 Good morning first day. My name is Sébastien, I am a recon in internet and this is Adrien Béro. I am a ring developer since last July and Adrien since the beginning. Today we will talk about ring, what is ring, how it works basically. 2017 was a bigger for us, so we will present the new feature and what we want to do for this next year. So what is ring? To define ring, I can say that ring is a free universal distributed communication platform which respect privacy. It's a software developed by Savard Ferlinux, a company in Montreal. Yeah, I know it a lot of words, but ring is free because we use the GPL license for the world code and free open source library like PGCV, etc. It's universal because you have clients on every platform like iOS, Android, Linux, Windows, etc. It's distributed because we use peer-to-peer technologies to do that like OpenDHT. It's about communication because we use ring to share files, send text, messages and do video conferences. It's a platform because you can use some parts on every project like Vodiman or OpenDHT and which respect privacy because we do end-to-end encryption and we try to do ring as secure as possible. So let's start for a little demonstration. So this is the interface on Ignom and you can do video calls. It's a little bit black, but this is your and also you can send text messages, etc. So how it works. First, what is a distributed network? Basically, you have three types of networks. You have applications like Skype which use a centralized network. You basically have one server which does the authentication and all data pass-through. You have things like Riot, Matrix or Mastonaut which use a decentralized network. It's about a federations concept where some servers are connected to some of us and you have things like ring which use any device on the network and the network is basically a mesh. We will present OpenDHT in details in the RTC room in 30 minutes, I think. So you have OpenDHT, the base of the network and when you launch ring for the first time you will generate RCA keeper. It's basically your account and it can be self-sewn or signered by a CA and for each device you will generate a new keeper for your device and you are seen with a previous one. And the ring ID is basically the fingerprint of your public key is your identifier on the network. So to contact someone you need to know his fingerprint but fingerprint are hard to remember. So we designed the name server it's basically a piece to translate ring ID to nicknames and we store it on a blockchain but you can use your own name server on a database, for example you just have to answer to a recipe which is described on the wiki and it's optional you can just use a ring ID and no nicknames, if you want. Yeah, so ring uses two distinct distributed networks to work so one of them is the Italian blockchain that is used for name registration and the other one is OpenDHT so this is an example of how it works with OpenDHT when you want to reach someone else on the ring network so here Alice wants to join Bob so Alice will use Alice will use the OpenDHT network that we will describe in the RTC room to make so OpenDHT it's a distributed dictionary so every member of the OpenDHT network will have access to a shared global dictionary and this global dictionary will be used to exchange information between peers all of this package exchange on OpenDHT are encrypted so here to join Bob Alice will make a put on a given key, a key that is derived from Bob's public key and Bob will make a listen operation on that key so this listen operation means that Bob will be informed of any change of value for that key on the distributed dictionary so after Bob received this information the DHT Bob will reply on the DHT also to Alice so what the exchange basically will be there are encrypted IP addresses which are then used to perform a nice negotiation will attempt to establish a direct peer-to-peer connection between Alice and Bob using the IP addresses that were exchanged over the DHT this ice negotiation when it succeeds then will provide access to a direct peer-to-peer connection or it might fall back to a turn server for instance if one is configured that will relay the connection in case there is no possibility to have a direct peer-to-peer connection like if both peers are behind a different private network once a peer-to-peer connection is established it is encrypted and authenticated to a DTLS connection so the DTLS connection when it is established is used to do pure authentication so they will exchange their respective certificates and that will be used to check that this is actually the identity that we are trying to reach and also obviously it's used for encryption and over this DTLS channel there is a classic SIP communication that is used to negotiate the call or messages or whatever the result is then we use this peer-to-peer DTLS connection to make audio-video calls we try to make Korean as universal as possible so we build clients that are as easy to use as possible for the general public we try to make clients as user-friendly as possible so as Sebastien mentioned we have clients for Android we have a client for Android TV for iOS now for Windows obviously on GNU Linux and also on macOS so the demo was between the macOS version and GNU Linux version which is a GTK so we just released a new version last week which includes support for iOS we recently added support for Android TV it works actually pretty well it's really a pleasure to use ring on Android TV I have a ring in a conference room a meeting room and use it and it's really seamless and actually it's the only communication app available on Android TV there's no other communication app available on Android TV and we are also in communication with the FDRAG community to keep ring updated on Android in this new release we also added major new features that were missing in ring so we added the file transfer support we added support for push notifications so this was a challenge because obviously we want to be fully distributed and push notifications require some authentication to a push server either Google or Apple we tried to keep the distributed mechanism we will talk more about it later so we added the possibility to have a DHT proxy so the distributed network running DHT node I mean every ring instance runs at DHT node by defaults but we added the possibility to use a departed DHT node so a DHT node running on some other computer and so every operation on the local DHT node will be proxied to the remote node and why we want to do that the reason is that running a DHT node is lightweight but on the long term on a mobile device it still uses much more resources than just doing nothing because there are many small packets to maintain the connectivity going on so it keeps the phone on it keeps the radio on so on mobile devices there is a need to have a DHT node that is not running on the phone itself and also it was a demand from the community so because since it's a distributed network IP addresses are visible on this distributed network so some people want to hide their IP address so they can run the DHT node maybe on their own server or on their home and configure it on their phone so when they move around their IP address is not exposed from their phone and so we massively improved contact management which was an issue in previous ring versions so we had a lot of features in 2017 first we had a searching item on the GNOME version so for example if I search an essay you will have a searching item when the contact is not found and then it will transform to another thing after that you can add the contact or just send a message on it it will be automatically added to your list we worked on a common database for all clients so we can in the future synchronise all clients history, contacts etc and we had a lot of bugs on contact duplication before we also had the ability to change passwords the problem with ring it's not a problem but when you generate an account you will have a targed jz encrypted by your password you can change this password you don't have any possibility to recover a password you don't have a server to contact I forget my password it's just an encrypted file on your device but now you can change the password on the device the hardware acceleration support on macOS and linux this is the schema of the database this is the searching item in december we had the possibility to share files before that for sharing a video or an image you had to call your contact and share the file but your contact couldn't save the file so now we use tcp over turn over tcp connection to file sharing but in the future we need peer to peer implementation like torrent or something like that like adrien said we had the possibility to use another node on the network to do the listen on the dhcp your node on your device will just decrypt the value on the dhcp and pull the proxy to retrieve the value it avoids synchronization on the device and save battery data consumption messages are still decrypted by the device just your device have a correct key to decrypt it we also add the patch notification support with the proxy the problem with that is you have a push provider from your device folder like fcm for android and apn for your for apple and you need authentication so basically you need a key or password and this is stored on a server so we stored this information on a patch gateway hosted by server ferlinux and your open dhcp node just use the gateway to send notification but you need a central point to use push notification and the thing is for apple for example you can't have an application in background h24 so you need something to wake up your your daemon and that's why we implement it so what we want to do in 2018 we have a lot of ideas we want to improve auto video quality algorithm for now we just use network packet loss but we can use the feedback provided by rtcp or rtsp we need peer-to-peer implementation for file transferring we need to connect ring to other technologies like telepathic client we need to connect ring to matrix as well as possible like the xmpepe bridge and we need to to do web rtc client to have directly ring in your browser for example like format talk and we need to improve community aspect we have a community which does the packaging the translation, building scripts support on the mailing list testing open bugs open tickets we also have one guy who makes a mock up for the design of a new linux client and somebody ask us if he can do the security verification we have a pretty active mailing list ISC channel on free node and tulip for ticket tracking and we want to participate to the google summer of code Visio with previous ideas so thank you if you have any questions you can download ring with your instruction on the website and this is technical information about rings thanks does ring have a does it work without a connection to the internet it's local peer discovery or something that makes it work in fact you can have a bootstrap on your local network and use ring without any connection just on a local network it will work and another question why didn't you use a name coin just about your first question ring was designed to be able to work on a local network or on a private network even with multiple layers of private networks in it and we didn't use name coin well when we designed the name service it just felt that Ethereum provides more flexibility to evolve later yeah basically and I think name coin was created before Ethereum and I think Ethereum provides more flexibility to write custom rules about how to handle names etc can you share one identity between various devices yeah you can I've got an account on my Linux client and my android one and it was so it was like the third slide which show how it works it shows an account certificate that will sign device certificates so when you connect on a new device it will sign a new certificate for this device and the device will authenticate and accounts will authenticate each other by their certificate chain using standard certificate chain verifications just a quick one about the name coin issue also if you look online there was another project 50% 51% at the time so that might be another reason not to consider it but also have you considered using OpenNIC especially on those platforms where you can have some control over the DNS servers you could actually provide a completely free means of getting an identifier might be something to look at in the future yeah definitely so actually the name the way a ring communicates with the blockchain is through a REST API so the blockchain could be easily replaced to connect with any existing named user directory so for instance an organization could connect this name service to its internal user management system or it could be connected to other services you can just have a GZN file on your website and it works for get name name American just could you go back to the slide with the DHT like Alice and Bob because I think you might have a privacy problem which is kind of the same that we have with Tor Onion service and in the previous iteration of the protocol no no the one with the drawing yes so the position of the computer is going to receive the put and for what the listen call is only determined by the call to the device identifier so I can predict which key I need to be which place I need to be in the DHT and then I can retor every call that are going to pass to Bob which might be a privacy concern like in Tor we had to invent this new protocol that is like a shared random identifier that changes every 24 hours that makes it way harder for someone to actually put themselves in the right position with the DHT so yeah so indeed protecting the privacy users privacy and DHT is a real challenge so we always consider the DHT self as I mean we never trust the DHT as is we use it like every thing that is true that people can use the DHT to observe what's going on so they will see encrypted values but it's true that they can use it to infer a metadata or this kind of thing and we are still working on it I mean to my knowledge there is only Tor that provides a very consistent way to hide the IP address and maybe some other similar technologies so yeah we might go toward this in the future it's still an ongoing research what happens if I send a message to a friend of mine and the friend is offline for the next few hours how is the message delivered or what feedback do I get you will see a failed status because message is stored on the DHT 5 minutes it's deleted so you need to retry when it's connected but if you try to send a message and the other person is not connected your device will still try to send it a few times afterward I think every 10 minutes for 3 times and then it will say that it's failed so I thought from your first explanations that only like I want to talk to you message was sent through the DHT but from what you just said apparently the first message is sent as well through the DHT like if I say hi to Bab will hi be sent or I want to talk to you ok so currently currently the strategy is if you just send a message to someone you just have in your contact list it will send an encrypted message over the DHT and if you have a current call with the person and you send a message it will use the peer-to-peer connection to send a message ok so technically if later in the future l'arise key is lost or broken or something the first message of every new conversation could be recovered if a history is stored somewhere yeah indeed like yeah the messages on the DHT are not forward secure so I did if you l'arise key is stolen or anything messages exchanged over the DHT so that's also an improvement we're working for the future to have forward secrecy on the DHT and when you have a peer-to-peer connection it will use TLS ciphers with perfect forward secrecy only so then your peer-to-peer connection and then every message exchanged and it will be perfect forward secure and the reason is we want people I mean as it is right now because we want people to contact each other without a first exchange when people to be able to send messages even to people that have never reached before so then don't have the opportunity to exchange a sure secret this kind of thing but this design will likely be improved the time is up, thanks for the presentation