The objective of this project is to implement a new KCI-resistant handshake based on NoiseIK in c-toxcore, which is backwards compatible to the current KCI-vulnerable handshake to enable interoperability and smooth transition. NGI Assure is made possible with financial support from the European Commission’s Next Generation Internet programme ( ). Fortunately, this application was successful. He applied for funding at NLnet foundation and their NGI Assure fund to continue his work on Tox and to be able to implement a production-ready Noise-based handshake for toxcore.
Toxcore qtox update#
If you want to know more about his master’s thesis, see the update in the initial KCI GitHub issue. This PoC has a few drawbacks, which is why it should not be used in practice (see Appendix). Tobi ( goldroom on GitHub) wrote his master’s thesis (“ Adopting the Noise Key Exchange in Tox“) on the KCI issue in Tox, designed a new Handshake for Tox based on NoiseIK and implemented a proof-of-concept (PoC) for this new NoiseIK-based handshake by using Noise-C. Noise protocols can be used to implement End-to-End Encryption (E2EE) with (perfect) forward secrecy (which is also the case with the current Tox implementation), but further adds KCI-resilience to Tox. WhatsApp, which uses it for encrypted client-to-server communication, and WireGuard®, which uses it for establishing Virtual Private Network (VPN) connections. Noise-based protocols are already in use in e.g. More precisely, the application of Noise will only change a part of Tox handshake - the so-called Authenticated Key Exchange (AKE). As a solution, there is a framework called Noise Protocol Framework (Noise, ) which can be used to create a new handshake for Tox. The current Tox handshake implementation is not state-of-the-art in cryptography and it also breaks the “ do not roll your own crypto” principle. In summary, KCI is exploitable, but with a huge effort.Īnyway, this is a real vulnerability and it should be fixed. There is no public exploit available which can just be used. Implement their own version of toxcore because it’s not possible to exploit this issue with the current implementation.if they are in the same (public) WiFi as you, or via the Internet – which is way harder and is most likely only possible for state actors (e.g. Control the network connection between you and your friend.Know the ToxIDs of your Tox friends to be able to impersonate them to you.This means, to exploit this vulnerability in practice, someone not only needs to successfully steal your private key, but additionally: But because of the KCI vulnerability, they may also be able to impersonate others to you. It is clear that someone who stole your identity is able to impersonate you. Now in this case the KCI vulnerability leads to “interesting” behavior. So they can successfully impersonate you in Tox. this private key), they are you – at least in the context of Tox. If someone successfully stole your Tox identity (i.e.
Toxcore qtox password#
This means an attacker either needs to get access to your password (steal or crack it) or to read your Tox private key from memory while your Tox chat client is running. Your private key is then stored unencrypted in memory (i.e.
If you start qTox, you need to enter your password to decrypt your private key, to be able to communicate via Tox. when you first start qTox client, is used to encrypt your profile and also your private key on your disk. The password you enter when you create your Tox profile, e.g. If this happens, you will most likely have multiple problems and your Tox identity may be just one of them. a so-called trojan horse, to be able to extract data from it. This could, for example, be the case if someone got physical access to your computer or successfully installed malware on your system, e.g. The private part, again as the name suggests, needs to stay private! If someone gets in possession of your private key, they stole your Tox identity. The public part, as the naming suggests, is public and contained in your ToxID which you share with your contacts to be able to communicate with them via Tox.
Such a key pair consists of a public part (public key) and a private part (private key). with username and password), but instead your identity is solely based on (asymmetric) cryptographic information, a so-called asymmetric key pair. In Tox you don’t register an account (e.g. I will try to explain the issue as simple as possible: This issue is called “Key Compromise Impersonation” (KCI). Donenfeld (known for WireGuard®) reported an issue in Tox’s handshake.
0 kommentar(er)
