Tox (protocol)
   HOME

TheInfoList



OR:

Tox is a
peer-to-peer Peer-to-peer (P2P) computing or networking is a distributed application architecture that partitions tasks or workloads between peers. Peers are equally privileged, equipotent participants in the network. They are said to form a peer-to-peer n ...
instant-messaging and video-calling protocol that offers
end-to-end encryption End-to-end encryption (E2EE) is a system of communication where only the communicating users can read the messages. In principle, it prevents potential eavesdroppers – including telecom providers, Internet providers, malicious actors, and even ...
. The stated goal of the project is to provide secure yet easily accessible communication for everyone. A
reference implementation In the software development process, a reference implementation (or, less frequently, sample implementation or model implementation) is a program that implements all requirements from a corresponding specification. The reference implementation o ...
of the protocol is published as
free and open-source software Free and open-source software (FOSS) is a term used to refer to groups of software consisting of both free software and open-source software where anyone is freely licensed to use, copy, study, and change the software in any way, and the source ...
under the terms of the GNU GPL-3.0-or-later.


History

The initial commit to
GitHub GitHub, Inc. () is an Internet hosting service for software development and version control using Git. It provides the distributed version control of Git plus access control, bug tracking, software feature requests, task management, continuous ...
was pushed on June 23, 2013, by a user named irungentoo. Pre-alpha testing binaries were made available for users from February 3, 2014, onward. On July 12, 2014, Tox entered an alpha stage in development and a redesigned download page was created for the occasion.


Features


Encryption of traffic

Users are assigned a public and private key, and they connect to each other directly in a fully
distributed Distribution may refer to: Mathematics *Distribution (mathematics), generalized functions used to formulate solutions of partial differential equations *Probability distribution, the probability of a particular value or value range of a varia ...
, peer-to-peer network. Users have the ability to message friends, join chat rooms with friends or strangers, voice/video chat, and send each other files. All traffic over Tox is end-to-end encrypted using the
NaCl Sodium chloride , commonly known as salt (although sea salt also contains other chemical salts), is an ionic compound with the chemical formula NaCl, representing a 1:1 ratio of sodium and chloride ions. With molar masses of 22.99 and 35.45 g ...
library, which provides
authenticated encryption Authenticated Encryption (AE) and Authenticated Encryption with Associated Data (AEAD) are forms of encryption which simultaneously assure the confidentiality and authenticity of data. Programming interface A typical application programming in ...
and
perfect forward secrecy In cryptography, forward secrecy (FS), also known as perfect forward secrecy (PFS), is a feature of specific key agreement protocols that gives assurances that session keys will not be compromised even if long-term secrets used in the session key ...
.


Additional messaging features

Tox clients aim to provide support for various secure and anonymised communication features; while every client supports
messaging A message is a discrete unit of communication intended by the source for consumption by some recipient or group of recipients. A message may be delivered by various means, including courier, telegraphy, carrier pigeon and electronic bus. ...
, additional features like group messaging, voice and video calling, voice and video conferencing, typing indicators, message read-receipts,
file sharing File sharing is the practice of distributing or providing access to digital media, such as computer programs, multimedia (audio, images and video), documents or electronic books. Common methods of storage, transmission and dispersion include r ...
, profile encryption, and desktop streaming are supported to various degrees by mobile and desktop clients. Additional features can be implemented by any client as long as they are supported by the core protocol. Features that are not related to the core networking system are left up to the client. Client developers are strongly encouraged to adhere to the Tox Client Standard in order to maintain cross-client compatibility and uphold best security practices.


Usability as an instant messenger

Though several apps that use the Tox protocol seem similar in function to regular instant messaging apps, the lack of central servers similar to
XMPP Extensible Messaging and Presence Protocol (XMPP, originally named Jabber) is an open communication protocol designed for instant messaging (IM), presence information, and contact list maintenance. Based on XML (Extensible Markup Language), it ...
or
Matrix Matrix most commonly refers to: * ''The Matrix'' (franchise), an American media franchise ** ''The Matrix'', a 1999 science-fiction action film ** "The Matrix", a fictional setting, a virtual reality environment, within ''The Matrix'' (franchis ...
currently has the consequence that both parties of the chat need to be online for the message to be sent and received. The Tox enabled messengers deal with this in separate ways, some prevent the user from sending the message if the other party has disconnected while others show the message as being sent when in reality it is stored in the sender's phone waiting to be delivered when the receiving party reconnects to the network.


Architecture


Core

The Tox core is a library establishing the protocol and API. User front-ends, or clients, are built on the top of the core. Anyone can create a client utilizing the core. Technical documents describing the design of the Core, written by the core developer irungentoo, are available publicly.


Protocol

The core of Tox is an implementation of the Tox protocol, an example of the application layer of the
OSI model The Open Systems Interconnection model (OSI model) is a conceptual model that 'provides a common basis for the coordination of SOstandards development for the purpose of systems interconnection'. In the OSI reference model, the communications ...
and arguably the presentation layer. Implementations of the Tox protocol not done by the project exist. Tox uses the Opus audio format for audio streaming and the VP8 video compression format for video streaming.


Encryption

Tox uses the cryptographic primitives present in the NaCl crypto library, via libsodium. Specifically, Tox employs
Curve25519 In cryptography, Curve25519 is an elliptic curve used in elliptic-curve cryptography (ECC) offering 128 bits of security (256-bit key size) and designed for use with the elliptic curve Diffie–Hellman (ECDH) key agreement scheme. It is one of th ...
for its key exchanges, xsalsa20 for symmetric encryption, and
Poly1305 Poly1305 is a universal hash family designed by Daniel J. Bernstein for use in cryptography. As with any universal hash family, Poly1305 can be used as a one-time message authentication code to authenticate a single message using a key shared ...
for MACs. Because the tox protocol can be used by many different applications, and because the tox network broadcasts the used client, it is also possible for clients to use additional encryption when sending to clients which support the same features.


Clients

A client is a program that uses the Tox core library to communicate with other users of the Tox protocol. Various clients are available for a wide range of systems; the following list is incomplete. There are also Tox protocol plugins for
Pidgin A pidgin , or pidgin language, is a grammatically simplified means of communication that develops between two or more groups of people that do not have a language in common: typically, its vocabulary and grammar are limited and often drawn from s ...
(no longer maintained, but working as of 2018-03-30) and
Miranda NG Miranda NG is an open-source multiprotocol instant messaging application, designed for Microsoft Windows. Miranda NG is free software distributed under the GNU GPL-2.0-or-later. History In May 2012 Miranda IM was forked to Miranda NG (New G ...
.


Disassociation with Tox Foundation

At July 11, 2015, Tox developers officially announced their disassociation with Tox Foundation, due to "a dispute over the misuse of donated funds" by Tox Foundation head and CEO, according to
LWN.net LWN.net is a computing webzine with an emphasis on free software and software for Linux and other Unix-like operating systems. It consists of a weekly issue, separate stories which are published most days, and threaded discussion attached to ...
. Due to domains being in control of the Tox Foundation, main development of the project was transferred to a new infrastructure, servers, and new domain.


Reception

Tox received some significant publicity in its early conceptual stage, catching the attention of global online tech news sites. On August 15, 2013, Tox was number five on
GitHub GitHub, Inc. () is an Internet hosting service for software development and version control using Git. It provides the distributed version control of Git plus access control, bug tracking, software feature requests, task management, continuous ...
's top trending list. Concerns about
metadata Metadata is "data that provides information about other data", but not the content of the data, such as the text of a message or the image itself. There are many distinct types of metadata, including: * Descriptive metadata – the descriptive ...
leaks were raised, and developers responded by implementing
Onion routing Onion routing is a technique for anonymous communication over a computer network. In an onion network, messages are encapsulated in layers of encryption, analogous to layers of an onion. The encrypted data is transmitted through a series of net ...
for the friend-finding process. Tox was accepted into the
Google Summer of Code The Google Summer of Code, often abbreviated to GSoC, is an international annual program in which Google awards stipends to contributors who successfully complete a free and open-source software coding project during the summer. , the program is ...
as a Mentoring Organization in 2014 and 2015.


See also

*
Comparison of instant messaging clients The landscape for instant messaging involves cross-platform instant messaging clients that can handle one or multiple protocols. Clients that use the same protocol can typically federate and talk to one another. The following table compares gener ...
*
Comparison of instant messaging protocols The following is a comparison of instant messaging protocols. It contains basic general information about the protocols. Table of instant messaging protocols See also * Comparison of cross-platform instant messaging clients *Comparison of Int ...
*
Comparison of VoIP software This is a comparison of voice over IP (VoIP) software used to conduct telephone-like voice conversations across Internet Protocol (IP) based networks. For residential markets, voice over IP phone service is often cheaper than traditional public swi ...
*
List of free and open-source software packages This is a list of free and open-source software packages, computer software licensed under free software licenses and open-source licenses. Software that fits the Free Software Definition may be more appropriately called free software; the GNU p ...


References


External links

* {{telecommunications 2013 software Android (operating system) software Communication software Cross-platform software Distributed computing Free communication software Free instant messaging clients Free software programmed in C Instant messaging clients Instant messaging clients for Linux Instant messaging clients that use GTK IOS software MacOS instant messaging clients Onion routing Peer-to-peer Secure communication Videotelephony VoIP protocols VoIP software Windows instant messaging clients