Sunday, May 10, 2015

Technitium Bit Chat Released!

I am happy to announce the release of Technitium Bit Chat which is currently available for both Windows and Linux platforms. Version 2.1 (alpha) can be downloaded from here. You will need Mono Framework to run it on Linux.

Technitium Bit Chat
Technitium Bit Chat

Introduction

Technitium Bit Chat is a secure, peer-to-peer (p2p), open source instant messenger designed to provide end-to-end encryption. Primary aim of developing this instant messenger is to provide privacy which is achieved using strong cryptography. It can be used over Internet and private LAN networks for instant messaging and file transfer.

The architecture is designed keeping in mind the security principle that everybody is secure or no one is. There is no meta data generated when you use Bit Chat. The only thing that we know, is the email address of the user who registered for a digital certificate. The digital certificate tells that the email address was verified, which is similar, in concept, to any domain validated SSL certificate issued to a website.

Development is still in progress and new features will be made available as an when they are coded. The software has automatic update feature which will keep you updated with latest version available.

Read Frequently Asked Questions (FAQ)

Features

  • Provides end-to-end encryption using peer-to-peer technology, designed for privacy, delivered using strong cryptography.
  • Many-to-many group chat using peer-to-peer technology, so no servers involved in message delivery!
  • Can be used as a LAN chat instant messenger in your private LAN network the same way you can use it on the Internet.
  • Allows file transfer which works similar to torrents. File is split in parts and each peer participating the file sharing distributes different parts to each other. This leads to better network bandwidth utilization.
  • Each user has to perform a one-time profile registration. A profile digital certificate is issued to each user after email address verification. So, you can make sure that the person on the other side is really your friend by checking the profile email address.
  • Profile digital certificate is signed using RSA 4096bit key and SHA-256 hash algorithm.
  • Profile data is stored securely on your computer by encrypting with a profile password. So all your settings are encrypted using AES-256 encryption.
  • The peer-to-peer connection is completely encrypted using AES-256.
  • Automatic port forwarding using UPnP implemented for your home router/access point.
  • Automatic software update to keep you updated with the latest version.

The Concept

Since the software architecture is peer-to-peer, the usual concept of having a 'username' and 'password' for authentication and identification doesn't work here. There is no 'log in' or 'log out' here in that sense, due to the fact that there are no centralized servers involved to do the logging! Nobody knows if you left the chat group or you just went offline, unless of course, you tell them that yourself!

To understand this better, just imagine meeting with one or more friends at a place. You call up the people willing to meet and tell them a location and time. Everyone gets to the decided location, have fun and leave.

Bit Chat is exactly the same thing just over Internet. You email or message your friends and ask them to come on Bit Chat and give a chat group name. Everyone starts their client and join a chat with the decided name. The software does its peer-to-peer connectivity and everyone is connected to each other. Then you chat, transfer files, go offline and come back again to same chat group later or leave the chat group.

To make sure the identity of the peer in your group, you can check the email address of the peer. Each peer has to register for a profile certificate which is basically a digital certificate issued after email address verification. So, the email address in the profile certificate helps you make sure that you are chatting with the right person.

A chat group name is converted into an identifier which each peer in group tries to connect to using Bit-torrent trackers. Thus anyone who enters a chat group will get connected to other peers with the same chat group name. To avoid connecting to unintended people on the Internet, you can set an optional password or a shared secret to the chat group. The password will be used to generate the identifier for the chat group and only the people who enter a correct group name and password combination will be able to connect to each other. So, if you suddenly see some unknown people joining your group, don't panic, just leave current chat group and create another group with a different password.

The messenger connects each peer in a chat group in a mesh network topology, that is, a peer is connected to all other peers in that chat group to form a network. To find a peer on the Internet, Bit-torrent trackers are used and to find peers on local network, local peer discovery via UDP broadcast is used. If you are behind a router, you can enable UPnP feature in the router or access point and Bit Chat will do automatic port forwarding for you.

The network strength icon against each person's name indicates the current status of connectivity of that person. If the icon is green, it means, the peer is connected to all other peers in the group. An orange icon will indicate that the peer is not connected to someone in the group. You can click on any of the peers and check to whom they are connected to and to whom they are not.

It is important to note that, for Bit Chat to work successfully, at least one person in your chat group must be able to accept incoming TCP connection. If UPnP feature is available in your router/access point, automatic port forwarding will be performed. Otherwise, you will need to manually configure port forwarding. Bit Chat is designed to allow virtual connections to be made via another peer thus, just one peer able to accept incoming connection will make the entire chat group to work well.

In Windows, automatic firewall configuration feature will add entries for the application to accept incoming connections. For Linux, if there is any firewall configured, you will need to perform manual configuration to allow the software to accept incoming connections.

Features Planned

There are many features that are thought about to be implemented in Bit Chat however, following list gives some of the important features that are planned. There are no timelines for the implementation but they will be made available as soon as the implementation is completed.

  • NAT-PMP port mapping support.
  • Distributed Hash Tracking (DHT) support to rely less on torrent trackers.
  • One-to-one voice chat.
  • Emoticons support.
  • Alternate display name and profile picture support.
  • Store chat messages in the encrypted profile file.
  • Android mobile app with all the features.

Open Source

Technitium Bit Chat source code is available under GNU General Public Licence v3 on GitHub. The software code is made open source to increase confidence in the security that we intend to provide.

Alpha Version

Technitium Bit Chat current release is in alpha version. This means the software is not fully complete and will undergo major changes in its protocol or user interface design. There may be noticeable bugs which will be addressed with an automatic update. You are welcome to report any issues by sending an email to support@technitium.com.

Further, you may like to read the original concept in this old blog post.

2 comments:

  1. I am gawking @it, in (utter) amazement... Going to set it up IMMEDIATELY! :D

    ReplyDelete
  2. Wouldn't -even- know how to (begin!) to thank you!.. Hope this will have a LONG and prosperous life, going to test it right now (!) with friends, over https://respiratio.net/ and on freenode #respiratio

    ReplyDelete