Content deleted Content added
name footnote, +flaws |
→Operation: PE obfuscation levels |
||
Line 17:
The BitComet PHE method is not published. It is incompatible with MSE/PE.
MSE/PE uses a [[D-H]] exchange to establish the key, then it uses [[RC4]] to encrypt the data. The specification allows the users to choose between encrypting the headers only or the full connection to perform a CPU time/obfuscation tradeoff. However, PE only supports full encryption for outgoing connections, but will accept both obfuscation levels for incoming connections.
To ensure compatibility with other clients that don't support this specification users may also choose whether unencrypted incoming or outgoing connections are still allowed.
The estimated strength of the encryption is around 60-80 bits symmetrical (see [http://www.faqs.org/rfcs/rfc3526.html RFC3526] chapter 8). This is quite low for today's standards but one has to keep in mind that this protocol wasn't designed as a secure transport protocol but as fast and efficient obfuscation method.
==Note==
#{{note|name}} - It is usually referred to as the more correct ''protocol header encryption'' instead of the official name.
| |||