[p2p-hackers] Ideas for an opensource Skype lookalike (fwd from
At 12:45 PM 3/13/04 +0100, Eugen Leitl FORWARDED: - Forwarded message from Enzo Michelangeli [EMAIL PROTECTED] - Skype claims to use RSA-based key exchange, which is good for multi-party conferencing but does not preserve forward secrecy. Maybe some variant of ephemeral D-H authenticated by RSA signatures, with transparent renegotiation every time someone joins the conference, could do the job better. RSA (ie persistant keys) may be an option but MUST NOT be required, for secrecy reasons as mentioned. (At worst RSA keys can be used once, then discarded. Lots of primes out there :-) Also, this is *voice*, ie biometric auth, so public-key-web-o-trust verislime scam is unnecessary at best. (Although for ringing up a business it might be a useful redundancy in case you misdial, and if there are introducers more trusted and perhaps liable than verislime) But the thing I particularly would like to discuss here is if, and how, to leverage on existing P2P networks. Get Real Networks or AOL or M$ to bundle a free, open secphone with their regular products. In AOL case you can exploit their buddy (aka traffic analysis) system for your directory services. I bet its suggested monthly. And shot down by managers who have been shown photos of their personal indiscretions taken by spooks. One could always implement a brand new network, using Distributed Hash Table algorithms such as Chord or Kademlia, We don't give a flying fuck as to which shiny new algorithm you use, although were we a graph theory wonk, we might care. but it would be much easier to rely from the very beginning upon a large number of nodes (at least for directory and presence functionality, if not for the reflectors which require specific UDP code). What the NAT world (yawn) needs is free registry services exploitable by any protocol. Those NAT-users with RSA-clue can sign their registry entry. That would somehow repeat the approach initially adopted by Vocaltec when, in 1995, they launched their Iphone making use of IRC servers to publish dynamic IP addresses. Incidentally, the IRC users community didn't particularly appreciate ;-), triggering the Great Iphone War, which quickly led Vocaltec to set up its own dedicated IRC servers. Net was a smaller place in 95. A '95 machine didn't have MIPS to burn. Not so many broadband nodes. Bush was just an airhead redneck governor, not a rabid Caesar.
Re: [p2p-hackers] Ideas for an opensource Skype lookalike (fwd from em@em.no-ip.com)
On Sat, 13 Mar 2004, Eugen Leitl wrote: - Forwarded message from Enzo Michelangeli [EMAIL PROTECTED] - - Directories for location and presence. Nothing fancy here, already done before for P2P chat systems. I think I suggested it already somewhere. Use Jabber. Use Jabber ID instead of the phone number. This, if properly standardized, may open a way for small-scale third-party services, PSTN-to-VOIP gateways. Pay a small sum, get a phone number mapped to your Jabber ID, eg. in the scheme [+country-prefix][local-number-with-PABX][extension], where [extension] is mapped to the VoIP ID. That way, one person with one (or more) Jabber ID could be reachable on multiple phone numbers in multiple countries, local call in each of them. Maybe could be done as an extension for Jabber protocol, or maybe as in-band (so if you won't have a compatible Jabber client, you'd get the connection request in plaintext on your screen, kind of like what you'd get with nc -l -p 80 instead of running a webserver); this would have the advantage of being able to run as a proxy between a client of your choice and the Jabber server. snip What Speakfreely sorely lacks is a sensible session initiation protocol, and access to non-NATted reflectors to help NATted peers to find each other and exchange UDP traffic. That's where a P2P network (especially one supporting the concept of non-NATted ultrapeers) can save the day. I thought about a Jabber proxy that could launch SpeakFreely with specified parameters if being asked to. Do the connection negotiations over Jabber: request connection, be offered the capabilities (protocol to use, codecs, encryption algorithms...), pick your choices, then the proxies on both sides launch SpeakFreely (or other program of your choice) with the required parameters (eg, direct connection, if to use a reflector (and what one) when both are behind NAT, who initiates the connection when only one is behind NAT, ...). Other possibility is to not act as a proxy at all, but be just another Jabber resource (as I think you can be connected from multiple places at once with the same JID but different resource, but I don't really know enough about it to be sure it's viable and how well it will play with the clients already in the wild), and run as a separate client.