Welcome to Help page!
TORFone User's Guide
- Outgoing calls
- Incoming calls
- Voice latency
- Transferring files and messages
- General settings
- Voice buffer
- Voice codecs
- Push-to-talk mode
- Network setting
- Duplication of Tor-circuits
- Non-anonymous mode
- UDP mode
- Tor instead SIP
- Known bugs
TORFone is a Windows-software for secure and anonymous Internet telephony. TORFone makes an outgoing call or answers an incoming while remaining completely anonymous for the other party and to the outside observer at any level.
TORFone is not require installation on your computer. Just run TORFone in its own folder. You should run the Tor-Browser or TorChat (they also does not require installation) and should wait for connect to Tor network.
I recommend using a portable open source tool TrueCrypt first create 100 MByte file container protected by password and then mount the virtual disk (e.g. disk T:) and to copy TORFone and Tor-Browser bundle on it. The container can be stored on the flash media and you can mount disc if necessary to make a call even from a shared computer.
To make a call paste the onion-link (or IP-address or domain name for Tor-to-peer one-sides anonymity connection) in the address field and click "Connect" button. After 5-30 sec connection is established and take another 3-5 seconds key agreement. 5 seconds after complete agreement a voice channel is activated. If the connection fails will sound warning and the need to keep trying until the connection is successfully.
Once the connection established is necessary to identify each other by voice and read a list of 4 words making sure of their identity. This gives confidence in the absence of interception communication and in that the person you are communicating with the other party.
For receiving calls you must first create a hidden service once. Run Tor Browser then click on "Setup Relaying" in Vidalia window and then on "Services". By pressing the "+" create a new service on port 17447 and destination 127.0.0.1:17447. TOR will automatically generate your onion-link. Copy it by corresponding button and send to subscribers using any public channel - it will not leak your anonymity. Callers can always get through to you by using this link but they does not being able to track you.
Warning: the file ‘private_key’ in the folder that you specify when you create a hidden service is
secret and unauthorized access to it will leak of your anonymity.
Since the connection between users passes through six transit nodes located anywhere in the world the delay of voice can reach 4-5 sec. This is a small fee for anonymity. If the delay too much you can break the connection, press "Use a new identy" in the Vidalia window and then try a new. Also you can use special Tor configuration in ‘torrc’ file for reduce Tor circuit latency by selecting only the fastest Tor nodes.
Once the connection is established there are possible also to send each other files or messages. Activate the menu File -> Transfer file. For file transfer drag it to the panel "Send" in the window. Received files will be saved in the specified folder (default current TORFone folder). To forward a message type or paste the text in the message field then send it by pressing Enter or double click left mouse button. Sent and received messages will be displayed on control panel in the main window. You can select and copied them in the usual way.
The defaults for TORFone V 1.1: voice compression is MELP 2400 bps, the Diffie-Hellman prime is 4096 bit, the symmetric encryption is AES-256-OCB (128 bit MAC). TripleDES and AES-256 encryption modes not provides authenticity of packets and not recomended for direct connections but can be usefull for connection over Tor (encrypted by Tor) since the decrease in the length of the packet to 16 bytes causes a decrease in latency of the connection. .
There are checkbox for option disabling of listening network interface (no receiving incoming calls), slider to manually control the size of the voice packets buffer and slider for control the duplication of voice packets. For security disabled the ability to remotely change the voice codec, but an opportunity to choose their own voice codec during a call. There are up/down traffic indicator (including IP+UDP/TCP headers) in kbit/s and total traffic counter in kbytes.
The buffer is used to eliminate interruptions and loss of speech during spontaneous delays in TOR-tunnel. Buffer size can be from 1 to 15. The minimum value is less latency but greater the probability breaks speech. The greater value adds additional latency (up to 1200 mS above). Buffer size can be manually adjusted during a call depending on the quality of the Tor-tunnel. Left displays the packet delivery rate in ms, buffer size and the percentage of its filling (should be about 50%). If this is often reduced to 0% or increased to 100% you should increase the buffer size.
Buffer size the default is automatically adapted to the used Tor circuit. To disable automatically change it you must manually edit the ‘torfone.ini’ file in the TORFone folder by setting BufferSize = 1. Also you can completely disabled the buffer by setting BufferSize = 0.
TORFone V1.1 use new voice codecs:
Low-bitrates voice codecs optimized for work over Tor and provides stability without additional voice buffer. MELP 2400bps compensates jitter up to 1800 ms and CODEC2 1300bps - up to 3200 ms. The additional delay will be 900 and 1600 ms respectively.
Warning: the voice buffer will be automatically disabled in the configuration file when using this codecs. To turn the voice buffer auto-adjusting mode set manually BufferSize parameter in 'torfone.ini' file: BufferSize=-1
For GPRS connections the preffered is MELPE 1200 bps provides one-side traffic only 500 bytes/sec (including IP-UDP headers) and 330 ms latency. CODEC2 3200 bps provides 1000 bytes.sec traffic and 360 ms latency with better quality.
If you are using a high-speed internet is recommended to use the classic codec GSM 0610 fast (18 Kbps, 80 ms) or modern OPUS (variable bitrate 6 Kbps). To prevent the attack phonetic reconstruction check Hide VBR item on Preference panel. It allows only a smooth change in length of voice packets, and also fixed the length of the text messages.
During connection in fast local network ADCPM codec (32Kbps, 80ms) is usefull.
To eliminate the random sounds of the environment for better preserve anonymity you can activate NPP7 noise supressor by setting Denoise checkbox on Preferences panel.
You can use the Vocoder for voice depersonalization. It is based on a synthetic voice coding algorithm and provides plausible deniability when trying to identify the voice, even if there are many natural and altered voice samples. Vocoder can use standart settings (hight, deep, robot, breathy etc.) and activates on Preferences panel. Before using the vocoder is recommended to test it with your microphone and adjust the sensitivity of the audio input in the Windows sound settings. The best effect is achieved when using the external microphone directly from the speaker's mouth and the lower input sensitivity than using a highly integrated microphones. It must be remembered that the vocoder does not protect against the semantic analysis of speech (sentence structure, vocabulary, etc.).
Push-to-talk (PTT) mode is usefull in hight latency connection or for traffic economy. PTT is activated by right double-click on level meter in up-right corner of TORFone panel. While the right mouse button is held on the level meter transmission is enabled, and then release the button - disabled. This condition is indicated by the sounds and L or LT symbols below the level meter. Next right double click on the level meter returns in duplex mode.
For using voice control (VOX) the first you must activate PTT mode as describe above and then activate transmission by holding right mouse button on level meter. Then, while the right mouse button is held and the transmission is enabled, move the mouse pointer outside of level meter and then release the button. After this transfer will remain active (LT). Now you need to pull the green triangle under the level meter in the position immediately after the noise by controlling the transmission status of the color of the indicator to the right of the level meter. To return back to full-duplex mode, double-click on the level indicator and set the green triangle to the left position.
The ‘torfone.ini’ file also defines network settings which can be changed only manually editing their values.
The parameter Socks5Addr:Prt specifies the address and port of the Tor local proxy, the default 127.0.0.1:9050. If the port omitted, the default value used. If the address is equal to 0.0.0.0 Tor is not used and TORFone will try to establish a peer-to-peer connection to the callee by the IP-addresses or domain name in the addresses field. If the addresses field is also specified port the connection is established with this port. If the destination port is not defined in addresses field but defined in the parameter Socks5Addr:Prt of ‘torfone.ini’ file (after the address 0.0.0.0), it will use this value. If port also is not specified in this will use the default value 17447.
The parameter ListenAddr:Prt specifies the address and port of the listening interface from which to receive incoming calls, by default 127.0.0.1:17447. If the port number is omitted, the default value is used. If address equal to 0.0.0.0 the use of all network interfaces. This mode is required to receiving peer-to-peer incoming calls and bears the risk of leaks of anonymity even using Tor.
TORFone V1.1 provide an experimental feature of duplication and selection Tor circuits for decreasing of total latency. Before using this feature, you must provide your own onion-address (without .onion suffix, i.e. 16 characters) in OwnAdr field and set timeout for reconnection the slowest circuit in field Time,sec (default 60 sec) on Preferences panel. The AllowBackCh checkbox activates / deactivates this feature. After only onion-connection if callee also have activates feature TORFone sends invite with own onion address and callee connects back in parallel. The data is sent to both the circuits and periodically sync slower circuit is reset while the other is used. This feature more effective if guard nodes not used in torrc settings. Also I not know anything about effects of using this feature on anonymity level.
If anonymity is not required TORFone can be used as Tor-to-peer (one side anonymity) or peer-to-peer (no anonymity). In this case there are no anonymity but confidentiality fully preserved and voice latency is much smaller (100-1000 ms). To set this mode permanently you need to manually edit options Socks5Addr:Prt and ListenAddr:Prt in ‘torfone.ini’ file as described above. You can also make a peer-to-peer connection not readjusting TORFone’s settings. For this you must specify IP-address or domain name with added exclamation mark at the beginning. If this is set in the address field and also defines the port the connection will be established with this port otherwise will be used default port 17447.
If anonymity is not required but traffic economy or low voice latency needed TORFone can use direct UDP outgoing connection. For this you must specify IP-address or domain name with added symbol '@' at the beginning. If this is set in the address field and also defines the port the connection will be established with this port otherwise will be used default port 17447.
For listening the incoming UDP connections you must manually set the parameter ListenUDP=1 in ‘torfone.ini’ and restart TORFone. Listening UDP socket will be created on all available network interfaces using the same port number as for the TCP (defined in parameter ListenAddr:Prt). If you are using a router (NAT), you also need to forward this port on the IP address of the PC running TORFone.
If anonymity is not required TORFone can use Tor for conection with abonent using his onion address and then switch to UDP direct connection with NAT traversal. The goals are:
- no SIP-server dependence (Tor like a SIP);
- no registration needed and no any logs (Hidden Service's onion name generates automatically and anonymously);
- security key agreements are under Tor protection that prevents Men-on-the-middle attack;
- if NAT traversal is impossible the Tor connection remains usable (Tor like a TURN).
Before using this you must set any public STUN server as domain name or IP address in STUN field on Preferences panel. For switching to UDP mode both parties must set Edit -> TCP/UDP switch -> UDP direct menu item after voice chanel were activated. After fully NAT traversal UDP channel will established given to the audio and text notification. Now both abonents can change its voice codecs using GSM 0610 fast or OPUS for better quality and lowest latency.
For returning back to Tor connection both parties must the first set usable onion codec (MELP 2400 or CODEC2 1300 recomended) and then must clear the UDP direct menu item.
Direct UDP connection is not available while both parties are behind symmetric NATs and not guaranted if both parties are behind any own NATs (home routers) and then behind common NAT (local network provider). If you have problems with NAT traversal the periodically left double-clicks on level metter (for STUN requesting). If UDP direct connection not established during few minutes you must return back to Tor connection. In this case if anonymity is not required will usefull reducing of Tor circuits lenth by settings in 'torrc' file.
TORFone V1.1 use 4096-Diffie-Hellman key agrrement, AES-256-OCB (128 bit MAC) symmetric encryption and two-step autentification with preshared passphrase using PKDF2 и HMAC_SHA1.
Authentication allows you to verify the authenticity of your contact, eliminate the middle man attack and safely notify your contact if you are under pressure. For successful authentication you must first share check individual phrase with your contact any reliable way, eg.personally or using PGP etc. Authentification phrase is minimum 3 and maximum 255 symbols. It must be individual for each pair of users, equivalent for both parts with exception last two symbol are swapped. Authentication phrase must be preshared between users in any way and must be kept as a secret. You may exchange authentification phrases once via TORFone text message after voice authentication using the words list. Authentification phrase may be used in three ways:
- can be set in adress string for outgoing call after symbol '&', i.e.: !alise.dyndns.org:17447&myphrasepq
- can be presetted for each users in adreses book file corresponding user's nick (see example in 'adress.txt');
- can be applied using text message interface at any time during connection;
If the authentification phrase is not presetted for current contact you can applied it at any time during a call using the interface of text messages. Authentication phrase must be entered along with the symbol '&' at the beginning. Perform authentication other part should also enter an authentication phrase, or whether it should already be presetted for this contact in any way as described above. If user is under pressing it may set this phrase but change last symbol to any other. In this case authentication will look like a successful for him but the other party will be notified of the pressure.
- do not use same authentification phrases for multiple users!
- not recommended to preset the authentication phrase in the address book, best remember them and enter manually if you want to be able to silently notify your part under pressure without being disclosed.
- be carefully using text message interface! Use authentification phrase only with symbol '&' at begining! It will process it correctly. If symbol '&' was ommited authentification phrase will be sent as text message and may be intercepted under MitM!
Sometimes after an internal failure or communication loss TORFone not return to listening mode and receiving incoming calls impossible. This requires a TORFone restart. Besides activation of listening mode can be controlled by a specific audio signal.
After a forced shutdown during active connection TORFone is not released an audio interface in some systems. And then you run TORFone again get an error message. In this case the computer restart will be useful.
Questions, comments, bug reports, ideas are sent to the projectís email: email@example.com