Revision as of 05:12, 4 February 2006 edit F (talk \| contribs) Extended confirmed users, Pending changes reviewers, Rollbackers 5,590 edits →Operation: correct wrong info ← Previous edit		Revision as of 13:59, 4 February 2006 edit undo 89.49.203.24 (talk) major rewrite to clear up some unexplained references, fixed the crypto-description, generalized to specification level instead of client-specific info Next edit →
Line 1: {{Current}} '''Protocol header ~~encrypt~~encryption''' ('''PHE'''), '''Message stream encryption''' ('''MSE'''), or '''Protocol encryption''' ('''PE''') are features of some [[BitTorrent]] clients that attempt to make BitTorrent hard to throttle. Some [[Internet service provider\|ISP]]s throttle BitTorrent traffic because it makes up a large porportion of total traffic and the ISPs don't want to spend money buying extra capacity. Instead, the ISPs spend money on hardware that look for BitTorrent traffic and slow them down. ==History== Protocol header ~~encrypt~~encryption was conceived by [[RnySmile]] and first implemented in the [[BitComet]] client version 0.60 on [[8 September]] [[2005]]. Some software like IPP2P claims BitComet is detectable even with PHE. [http://www.ipp2p.org/news_en.html]. Since there are no open specifications to this protocol implementation the only possiblity to support it would have been [[reverse engineering]]. ~~Message stream encryption using the old method was implemented in [[Azureus]] CVS snapshot 2307-B29 on [[19 January]] [[2006]].~~ ~~[http://sourceforge.net/mailarchive/forum.php?thread_id=9517694&forum_id=40629]~~ ~~CVS snapshot 2307-B33 implements the new MSE method compatable with µTorrent on [[25 January]] [[2006]]. [http://sourceforge.net/mailarchive/message.php?msg_id=14596518]~~ In the late January of 2006 the Azureus developers decided to design and simultanously implement a new protocol obfuscation method that was openly specified. This first draft was heavily critizied since it lacked several key features the later version should include. After negotations between different BitTorrent developers a new proposal was written and then implemented into the respective [[µTorrent]] and [[Azureus]] betas within days. ~~Protocol encryption was implemented in [[µTorrent]] version 1.4.1 build 407 on [[29 January]] [[2006]].~~ Azureus supports the final spec since [[25 January]] [[2006]] (version 2.3.0.7 B33) and µTorrent followed 4 days later with Beta 1.4.1 build 407 Due to a lack of cooperation between the Azureus and µTorrent developers, µTorrent was planning to use its own protocol. However, recent developments means they will collaborate on the protocol after all. [http://forum.utorrent.com/viewtopic.php?pid=45927#p45927] A new protocol specification was created by various developers and it was agreed that it is better than the method previously used in Azureus. Because of this, both clients implemented the same new encryption protocol. The new protocol is called MSE in Azureus and PE in µTorrent. [[Bram Cohen]], the inventor of [[BitTorrent]], recently commented disfavouring on the ongoing development to obfuscate the BitTorrent protocol. [http://bramcohen.livejournal.com/29886.html] ==Operation== The BitComet PHE method is not published. and incompatible with MSE/PE MSE/PE uses a [[D-H]] exchange to establish the key, then it uses [[RC4]] to encrypt the data. ~~MSE~~The ~~can~~specification ~~either encrypt~~allows the ~~whole~~users ~~connection~~to orchoose ~~just~~between ~~the~~header-only ~~headers~~and a fullblown stream encryption to perform a CPU time/obfuscation tradeoff. PETo ~~always~~ensure ~~encrypt~~compatibility ~~the~~with other clients that don't support this specification a user may also choose whether unencrypted incoming or outgoing connections are ~~whole~~still ~~connection~~allowed. The estimated strength of the encryption lies around 60-80bit (see [http://www.faqs.org/rfcs/rfc3526.html RFC3526] chapter 8) of common symmetric encryption algorithms, which is quite low for todays cryptographic standards but one has to keep in mind that this protocol wasn't designed as a secure transport protocol like SSL or SSH but as fast and efficient mean to obfuscated the transported content. Users can choose whether to try unencrypted outgoing connections if the encrypted attempts fails and whether to accept non-encrypted incoming connections. The protocol recommends and both Azureus and µTorrent uses 160 bit keys, although 128-180 bit keys are acceptable. ~~PHE and MSE/PE are incompatible with each other.~~ ==External link== [http://azureus.aelitis.com/wiki/index.php/Message_Stream_Encryption Description on the official Azureus wiki] [http://azureus.aelitis.com/wiki/index.php/Bad_ISPs An evergrowing list of BitTorrent traffic shaping ISPs] [[Category:BitTorrent]] [[Category:Cryptographic protocols]]

BitTorrent protocol encryption: Difference between revisions