RetroShare is a platform for decentralized exchange of emails, instant messages and files using encrypted F2F1 * / P2P-ceTH, built on the basis of GNU Privacy Guard algorithms and the Perfect Forward Secrecy Protocol.
Principle of operation
The RetroShare topology assumes that connections and data exchange only with trusted network participants and excludes both external contacts and direct contact with other non-trusted participants. IP addresses of participants
RetroShare networks are inaccessible to each other, except for a limited circle of trusted members - the so-called friends. All connections with peers who are not friends are made through one or more independent chains of anonymous tunnels, built between network nodes in mutual trust. Mutual trust between the participants is established based on the exchange of certificates containing the public key. This network topology, together with strong encryption, ensures decentralization and anonymization of data exchange between participants.
When establishing a connection, the user selects an existing one or generates a new pair of GPG keys. After their authenticity is verified and asymmetric keys are exchanged, the connection is established using the SSH protocol, and the OpenSSL protocol is used to encrypt the transmitted messages. Friends of friends by default cannot connect, but can see each other if users have allowed them to do so.
Selected or all friends can share access to the folders of your computer to download content. At the same time, access is configured separately for each folder. You can also enable anonymous access to files in the folder - in this case, the files can be found only through a search, and the downloader will not know from which computer the file is being downloaded. File transfer occurs segment by segment through several transit participants. In general, data is transferred only between friends, but the path from the sender to the final recipient of a particular segment can go through several friends.
* Friend -2- Friend is a type of peer-to-peer network in which members only connect with trusted users. Digital signatures or passwords can be used for authentication.
Chatting in RetroShare
All incoming / outgoing messages in RetroShare are encrypted, and unauthorized access to them is extremely difficult. Several types of chats are used for communication:
- if certificates are exchanged with a network participant and a direct connection is established, a direct private chat is possible with him;
- Broadcast chat with all connected friends provides easy access to broadcast messages. Messages sent to the network are broadcast, that is, they will be received by all connected friends, but friends of friends or other RetroShare users will not be able to see and read them;
- a remote private chat with one of the network users is also available, which allows you to privately contact a person from the inner circle who is not currently trusted.
- public chat rooms are the simplest and most widely used method of communication on the RetroShare network, providing anonymity, dynamism, speed of connection and does not require significant knowledge of the topology and features of the platform. To enter public chats, it is enough to exchange a certificate with the robot by selecting one of the sites at retroshare.rocks.
Public chats are not moderated or censored. This means that there is no administration in any form, as well as the possibility of imposing a ban on access to the chat room - the so-called ban. To protect against spam, it is possible at the client level to set the so-called silent mode for offenders - as a result, the client will ignore messages from one or more chat users who send spam. To establish true anonymity in public chat rooms, it is desirable that the chat nickname differs from the nickname specified in the user's GPG certificate. In this case, the ill-wisher will be unable to match the pseudonym used in the chat with the certificate of a particular user;
- private chat rooms are similar in concept to public chats, except that only those users who have received an invitation from one valid participant in this chat can enter a private chat room, and the names of private chat rooms are invisible to anyone, except for their participants. Private chats are useful when discussing any important topics with a strictly limited circle of people.
In addition to chats, the RetroShare mail service is also used for communication - the most powerful and valuable service of the platform, the functionality of which is similar to the well-known e-mail services in open networks. However, there are also significant differences:
- there is no server - all outgoing and incoming mail is stored only on the local computers of the exchange participants and only in encrypted form;
- intermediate storage servers are not used if the recipient of the message is not on the network - the message will be delivered when the recipient is connected to the network;
- pseudonymous service - The source IP address is unknown to the recipient, only the identifier and alias are displayed, and the data is transferred via anonymous tunnels. This means that for the foreseeable future it is impossible for a third party not only to disclose the content of the transmitted information, but also to associate the source of the letter with its recipient;
- spam is excluded, since sending mail messages is possible only to friends or close circle of friends;
- there are no restrictions on the size of investments.
Implemented on the RetroShare network and a forum system allowing both anonymous and authorized posts. You can also use it to exchange messages with friends.
Sharing files with RetroShare
RetroShare uses an ad channel system that allows each subscriber to automatically download files hosted on a specific channel. The implementation, essence, goals and objectives of RetroShare channels are similar to torrent trackers, but the key difference is that a RetroShare member is the owner of his own channel, and by default only the channel creator is allowed to publish in it. In this case, the creator of the channel can transfer the rights to publish content to an unlimited number of trusted participants. Publications on ad channels are always anonymous - the program does not provide information about the nickname of the user who owns the channel. Channels can be both public and private.
In the case of publishing content containing a large number of files, RetroShare allows you to create so-called collections - XML files containing the folder structure, file names and their hash data. With their help, when downloading a collection, the user can select all or only certain files.
Later we will release a detailed tutorial on installing and configuring RetroShare.
