torchat—messenger application on top of the Tor network and it’s location hidden services

2011年5月11日 | 分类: 乱七八糟 | 标签: ,

TorChat is a peer to peer instant messenger with a completely decentralized design, built on top of Tor’s location hidden services, giving you extremely strong anonymity while being very easy to use without the need to install or configure anything.

TorChat just runs from an USB drive on any Windows PC. (It can run on Linux and Mac too, in fact it was developed on Linux with cross platform usability in mind from the very first moment on, but the installation on other platforms than Windows is a bit more complicated at the moment)

Tor location hidden services basically means:

  • Nobody will be able to find out where you are.
  • If they are already observing you and sniff your internet connection they will not be able to find out
    • what you send or receive (everything is end-to-end encrypted)
    • to whom you are sending or receiving from
    • where your contacts are located

General information about Tor

The Tor binary which is bundled with TorChat is taken from the official Tor- installer. You can binary compare the tor.exe with the official one to verify this or replace it with your own version of tor.exe if you like.


All TorChat traffic is encrypted end-to-end.

There are some misunderstandings floating around regarding Tor and encryption. Whenever I mention Tor and encryption in the same sentence the immediate reflex response of many people is: “But Tor provides no encryption!” This statement is true for most applications but not for all. The most commonly known usage of Tor is to use it as an anonymizer for traffic between the anonymous user and a publicly available service in the Internet and while the traffic will travel encrypted through the Tor network it MUST at some point leave the Tor network and enter the unencrypted internet to reach its final destination. This is the origin of the above mentioned “Tor provides no encryption” and it is undoubtedly true for this most widely known and practiced application of Tor and users should understand it.

However, there exists another and less commonly known mode of operation in which two Tor clients can initiate a fully encrypted peer-to-peerconnection between each other that will not leave the Tor network at any point! This is what TorChat is using. Both clients build a normal 3 node circuit from each end to some random tor node in the middle to “meet” there and connect their circuits with each other. Upon connection another layer of encryption is established reaching through from one client to the other, building one uninterrupted encrypted tunnel through all 6 nodes between the two end points. This means all TorChat traffic is end2end encrypted. There are no exit nodes involved in this mode, at no point other than your and your buddies own computer will the traffic ever leave the Tor network.

This less known Tor mode is called Tor hidden services, you can read more about it on the above link. It effectively allows true hidden peer-to-peer networks, there are just not many softwares that make any use of its peer-to-peer capability, most use it more in a traditional client-server manner, TorChat is one of the few (and at the moment I don’t know of any other).


TorChat buddies authenticate themselves by proving that they are reachable though their .onion address.

The Tor hidden service protocol by itself has no built-in authentication mechanism for incoming connections but it can guarantee that when you initiate an outgoing connection to a given .onion address you can never end up at the wrong counterpart, the one who answers the connection is the one who is in possession of the private key belonging to this address (the private_key file in the hidden_service folder).

Therefore TorChat will not trust any incoming connection and instead immediately try to open an outgoing connection to call back any incoming buddy on the address he pretends to be. A random cookie will then be sent out by both clients on their (trusted) outgoing connection that must be correctly answered on the incoming connection. Only after the answer is found to be correct the incoming connection can be trusted, the status of the buddy will be displayed as on-line and incoming messages from this buddy will be accepted.

It is essential that you don’t lose the private_key file belonging to your ID because the one who finds it will be able to pretend to be you. Using a tool like TrueCrypt is a good idea when you intend to use TorChat on a portable USB drive as these devices can easily be lost or stolen.



There basically is no need for any installation or configuration. It just runs out of the box, all batteries are included. Download and unzip the complete archive to somewhere on your harddisk or USB-Drive. The program is inside the folder “bin”. Just doubleclick the blue earth symbol named “torchat” or “torchat.exe” to start the application and you should be online soon. See below for more detailed instructions on the usage.

If you update from an older version then do the following: Make sure both versions are not running and then copy the following three files from your old version over to the new version into the exact same locations:

  • bin\buddy-list.txt
  • bin\Tor\hidden_service\hostname
  • bin\Tor\hidden_service\private_key

Now start the new version, make sure it is running and if everything is OK you should completely delete the old version.

buddy-list.txt contains the buddy list (obviously) and the two hidden service files are your TorChat ID (don’t ever let these files come into the hands of anybody else, whoever owns these files would be able to pretend to be you!)


The .deb package depends on python (>= 2.5, << 3.0) and python-wxgtk2.8 (aka wxPython) and tor. These should be easily satisfiable by any standard Debian or Ubuntu distribution, even older ones. Just make sure you have the latest official python from the 2.x branch installed, torchat will then find the correct version.

Download the torchat-x.x.x.x.deb package and do

sudo dpkg -i torchat-x.x.x.x.deb

where x.x.x.x should be replaced by the current version number. After that you can start it from the commandline with the command torchat or from the start menu of your desktop environment.

On non Debian based distributions make sure you have the above mentioned dependencies installed, then download the source distribution of TorChat, unzip it somewhere into your home folder and just execute it from within the src directory with the command


or on older systems:




but do not try to run it with python 3.x, I have not yet made it compatible and Python 2.7 will still be around for a long time.

you can also try to use the tool alien to convert the .deb into an .rpm package and install it on a RedHad based system (untested, but I don’t see why this should not work).

A package for Arch Linux has been made available here:

It doesn’t work?

Please let me know about every unexpected behaviour, but first check the following list of things that are often done wrong:

  • Your firewall is blocking connections of tor.exe and torchat.exe: You must allow these two applications to open listening sockets and connect each other on and also allow tor.exe to open outgoing connections to the internet.
  • You somehow managed to crash it and somehow an instance of tor.exe is still running. Kill it all with the task manager and try again. Normal is: two processes of torchat.exe (a very small one and a bigger one) and one process of tor.exe, everything else is not normal.
  • You are trying to run two copies of it on the same computer at the same time. This will not work! (It can be made to work but it needs some advanced configuration tweaks)
  • You started a copy of it with the same ID on a different computer at the same time. This cannot work. Never! You can use each ID onlyonce at the same time, its strictly one-to-one connections, not one-to-many. To get a fresh ID you can either unzip a fresh copy from the download archive or delete the contents of the hidden_service folder.

You can reach me via E-Mail or of course via TorChat, just use the “Ask Bernd” menu option and I will be added to your buddy list. My native language is German, but you can also talk to me in English.


This is how it should look like:

You will see a window with your contact list. One of the contacts is labled “myself”. This 16 numbers and letters are your unique address inside the Tor-Network, this (myself) contact is always there and cannot be deleted. Wait a few minutes until the icon becomes green. Give this address (your TorChat ID) to your friends so that they can add you to their list or add your friends address to your list. It all basically behaves like you would expect from an instant messenger.

After starting TorChat it can sometimes take up to 15 Minutes until you will become available. If you see a blue ball next to one of the contacts this means it is in the middle of the conection handshake (it has already connected and is now waiting for the contact to connect you back). It should be less than a few minutes in this state and then be fully connected. If it does not go away for a long time for some of your contacts but others on your list work this might mean that they have some configuration problem or an outdated version, if you cannot see your own (myself) contact coming online then the problem is on your side. As soon as the myself-contact is green you know for sure that your TorChat is fully working!

You can run TorChat from an USB-Drive and no matter where you are, you always have the same address as long as you don’t delete the files in the folder bin\Tor\hidden_service. The contents of this folder are your key. They must always be kept secret. If someone wants to impersonateyour identity he must and will try to steal the contents of this folder from you. Keep this always in mind. It would probably be a good idea to use TorChat in conjunction with something like TrueCrypt or at least a password protected USB-Drive to protect your key file.


All known entries into the Tor network (including most known bridges) are currently blocked in China, this means you need a friend outside of China who runs a private (unpublished) bridge. A bridge is basically just an ordinary entry node with the exception that it does not show up in the public list of Tor nodes. The bridge should be unpublished because they cannot block something they don’t know about. A published bridge would be blocked 1-2 weeks after it has been published and then it would be worthless.


The helping friend needs to setup a Tor node with the following configuration:

SocksPort 0
ORPort 443
BridgeRelay 1
Exitpolicy reject *:*
PublishServerDescriptor 0

The last line is important to make it more robust against the Chinese censorship: The existence of this bridge will not be published anywhere, so it is not easy for them to learn about its existence. The port 443 is chosen because it is the same as https which is an extremely common and unsuspicious port and also the tor traffic looks exactly like legitimate https.

Please note that your friend will need to have a static IP address for this unpublished bridge to work. It should be run on a dedicated server that has its own IP address. Your friend should also consult the torproject website for additional information about setting up bridges, unpublished bridges, Tor and the China problem.

TorChat using a bridge

After the helping friend has setup his Tor bridge as outlined above and given you the IP address you can add it to your TorChat configuration. Open your Tor\torrc.txt with notepad and add the following lines at the end of the file:

UseBridges 1
TunnelDirConns 1

where the line bridge would be given to you by your friend (it is IP address and port of your friend’s bridge) and then (re)start TorChat. It should now be able to connect and everything should work fine.

If you have more than one friend with a bridge (recommended) or have additional bridge addresses from other sources then you can simply add more such bridge lines to the above configuration. You can add as many bridge lines as you want, the more the better. Use TorChat to secretly and safely exchange more working (unblocked) bridge addresses with your Chinese friends!

The connection to the bridge and everything you send through it is always encrypted, the owner of the bridge has no chance of ever finding out what and with whom you are communicating, its just a relay into the Tor network, like any other ordinary entry node, the only difference is it is not publicly known and not listed anywhere.

Deployment of a preconfigured TorChat

For maximum comfort when trying to torify one of your IM buddies (your grandma for example) who can’t be bothered with adding cryptic character sequences to the buddy list you can download a fresh copy of TorChat, unzip and start it and add yourself to the buddy list of this new instance (note that you can only run one of them at the same time on the same computer). Then zip it again and give it to this person.

You can even prepare a whole bunch of such copies by adding each of them to each other’s buddy-list with names next to the IDs and then supply a whole group of people all at once with readily configured copies of TorChat.

If you are a journalist you can prepare a version of TorChat with your own ID already on the list but with an empty hidden_service folder and put this for download on your website or otherwise make it publicly available so that everybody (including whistle blowers) can (even if they have zero computer skills) simply unzip it and doubleclick on torchat.exe to instantly chat with you and send files in perfect anonymity from anywhere in the world!

You can also use this method to preconfigure and test a TorChat client like explained in the China section above and after making sure everything works correctly you can give it to your friend in China (be sure to use encrypted email or meet him personally to not reveal the IDs and the private_key to the Chinese authorities).

Please never ever combine the last two methods (whistle blower + china bridge) in one TorChat because the fact that someone connects to yourdedicated private bridge would directly expose his IP to you.

Contact information

Bernd Kreuss (author of TorChat)




  1. AS

    New ver.:Torchat
    “TorChat is a peer to peer instant messenger with a completely decentralized design, built on top of Tor’s location hidden services, giving you extremely strong anonymity while being very easy to use without the need to install or configure anything.
    Please see the wiki page: for more information.
    7.3MB · Uploaded February 06, 2012″


    • iGFW


  2. AS

    New ver.:
    “ Windows Binary Featured 43 hours ago 7.3 MB 307
    torchat- Ubuntu / Debian Installer Featured 43 hours ago KB Source Code Featured 43 hours ago 181 KB”

    “+++ Nov-11: New version changelog This release is also updating the bundled tor.exe (now using +++”

    (标签: TorChat)

  3. AS

    torchat-sharp – clone of torchat written in C# – Google Project Hosting
    “torchat-sharp is a clone of TorChat, but written in C# and compiled for .NET 2.0 and Mono (soon).
    Because this is currently in early development, I would currently not recommend using this instead of the original TorChat client. In fact, this client is pretty broken for now. View the issues tab for the current bugs.
    A stable release will be expected around August 11-14th.
    Current release looks a bit like this:

    This project uses icons from both TorChat (GPL v3) and the Tango Desktop Project (CC-SA).”
    Downloads – torchat-sharp – clone of torchat written in C# – Google Project Hosting
    “TorChatSharp.tar Latest Download   Featured 10 hours ago 10 hours ago 11.5 MB”


  4. AS

    badvpn – Peer-to-peer VPN software – Google Project Hosting
    BadVPN is an open-source peer-to-peer VPN system. It provides a Layer 2 (Ethernet) network between the peers (VPN nodes). The peers connect to a central server which acts as a chat server for them to establish direct connections between each other (data connections). These connections are used for transferring network data (Ethernet frames), and can be secured with a multitude of mechanisms.
    UDP and TCP transport
    Converges very quickly after a new peer joins
    IGMP snooping to deliver multicasts efficiently (e.g. for IPTV)
    Features related to the NAT problem:
    Can work with multiple layers of NAT (needs configuration)
    Local peers inside a NAT can communicate directly
    Relaying as a fallback (needs configuration)
    BadVPN is written in the C programming language and currently works on Linux and Windows.
    A Gentoo Linux ebuild is available in the Downloads section, and a package for Arch Linux is available in the AUR, named “badvpn”. A Windows build is available too. If you want to build BadVPN from source, see INSTALL.
    Documentation is available on the wiki:
    badvpn – General description of BadVPN and its features.
    Examples – Quick guide to setting up a working VPN.
    badvpn_server, badvpn_client – Documentation of individual programs.
    BadVPN programs are fully event-driven. BadVPN has a flow-based design: the complete application is constructed from a large set of small independent I/O modules which exchange data through predefined interfaces. Furthermore, it is based on an original programming paradigm (the job queue paradigm), which greatly simplifies developing I/O modules. You can read more about the job queue paradigm at .
    NCD, the Network Configuration Daemon, is a daemon and programming language for configuration of network interfaces and other aspects of the operating system. It implements various functionalities as built-in modules, which may then be called from a NCD program wherever and for whatever purpose the user needs them. This modularity makes NCD extremely flexible and extensible. It does a very good job with hotplugging in various forms, like USB network interfaces and link detection for wired devices. NCD is capable of configuring BadVPN virtual interfaces.
    Aside from the BadVPN client and server programs, the package also contain the tun2socks program. This program is used to “socksify” TCP connections at the network layer. It implements a TUN device which accepts all incoming TCP connections (regardless of destination IP), and forwards the connections through a SOCKS server. This allows you to forward all connections through SOCKS, without any need for application support. It can be used, for example, to forward connections through a remote
    SSH server.
    See the tun2socks wiki page for more info.
    BadVPN is Copyright (C) 2010 Ambroz Bizjak.
    BadVPN is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License version 2 as published by the Free Software Foundation.
    BadVPN is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
    You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. ”
    Downloads – badvpn – Peer-to-peer VPN software – Google Project Hosting
    Uploaded 16 hours ago.


    • iGFW


  5. AS

    10.05.2011;19,2 MB;
    Downloads – wikiplus – WikiPlus+ 新的维基浏览器,更轻松访问维基百科! – Google Project Hosting
    “WikiPlus+ 新的维基浏览器,更轻松访问维基百科!
    “WikiPlus+ 是一個基於WikiBrowser 的新版本维基浏览器:
    采用Firefox 4.0.1 及Tor 版本
    加入附加组件HTTPS Everywhere (0.9.9.development.5 版本)
    采用Firefox 4.0 及Tor 版本
    采用新的WikiPlus+ 图标
    显示 Vidalia 控制面版,更清楚Tor 的状态
    加上GPL 及LGPL 等授权信息
    直接到达中文维基百科首页 “

    • iGFW