Component 1 (1).png

Contents


Security through simplicity ⚪

From a security perspective, tonari is not dissimilar to existing teleconferencing solutions like WebRTC (Microsoft Teams, Google Meet), Zoom, Cisco, or other products. However, unlike these products, tonari makes great efforts to simplify the security model and minimize the attack surface. This security philosophy is commonly referred to as the "have one joint and keep it well oiled" mantra.

Secure communication ⛓️

Similar to WebRTC and others, tonari internally uses a reliable control channel, and an unreliable low-latency media transport channel.

tonari portals communicate peer-to-peer, and unlike WebRTC, will not fall back to using a proxy server. This choice was made in consideration of both the privacy and latency implications of using proxies.

Rather than implementing our own cryptographic protocol or using a combination of complicated and error-prone secure protocols like TLS/DTLS/SRTP, all communicate entirely through the encrypted VPN tunnels using WireGuard¹.

About WireGuard

WireGuard is authored by a Jason Donenfeld, a well-respected security engineer and vulnerability researcher. Best described on its website: "WireGuard® is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPsec."

Whereas OpenVPN's total lines of code is in excess of 500,000 lines, WireGuard can be implemented in 4,000 lines, making it much easier to audit. At this point, WireGuard is recommended by most security security experts, as well as the likes of Linus Torvalds², author of Linux.

Unlike OpenVPN or IPsec, WireGuard's protocol has been formally verified for correctness³, as have the implementations it uses for elliptic-curve cryptography.

WireGuard operation

WireGuard communicates entirely over UDP, tunneling traffic through that connection. It verifies and routes traffic to and from its peers with public key cryptography. The protocol itself is well-documented in the WireGuard whitepaper⁴.

Because of the UDP-only communication, creating firewall rules for WireGuard is quite simple. A portal installation only needs a single UDP port open to be able to communicate fully with its WireGuard peers.

For example: if you have tonari installed at two locations between Tokyo and Osaka, you would only need to expose a single port at either the Tokyo or Osaka location (you don't need both) for a peer-to-peer VPN connection to be established.

Further security considerations 🔑

For additional layers of security, it’s also possible to implement the following on your networks:

Restricting source IPs