28.01.2015 New release: ZAS 2.1.0 (build 403) for Windows
The UDT library is used for file transfer. File transfer speed is much faster compared to the previous versions. The new version is fully compatible with previous builds.
Other changes: the ring tones are user selectable now. Also, made some minor fixes and updates in the user interface.
03.12.2014 ZAS Communicator 2.0.1 released
This is mainly bug fix release, however several new features were added as well.
After ZAS 2.0 (with video communication) was released, several problems were discovered in networking protocol and user interface parts. We have to do urgent work on the issues; therefore promised release of ZAS for Linux was postponed. Nevertheless, ZAS for Linux will be.
New features:
- The ability to completely disable Bootstrap/DHT/Kademlia functionality (suggested by gegel). In this mode, program works only as direct connection to IP:port. That kind of operation is required to direct ZAS traffic through anonymous networks like Tor or I2P; for example. In this mode, routing is performed by external means. ZAS Communicator acts only as terminal to provide encrypted traffic from one end of the link to another.
- Sending "keepalive" packets to all links at specified intervals (suggested by avb). This allows normal operation even if one of the sides of the link is behind several layers of NAT; and port forwarding is unavailable. Regular "keepalive" packets prevent aging of UDP routing table in routers. The "keepalive" sending interval is configurable or can be disabled.
- All known audio devices are maintained in a list in the order of preference. The program tries to find audio devices in the order specified in the list. This is convenient if one has to connect different audio devices.
Besides, there are many minor optimizations and improvements, as usual.
17.11.2014 ZAS Communicator 2.0.0 released
Soon it is going to be a year since we released initial version of ZAS communicator software. During past year, we learned a lot of specifics of IP telephony, cryptography and distributed coordination in serverless systems. Development of the system appeared to be no simple task. We had to solve many non-trivial problems. Finally, we build reliable system, which is simple and convenient to use.
We celebrate the year by releasing ZAS version 2.0. Main innovation is support for video communication. Now it is possible to talk, transfer files and text chat, as well as look at each other. Depending on the available Internet bandwidth, different quality/bit rate settings are supported for video and audio.
Besides, there are improvements and reinforcements in cryptography and several old bugs fixed in GUI and network interface. Libraries are statically linked. All ZAS functionality consists of one portable file: ZAS.exe.
ZAS 2.0 is incompatible with previous versions of ZAS. Also ZAS 2.0 won't be able to read previous chat history and phone book files. Clean install with generation of the new user key is required.
Other news: ZAS for Linux is announced. Up until now, ZAS worked only in Windows. Linux version will be released soon.
26.06.2014 ZAS Communicator 1.8.1 (build 352) released
Several bugs in networking part and user interface are fixed.
The crypto entropy collector part now processes system events by itself continuously; in addition to WinAPI::CryptGenRandom() calls and gathering entropy from incoming and outgoing data. So if any of entropy sources would be compromised, this would not affect the quality of generated ephemeral data.
The entropy collector state consists of two pools, of 1-kilobyte size each. The incoming entropy source data (system events, key presses, network transmit/receive data, mouse movements, etc.) are xored with contents of pool-0. When all of the pool-0 is xored with incoming data, entropy collector hash function with 2kbytes state (pool-0 + pool-1) is executed. Then, again, the incoming entropy data is xored with pool-0, and so on.
The data is xored with pool-0 rather then simply been put into pool-0. This is to avoid storage of plaintext data in the entropy pool.
When the program has to generate strong random numbers to be used as ephemeral keys or in the electronic signature generation, the program executes entropy collector hash function (regardless of fill state of pool-0), and then it generates random numbers using pool-1 as seed. After generation of random numbers, the hash function of entropy collector is executed again. Thus, it is not possible to recover generated random sequence from contents of entropy pools after generation.
At the start of the program, the state of entropy collector is initialized from file seed.bin and the system provided random number generator (WinAPI::CryptGenRandom). The seed.bin file is rewritten at the start and at the exit moments of ZAS program.
25.05.2014 ZAS Communicator 1.8 (build 340) released
In this version, we significantly reduced overhead of the networking traffic. Experience shows quite often the available Internet channel can transfer only several kilobytes per second. In order to be operable in such channels, we added quality/bit rate setting to Audio (Economy/Normal/High), changed format of encrypted packets and obfuscation, and modified the networking protocol. Now the phone traffic can fit into about 4Kbytes/sec. At that, the overhead of UDP protocol itself makes more then a half of traffic.
It could be possible to compress the traffic even more then it is now if it would be necessary. That requires audio codec with lower bit rate then currently used. Also we would have to combine several pieces of audio data into one packet to reduce UDP overhead.
The current version of the program became incompatible with the previous versions because the obfuscation format was changed. However, now the program can automatically check home web site for updates.
Long chat messages are not displayed in pieces as it was before. Now pieces are put back together on receive side.
There are some improvements and optimizations in the DHT transport and crypto library.
The adaptive jitter buffer for voice packets is modified so it automatically adjusts both ways: for larger and for smaller amount of buffering. The algorithm is optimized so to maintain minimum necessary delay for acceptable quality of sound.
As usual, several bugs fixed and many new options and settings added.
11.05.2014 ZAS Communicator 1.7 (build 332) released
Main difference from previous version is obfuscation of network traffic. Now all of the traffic looks like UDP packets with random data and random length. There are no standard sizes of packets, recognizable data fields, or typical signatures in the data. Obfuscation hides ZAS traffic to avoid protocol detectors and network blocks.
Obfuscation made protocol incompatible with previous versions of ZAS. However it won't be possible to introduce obfuscation while keeping system compatible with legacy. Also, obfuscation increased traffic overhead; as the packets are padded to random lengths with random numbers. We may have to adjust obfuscation parameters in the next versions.
Adaptive packet jitter buffer is other big improvement. Depending on the Internet connection quality, packet delivery time jitter could be very different. Now buffer is automatically tuned to maintain minimum necessary delay for jitter compensation.
Save/Clear Chat is now set operatively and independently for each user from the list. The program checks for new version automatically. As usual, number of bugs was fixed, some new options were added.
As it was demonstrated in the course of recent events between Russia and Ukraine, both sides are intercepting all phones, Skypes, emails, and probably all kinds of data traffic of each other. Regular Internet postings of recorded conversations of government officials, politicians, leaders of militants, oligarchs, etc. are illustrating the scale of the intercept. It looks rather odd that those people who supposed to know about insecurity of communications are first to fall into the trap. Is this because of general dullness multiplied by lack of convenient technical means for protection of the data channels, available to everybody?