Tox   looks like a promising solution for secure, encrypted communications. The official client implementation is based on the Toxcore protocol library, which is very feature-rich and has a variety of functions besides VOIP. By default, Tox does not attempt to cloak your IP address from authorized contacts. However, Tox connections can be tunneled through Tor, allowing communication with others even if they are not anonymous.  Desktop and mobile client versions have been developed for every major OS platform. 
In the Tox design, users are assigned a public and private key, with direct connections being established in a peer-to-peer network. Users can message friends, join chat rooms with friends or strangers, and send each other files. Everything is encrypted using the NaCl crypto library, via libsodium.  . Tox helps to protect your privacy by: 
- Removing the need to rely on central authorities to provide messenger services
- Concealing your identity (in the form of meta-data, e.g. your IP address) from people who are not your authorized friends
- Enforcing end-to-end encryption with perfect forward secrecy as the default and only mode of operation for all messages
- Making your identity impossible to forge without the possession of your personal private key, which never leaves your computer
- Voice and video calls.
- Instant messaging.
- Desktop screen sharing / streaming.
- File sharing.
- Typing indicators.
- Message read-receipts.
- Profile encryption.
- Group messaging, voice and video conferencing.
Additional features can be implemented by any client, so long as they are supported by the core protocol. Features that are not related to the core networking system are left up to the client. 
|Security warning: Adding a third party repository allows the vendor to replace any package on your system. Proceed at your own risk! See Foreign Sources for further information. For greater safety, users adding third party repositories should always use Multiple Whonix-Workstations to compartmentalize VMs with additional software.|
Note: The following instructions will install the "qTox" graphical user client to your system.  To install the lightweight version with minimal dependencies ("uTox") or another Linux client like Ricin, Toxic or Toxygen, see here and here.
In the Whonix-Workstation (Qubes-Whonix: whonix-ws-14 TemplateVM), open a terminal (Konsole).
Download the Tox repository release key.
TODO: the following command is broken
Check the fingerprint before importing anything.
gpg --keyid-format long --with-fingerprint Release.key
Always check the fingerprint for yourself. 
At time of writing, the fingerprint was.
pub rsa2048/F2AA0B1E5EF8303B 2014-09-04 [SC] [expires: 2019-01-21] Key fingerprint = 3EB5 027B 3CD8 D7CA AC30 EB6B F2AA 0B1E 5EF8 303B uid home:antonbatenev OBS Project <home:firstname.lastname@example.org>
Add the Tox signing key.
TODO: the following command needs testing
sudo apt-key --keyring /etc/apt/trusted.gpg.d/tox-pubkey.gpg add Release.key
Add the Tox apt repository.
TODO: the following command is broken
sudo sh -c 'echo deb http://download.opensuse.org/repositories/home:/antonbatenev:/tox/Debian_8.0/ / > /etc/apt/sources.list.d/qtox.list'
Update the package lists.
sudo apt-get update
sudo apt-get install qtox
The Tox repository and qTox have now been installed.
TODO: Add instructions on how to use Tox with Stream Isolation without Tor over Tor.
- Depending on the mobile / desktop client in use.
- This repository is directly referenced on the Tox Download webpage, see: https://software.opensuse.org/download.html?project=home%3Aantonbatenev%3Atox&package=qtox Anton Batenev is a Tox developer.
- The list of GPG fingerprints currently in use by qTox developers can be referenced at https://github.com/qTox/qTox