outside the so-called "near" environment of the RetroShare network (and the like - FreeNet, GNUnet) it is not possible to reliably determine even the fact of a user connecting to such a network.

    The first sign essentially distinguishes dark (private) anonymous networks from public anonymous networks, where statistics, for example, by the IP addresses of participating nodes are collected by simple direct observation of connecting to a network or without it. The second sign is a direct consequence of the fact that connection to an arbitrary network node is impossible without confirmation of such an operation by the counterparty.

    It should be noted that even within the so-called “trusted” environment, it is possible to communicate and exchange data through a system of anonymous personalities whose identifier is not tied to a user's personal certificate. The number of created anonymous personalities is not limited; the user is free to arbitrarily create and delete his personalities as necessary and / or external factors.

    All connections are securely encrypted with SSL, the authenticity of the participants is verified by PGP keys. The system is not subject to censorship and any outside control or supervision due to its distributed structure, and is resistant to blockages and other manifestations of other people's hostile interests.



    Provided features:

    - Instant messaging and mail
    - Public and private chats
    - VoIP - Voice and video communications
    - File sharing
    - Forums
    - Channels

    Despite the consequence of the p2p nature, as well as the specifics of the network, linked primarily to anonymization of the user - file sharing speed approaching the maximum bandwidth of your channel.

    Message exchangepossible on behalf of anonymous individuals, and directly between network nodes. In the first case, offline delivery is available, message storage is used on the nodes of mutual friends. Voice and video communication is available only for communication between nodes from a trusted environment. That is - with those nodes with which the exchange of certificates was previously carried out.

    The system of anonymous identifiers (personalities) also provides the opportunity to communicate with people outside the circle of your friends, messages are transmitted along a chain of nodes connected in series. Thus, it is possible to communicate with any participant in the network, including with the one with which the connection is not established.

    Forumsare fully distributed, and distributed on a subscription basis. The forum you are interested in is mirrored on your site and becomes available to your entire environment. Any of your environment has the opportunity to subscribe to the forum of interest to him and, thus, the valuable content “spreads” far across the network, and the distribution of litter is difficult or blocked at all. Forums are available offline for reading and posting; synchronization with other participants is, of course, done only when communicating with them.

    Version 0.6 introduces an anti-vandal system based on an extremely simple but effective reputation system. Individuals can be put a negative mark and then all their messages will be ignored. These ratings are distributed between friends and allow you to quickly ban hooligans. The system, if necessary, is disconnectable.

    File sharing is more like emule and direct connect than bittorrent. We can say that the best properties were taken from all these systems. Files are identified individually by SHA hash and, therefore, remain accessible regardless of renaming and / or moving within the public folder. File links represent a simple text block with a name and hash, similar to ed2k and magnet.

    No interim measures like .torrent files are required. But if you wish, you can organize a group of files in a compact form, for which support for collection files containing a set of links in text form is implemented.

    Files are shared in whole folders. Different folders can be given different access rights, for this there is a unique opportunity for decentralized networks to join friends into groups.

    Folders can be shared both in explicit mode - friends can view content, or anonymously - view is not available. Moreover, the files are available for download if the user has discovered their presence on the network through a powerful search service.

    Search is possible not only on the nodes of friends, but also on the entire available network, thanks to the data tunneling mechanism. There are many parameters for concretizing the search, for example, by extension, hash, etc. Downloading is carried out in several streams from all available “directions”.

    Connections are established over TCP / UDP IPv4, in the development of IPv6 transport. It is possible to work through anonymizing tor / i2p networks. To facilitate communication in the case of dynamic addresses, uPnP, DynDNS, DHT and a system for exchanging contact data between common friends are used. If necessary, everything is disabled.

    The traditional question: why do we need another cryptosystem?

    The thing is that Retroshare is perhaps the first platform that provides reliable and secure cryptography in a relatively easy to use form. And it's not just a thing in itself, cryptography for the sake of cryptography. It provides many effective and useful services right away.

    It is enough for two people to exchange public keys once (in any convenient way) - and after establishing a connection, all possibilities will be available.

    No Terms, asterisks and small print. All this is available for free, without registration and SMS. Open source The owner is you.

    As part of the objectivity of the subject: in a barrel of honey ... of course, there are problems, flaws and shortcomings. For example:

    - VOiP is not yet debugged, the quality is lame and not comparable with skype and analogues.
    - Some functions that have become familiar in other systems, such as streaming - playback during the loading of a media file
    - are missing - The interface seems to be overloaded with a considerable number of users - a consequence of the abundance of functions.

    Of course, work is underway on all this. However, as in any other project, which is based on serious cryptography, developers first of all solve the problems of improving the platform core, which means security problems.

    You should also consider the features of distributed and cryptographic systems:

    - There is no way to delete sent messages and posts.
    - There is no way to recover a forgotten password. You can’t change it either.
    - If you lose a key or crash a disk with a profile, there is no way to recover data.
    - In order to prevent the endless growth of occupied volumes, there are restrictions on the storage time of messages. Forums - 1 year, channels - 4 months. In fairness, these parameters can be revised in the future if the free RetroShare community makes such a decision.

    An open source client, written in Qt / C ++, there are assemblies for all common desktop OSes, there is experience of successful launch on Android. There is support for plugins to expand the functionality.

    It is possible to work in no-gui mode, in the presence of a web-interface.

    In the near future, the development of a system of so-called circles to delimit access to resources by groups of friends. In the development of distributed wiki-sites in the plans of the Wall (similar to facebook), and a host of other utilities, a complete list of which is available here . Despite the small number of developers, active work is underway to improve the program.

    Links:

    Official site: retroshare.sf.net Developer
    blog: retroshareteam.wordpress.com
    Source code: github.com/RetroShare
    Russian-language resource: adorabilis.wordpress.com Connection
    instructions: ru.retroshare.net
    Servers for accessing public chat:retroshare.rocks
    See also: Six Handshake Theory