Inside BitTorrent’s approach to building serverless messaging apps.
First, a few words on Chat’s origins. Here at BitTorrent, we value privacy. With the news this year reminding us all of the susceptibility of the communications platforms we rely on to snooping, we found ourselves wanting something new, something secure, something private. We ultimately realized that we were uniquely qualified to build this platform.
The primary weakness that we see in the available communications platforms is that they all rely on some central server to route and store all of your communication. Even if your provider can deliver industry-standard security, they cannot provide you with any kind of assurance that your communication is private. All it takes is the right (or wrong) person gaining access to your provider’s central servers, and your privacy evaporates.
Enter BitTorrent Chat. We’re building a product that allows you to talk to your friends using peer-to-peer. No central authority required.
Solving for serverless chat
But how would this work? If you don’t have a central authority, where do you login? Where is your username and password stored? How do you route connections between users? These are the engineering issues that we’re tackling with Chat.
Using public key encryption to protect user privacy
With BitTorrent Chat, there aren’t any “usernames” per se. You don’t login in the classic sense. Instead, your identity is a cryptographic key pair. To everyone on the BitTorrent Chat network at large, you ARE your public key. This means that, if you want, you can use Chat without telling anyone who you are. Two users only need to exchange each other’s public keys to be able to chat.
Using public key encryption provides us with a number of benefits. The most obvious is the ability to encrypt messages to your sender using your private key and their public key. But in public key encryption, if someone gains access to your private key, all of your past (and future) messages could be decrypted and read. In Chat, we are implementing forward secrecy. Every time you begin a conversation with one of your contacts, a temporary encryption key will be generated. Using each of your keypairs, this key will be generated for this one conversation and that conversation only, and then deleted forever.
Building an encrypted DHT
Underlying BitTorrent Chat is the method we use to translate a public key to an IP address. Just like our flagship products BitTorrent and µTorrent, Chat uses a distributed hash table to find IP addresses. The DHT removes the need for a central server to route messages. (Curious about DHT? A short reading list, below.)
In essence, the DHT is a web of peers cooperating. You ask your closest neighbor if they know of the person you are looking for. You then ask their neighbors, and their neighbors’ neighbors, and so on. Eventually, you’ll get to a peer (neighbor) who knows the address of the person you’re looking for. They return this address to you. This is done in such a way that only you know who you are looking for. (The person you are looking up would also know.)
If you understand the fundamentals of the DHT, you might be wondering, “How is a DHT more secure? Aren’t you giving your IP address out to the entire DHT? That’s LESS secure than a central server!” With Chat, we are expanding on what we can use the DHT for. We have updated our DHT protocol to support encryption. The new DHT protocol enables users to find each other securely and privately.
We could go on forever about the engineering behind Chat. But that’s all for now. Sign up for the Private Alpha for more details and the latest news. We can’t wait for you to try out Chat!
Read more about DHT technology:
BitTorrent Tech Talk on the DHT
Wikipedia article on BitTorrent’s version of the DHT
Wikipedia article on DHT technology in general