Secure Communication

Secure Communication

Article from Issue 218/2019
Author(s):

Communication on the Internet is continuously subject to the risk of being intercepted. We show you how to eliminate curious eavesdroppers.

The Retroshare communication platform licensed under the GPL ensures a secure exchange of data at all levels. The program is easy to use and offers some special features, such as integration of the Tor network. The software is also available for download for all popular operating systems.

Communication on the Internet always entails the risk of someone listening in. Many users thus look for easy-to-use encryption methods. However, because of the numerous forms of communication on the web, each with its own protocol and data transmission path, no standard solution suffices.

Moreover, most services are based on client-server architectures, wherein the server, as the central data repository, is the preferred target of attack. Errors in server configuration – over which the user usually has no influence because it is often a centralized service operated by a commercial provider – can be misused as a gateway for malware and espionage software.

However, peer-to-peer networking is far more secure. To avoid the massive installation overhead caused by the different protocols and transmission paths, users are now turning to the graphical Retroshare platform, which combines multifunctional communication in a uniform interface.

Operations

Retroshare [1], under development since 2006 and licensed under the GNU GPL, is a friend-to-friend network (F2F) [2]. In principle, it works like a peer-to-peer network without a central server instance, the difference being that the participants communicate with each other on a basis of trust.

To ensure a certain basic trust, communication between two Retroshare participants requires the exchange of their RSA keys generated by the software itself. The application also supports what is known as turtle hopping [3].

This form of communication distributes files and information across multiple computer systems on the Retroshare network, even if the source and target computers are not directly known to each other or have not authenticated each other with a mutually stored public key.

However, a maximum of seven forwarding nodes between the source and target computers knows the systems from which they receive data and information directly and the neighboring nodes to which they pass content. This process ensures a chain of paired computers that know and have authenticated each other so that man-in-the-middle attacks can be ruled out. Because the transport route and the data are encrypted by OpenSSL and OpenPGP, data security is very high.

Versatile

Retroshare is available in many places; for example, you will find it in the software repositories of many Linux distributions: ALT Linux, Slackware, Gentoo, and ROSA Linux maintain their own packages, and the project's website [1] provides various links to repositories for Arch, Debian, CentOS, Fedora, Mageia, Ubuntu, openSUSE, and others.

If you fail to find a suitable package despite this selection, you can pick up two AppImages and the source code, which can be launched on practically any Linux system; they share the ability to run only on 64-bit hardware. The binaries maintained in the package managers, on the other hand, are also usually suitable for 32-bit environments. Two AppImages exist for ARMv7- and ARMv8-based computers like the Raspberry Pi, as well.

Installation

To install distribution-specific packages, follow the instructions in the Download section on the project's website. In both cases, the software adds a launcher to the start menu. To load the AppImage initially, it needs execute permissions, which you can assign with the chmod +x command.

After starting, Retroshare displays a graphical wizard in which you enter some personal data to create a user account, including a username, password, and a name for your node in the initial screen. Finally, you generate a PGP key with a preset length of 2,048 bits (Figure 1) by moving your mouse randomly.

Figure 1: The first time Retroshare launches, it generates a PGP key that serves as the basis for authentication in future connections.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Overlay Networks

    An overlay network will help you block unwanted eavesdroppers on the Internet. We show you some of the leading open source options.

  • P2P Networks

    Many users associate the term P2P with BitTorrent and the (not always legal) exchange of files. But peer-to-peer networks offer an option for anonymously offering websites and other services. We examine five popular alternatives for P2P networking.

  • FOSSPicks

    This month Graham looks at SonoBus, NewsFlash, Kinto.sh, RetroShare, Emilia Pinball, and much more!

  • FOSSPicks

    After watching Ubuntu help NASA with its first controlled flight on another planet, Graham spent far too much time this month visiting Mars in Elite Dangerous, via Proton on Linux.

  • Filesharing to go

    If you want to exchange files over the local network, you do not necessarily have to set up a file server such as Samba. A number of handy tools let you drag and drop to send files.

comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More

News