whatis.rst
1 ****************** 2 What is Reticulum? 3 ****************** 4 5 Reticulum is a cryptography-based networking stack for building both local and 6 wide-area networks with readily available hardware, that can continue to operate 7 under adverse conditions, such as extremely low bandwidth and very high latency. 8 9 Reticulum allows you to build wide-area networks with off-the-shelf tools, and 10 offers end-to-end encryption, forward secrecy, autoconfiguring cryptographically 11 backed multi-hop transport, efficient addressing, unforgeable packet 12 acknowledgements and more. 13 14 From a users perspective, Reticulum allows the creation of applications that 15 respect and empower the autonomy and sovereignty of communities and individuals. 16 Reticulum enables secure digital communication that cannot be subjected to 17 outside control, manipulation or censorship. 18 19 Reticulum enables the construction of both small and potentially planetary-scale 20 networks, without any need for hierarchical or bureaucratic structures to control 21 or manage them, while ensuring individuals and communities full sovereignty 22 over their own network segments. 23 24 Reticulum is a **complete networking stack**, and does not need IP or higher 25 layers, although it is easy to utilise IP (with TCP or UDP) as the underlying 26 carrier for Reticulum. It is therefore trivial to tunnel Reticulum over the 27 Internet or private IP networks. Reticulum is built directly on cryptographic 28 principles, allowing resilience and stable functionality in open and trustless 29 networks. 30 31 No kernel modules or drivers are required. Reticulum can run completely in 32 userland, and will run on practically any system that runs Python 3. Reticulum 33 runs well even on small single-board computers like the Pi Zero. 34 35 36 Current Status 37 ============== 38 All core protocol features are implemented and functioning, but additions will probably occur as 39 real-world use is explored. The API and wire-format can be considered complete and stable, but 40 could change if absolutely warranted. 41 42 43 What does Reticulum Offer? 44 ========================== 45 46 * Coordination-less globally unique addressing and identification 47 48 * Fully self-configuring multi-hop routing over heterogeneous carriers 49 50 * Flexible scalability over heterogeneous topologies 51 52 * Reticulum can carry data over any mixture of physical mediums and topologies 53 54 * Low-bandwidth networks can co-exist and interoperate with large, high-bandwidth networks 55 56 * Initiator anonymity, communicate without revealing your identity 57 58 * Reticulum does not include source addresses on any packets 59 60 * Asymmetric X25519 encryption and Ed25519 signatures as a basis for all communication 61 62 * The foundational Reticulum Identity Keys are 512-bit Elliptic Curve keysets 63 64 * Forward Secrecy is available for all communication types, both for single packets and over links 65 66 * Reticulum uses the following format for encrypted tokens: 67 68 * Ephemeral per-packet and link keys and derived from an ECDH key exchange on Curve25519 69 70 * AES-256 in CBC mode with PKCS7 padding 71 72 * HMAC using SHA256 for authentication 73 74 * IVs are generated through os.urandom() 75 76 * Unforgeable packet delivery confirmations 77 78 * Flexible and extensible interface system 79 80 * Reticulum includes a large variety of built-in interface types 81 82 * Ability to load and utilise custom user- or community-supplied interface types 83 84 * Easily create your own custom interfaces for communicating over anything 85 86 * Authentication and virtual network segmentation on all supported interface types 87 88 * An intuitive and easy-to-use API 89 90 * Simpler and easier to use than sockets APIs and simpler, but more powerful 91 92 * Makes building distributed and decentralised applications much simpler 93 94 * Reliable and efficient transfer of arbitrary amounts of data 95 96 * Reticulum can handle a few bytes of data or files of many gigabytes 97 98 * Sequencing, compression, transfer coordination and checksumming are automatic 99 100 * The API is very easy to use, and provides transfer progress 101 102 * Lightweight, flexible and expandable Request/Response mechanism 103 104 * Efficient link establishment 105 106 * Total cost of setting up an encrypted and verified link is only 3 packets, totalling 297 bytes 107 108 * Low cost of keeping links open at only 0.44 bits per second 109 110 * Reliable sequential delivery with Channel and Buffer mechanisms 111 112 113 Where can Reticulum be Used? 114 ============================ 115 Over practically any medium that can support at least a half-duplex channel 116 with greater throughput than 5 bits per second, and an MTU of 500 bytes. Data radios, 117 modems, LoRa radios, serial lines, AX.25 TNCs, amateur radio digital modes, 118 ad-hoc WiFi, free-space optical links and similar systems are all examples 119 of the types of interfaces Reticulum was designed for. 120 121 An open-source LoRa-based interface called `RNode <https://unsigned.io/rnode>`_ 122 has been designed as an example transceiver that is very suitable for 123 Reticulum. It is possible to build it yourself, to transform a common LoRa 124 development board into one, or it can be purchased as a complete transceiver 125 from various vendors. 126 127 Reticulum can also be encapsulated over existing IP networks, so there's 128 nothing stopping you from using it over wired Ethernet or your local WiFi 129 network, where it'll work just as well. In fact, one of the strengths of 130 Reticulum is how easily it allows you to connect different mediums into a 131 self-configuring, resilient and encrypted mesh. 132 133 As an example, it's possible to set up a Raspberry Pi connected to both a 134 LoRa radio, a packet radio TNC and a WiFi network. Once the interfaces are 135 added, Reticulum will take care of the rest, and any device on the WiFi 136 network can communicate with nodes on the LoRa and packet radio sides of the 137 network, and vice versa. 138 139 Interface Types and Devices 140 =========================== 141 Reticulum implements a range of generalised interface types that covers the communications hardware that Reticulum can run over. If your hardware is not supported, it's simple to :ref:`implement an interface class<example-custominterface>`. Currently, Reticulum can use the following devices and communication mediums: 142 143 * Any Ethernet device 144 145 * WiFi devices 146 147 * Wired Ethernet devices 148 149 * Fibre-optic transceivers 150 151 * Data radios with Ethernet ports 152 153 * LoRa using `RNode <https://unsigned.io/rnode>`_ 154 155 * Can be installed on `many popular LoRa boards <https://github.com/markqvist/rnodeconfigutil#supported-devices>`_ 156 157 * Can be purchased as a `ready to use transceiver <https://unsigned.io/rnode>`_ 158 159 * Packet Radio TNCs, such as `OpenModem <https://unsigned.io/openmodem>`_ 160 161 * Any packet radio TNC in KISS mode 162 163 * Ideal for VHF and UHF radio 164 165 * Any device with a serial port 166 167 * The I2P network 168 169 * TCP over IP networks 170 171 * UDP over IP networks 172 173 * Anything you can connect via stdio 174 175 * Reticulum can use external programs and pipes as interfaces 176 177 * This can be used to easily hack in virtual interfaces 178 179 * Or to quickly create interfaces with custom hardware 180 181 For a full list and more details, see the :ref:`Supported Interfaces<interfaces-main>` chapter. 182 183 184 Caveat Emptor 185 ============== 186 Reticulum is an experimental networking stack, and should be considered as 187 such. While it has been built with cryptography best-practices very foremost in 188 mind, it has not yet been externally security audited, and there could very well be 189 privacy-breaking bugs. To be considered secure, Reticulum needs a thorough 190 security review by independent cryptographers and security researchers. If you 191 want to help out with this, or can help sponsor an audit, please do get in touch.