Net Privacy Pro

When it comes to private instant messengers, there is a vast array of options available to choose from. You can message from your desktop computer, your mobile phone, game console, you can even do it from your home assistant via voice commands. Most of the instant messaging platforms offering their service have centralized servers process your messages. This can be great for service availability (they have to maintain only a limited number of nodes and have full control over them). For privacy and security though, this can be intimidating at times. Decentralization of services is infamous for projects like BitTorrent or Tor. In this article, I will introduce you to decentralized and anonymous messaging with Tox.

The Tox messenger logo

Many instant messengers claim to prioritize your privacy. Many claim end to end encryption as one of their major perks, but store and potentially analyze your messaging metadata (as for example WhatsApp or Telegram). Others are more privacy focused and make their source code openly available for everyone to look (like Signal). And then there are super private ones that claim to not even store this metadata (as for TeleGuard). In all cases, you’re left at the service provider’s mercy when it comes to promises on where your data really goes on the servers. Let’s dive into Tox, a peer-to-peer, decentralized messenger with open source software that has a hyper strong focus on privacy, encryption, and online anonymity.

Introduction to the Tox Messenger

The Tox project began in 2013 as a response to concerns over privacy and security in the wake of revelations about widespread government surveillance.

Historical Breakdown

2013: The Tox project was initiated by a user known as “irungentoo” on 4chan’s /g/ board. The initial goal was to create a secure messaging platform free from the control of any central authority.

2014: Tox protocol development gained traction, and a group of volunteer developers started working on the core libraries and clients. The project saw the release of several early versions of the protocol and its reference implementation, µTox.

2015: The Tox Foundation was established to oversee the development and maintenance of the protocol and associated projects.

2016-2017: Multiple Tox clients were developed for different platforms, including qTox, Toxic, Antox (for Android), and Antidote (for iOS). The protocol and its implementations matured, with increased stability and security features.

2018: Tox received significant media attention, raising its profile as a viable secure communication tool.

2019: Continuous improvements and updates to the protocol and clients to enhance user experience and security.

2020-Present: Ongoing development, with a focus on stability, performance improvements, and expanding the feature set, including video and voice calls.

Different Implementations, Same Protocol

Tox is built on a fully decentralized, peer-to-peer network. It does not rely on any central servers. Here’s a high-level overview of how the network operates. It states the individual steps a client takes when sending information to any other participant on the network. These steps are required to enable decentralized and anonymous messaging with Tox.

  1. Peer Discovery: Tox uses a distributed hash table (DHT) for peer discovery. Each user is identified by a unique Tox ID, which is derived from their public key.
  2. Establishing Connections: When a user wants to communicate with another user, their client first searches for the peer’s Tox ID in the DHT to find their IP address (see the note below!).
  3. Direct Communication: Once the IP address is obtained, the client establishes a direct encrypted connection with the peer. If direct communication is not possible (e.g., due to NAT), Tox can use nodes as relays.
  4. Message Transmission: Messages, including text, voice, and video, are transmitted directly between peers. Encryption ensures that only the intended recipient can read the messages.

Given the nature of direct connections, they give away your IP address. While the Tox ID does not identify you, your IP address very well can. To stay private even down to the wire level, you should operate Tox only over a VPN. I explained the benefits and ease of use of Private Internet Access (PIA) in one of my previous articles. If you want to keep your identity hidden, always combine relevant tools to manage all aspects of identity leaks online.

Encryption

Tox employs a combination of cryptographic algorithms to ensure security and privacy. When initializing a communication channel, the asymmetric nature of the private/public keys for each Tox client is used to negotiate a symmetric key. This is necessary as only a symmetric key encryption allows to communicate with multiple participants at the same time (e.g., in a group chat). Symmetric en-/decryption is also faster than asymmetric en-/decryption, altough with today’s hardware this shouldn’t be a major concern anymore.

Likewise, each message is signed to ensure its integrity is maintained (to prevent man-in-the-middle attacks). Below is a list of algorithms used by Tox to provide the above features.

  • Curve25519: Used for key exchange to establish a secure communication channel.
  • XSalsa20: Used for symmetric encryption of messages.
  • Poly1305: Used for message authentication to ensure data integrity.
  • NaCl (Networking and Cryptography library): A cryptographic library used by Tox for its encryption needs.

All of these algorithms are well-tested and widely used. If you want to know about their specific strengths and weaknesses, I advise you to read up on their details. Especially NaCl is an interesting read as it provides an array of algorithms with an easy to use interface (for C, C++, and Python applications).

Using Tox for Decentralized, Anonymous Messaging

Getting started with Tox is really easy. The simplest way to get a client app is to look at this overview and download one of your liking. For the sake of this article I use uTox on Ubuntu Linux and qTox on Windows 10. They share a very similar interface, which seems to be characteristic for most Tox clients. Below shows the main window of uTox on Ubuntu:

The main uTox messenger window on Ubuntu Linux

On the left there is your contact list. The top left area shows your own username and status message, and you can choose your status (for example “Away“, which will turn on after some time of inactivity all by itself by default). On the lower left you can add friends by entering their Tox ID.

The right side shows the content area for whatever is currently active. In the screenshot above it shows the settings dialog. The overview reveals your own Tox ID (the long hexadecimal string), and you can freely choose your username and status message. While it enables decentralized and anonymous messaging with Tox, it acts as a normal instant messenger, allowing you to interact with your peers in a natural way.

Making Contact

With all Tox clients, you enter the Tox ID of the peer you want to talk to. Below shows the Windows client (the buttons look slightly different, the interface in general is very similar to the one above). Just enter (copy/paste) your friend’s Tox ID into the relevant field (you can send a message alongside the request as well) and send it. Your friend will get a request for being added. After that you can chat.

The main qTox messenger window on Windows. It shows the add friend dialog. You stay anonymous if you prefer.

Below shows your friend’s screen when they receive your request:

The chat view of the uTox messenger client on Linux, showing a friend request.

Once you’ve added your friend successfully, you can exchange messages:

Supported File Types

Tox allows you to send arbitrary files to your peers. While the default is encrypted text, you can easily send images, screenshots, or audio files. The Tox protocol even has video and voice calling integrated, which is supported by the majority of clients in use. Tox can be slow at times if you go through a relay connection, so be patient when sending files. On the flip side, if you trust your peer, you can transfer sensitive data worry-free this way.

Settings

You can customize how the Tox clients behave in general. Most clients offer a way to secure your local login at least. In uTox you have to enable it via “Advanced” -> “Show password field” -> “Lock” in the settings screen:

The settings screen of the uTox Tox client on Ubuntu Linux. Decentralized and anonymous communication can be maxed by using proxies.

qTox asks you to set up your username and password right when you start it for the first time:

The login screen of qTox on Windows

You can of course change both later in the app. The clients also vary in terms of visual appeal. uTox is comparatively bland, and qTox is styled a bit more nicely. Below shows a nice overview screen qTox offers that shows most relevant information in one spot.

The settings overview screen of qTox on Windows

For Tox clients, you can usually also select which proxy they should route through. Remember, Tox will create a direct connection to your peers if possible. If your peer is behind NAT, this is likely not happening, but you never know. If you want to make sure your public (real) IP address doesn’t leak to your partner, be sure to always connect through a VPN provider (like the very affordable and privacy focused Private Internet Access, which doesn’t keep logs of your activities). Consider all aspects on your online privacy when you try decentralized and anonymous messaging with Tox. Missing one link means you’re exposed, and your efforts are in vain.

Moving your Account and Backups

Your entire Tox client cache data is stored in %APPDATA%\Tox on Windows, and ~/.tox on Linux. This includes not only your public and private key pair, but also any chat logs you may have amassed. If you want to move your account to a new machine or make backups, this is the folder you need to touch. Before moving to a new machine, make sure Tox is not running on that host when you move in the data folder. After that, you can start Tox like normal and it will use the newly moved in account and history.

Deleting your Tox Account

Tox per se does not require an “Account” as other services do. This is due to the peer-to-peer nature of how the network operates. Your private/public key pairs exist solely in your client configuration. Once these are deleted (or simply not used anymore), your presence on the network is deleted. As pointed out above, individual nodes in the network don’t have full knowledge of who communicates with whom, which IP addresses they use for that, and what content is exchanged (and that only in encrypted form). Even if relay nodes on the network were to cache your data in transit, they wouldn’t be able to map it to you in retrospect.

Delete your keys, and your “Account” is deleted.

Conclusion

In this article, we discussed the anonymity-focused private instant messenger Tox. It allows you to keep a very high degree of anonymity and plausible deniability in your everyday chatting habits. You learned about various different implementations of the protocol, and why the Tox network is deemed safe. Much like Tor, it uses a layered encryption approach. To further bump up your online privacy, consider using a VPN (like PIA). If you research more, be sure to switch to a privacy minded browser, too (try the new DuckDuckGo browser!). Decentralized and anonymous messaging with Tox will be even safer on top of these technologies!

If you liked the article or want to share your own experiences, comment below to get the conversation started!

Leave a Reply

Your email address will not be published. Required fields are marked *