HOME

TheInfoList



OR:

Protocol encryption (PE), message stream encryption (MSE) or protocol header encrypt (PHE) are related features of some
peer-to-peer Peer-to-peer (P2P) computing or networking is a distributed application architecture that partitions tasks or workloads between peers. Peers are equally privileged, equipotent participants in the network. They are said to form a peer-to-peer n ...
file-sharing File sharing is the practice of distributing or providing access to digital media, such as computer programs, multimedia (audio, images and video), documents or electronic books. Common methods of storage, transmission and dispersion include rem ...
clients, including
BitTorrent client The following is a general comparison of BitTorrent clients, which are computer programs designed for peer-to-peer file sharing using the BitTorrent protocol. The BitTorrent protocol coordinates segmented file transfer among peers connected i ...
s. They attempt to enhance privacy and confidentiality. In addition, they attempt to make traffic harder to identify by third parties including
internet service provider An Internet service provider (ISP) is an organization that provides services for accessing, using, or participating in the Internet. ISPs can be organized in various forms, such as commercial, community-owned, non-profit, or otherwise private ...
s (ISPs). However, encryption will not protect one from DMCA notices from sharing not legal content, as one is still uploading material and the monitoring firms can merely connect to the
swarm Swarm behaviour, or swarming, is a collective behaviour exhibited by entities, particularly animals, of similar size which aggregate together, perhaps milling about the same spot or perhaps moving ''en masse'' or migrating in some direction. ...
. MSE/PE is implemented in
BitComet BitComet (originally named SimpleBT client from versions 0.11 to 0.37) is a cross-protocol BitTorrent, HTTP and FTP client written in C++ for Microsoft Windows and available in 52 different languages. Its first public release was version 0.28. Th ...
, BitTornado,
Deluge A deluge is a large downpour of rain, often a flood. The Deluge refers to the flood narrative in the Biblical book of Genesis. Deluge may also refer to: History *Deluge (history), the Swedish and Russian invasion of the Polish-Lithuanian Comm ...
,
Flashget FlashGet (formerly JetCar, from the literal translation of the Chinese phrase ) was a freeware download manager for Microsoft Windows. It was originally available in either paid or ad-supported versions, the latter of which included an Interne ...
,
KTorrent KTorrent is a BitTorrent client that is part of the KDE Gear. Features KTorrent is often received as a client intended to be feature rich. Features include: *Upload and download speed capping / throttling & scheduling *Internet searching with ...
,
libtorrent libtorrent is an open-source implementation of the BitTorrent protocol. It is written in and has its main library interface in C++. Its most notable features are support for Mainline DHT, IPv6, HTTP seeds and μTorrent's peer exchange. libtor ...
(used by various BitTorrent clients, including
qBittorrent qBittorrent is a cross-platform free and open-source BitTorrent client written in native application, native C++. It relies on Boost (C++ libraries), Boost, Qt (software), Qt 6 toolkit and the libtorrent-rasterbar library (for the torrent back-e ...
), Mainline,
μTorrent μTorrent, or uTorrent (see pronunciation) is a proprietary adware BitTorrent client owned and developed by Rainberry, Inc. with over 150 million users. It is the most widely used BitTorrent client outside China; globally only behind Xunlei. Th ...
,
qBittorrent qBittorrent is a cross-platform free and open-source BitTorrent client written in native application, native C++. It relies on Boost (C++ libraries), Boost, Qt (software), Qt 6 toolkit and the libtorrent-rasterbar library (for the torrent back-e ...
,
rTorrent rTorrent is a text-based BitTorrent client written in C++, based on the ncurses and libTorrent (not to be confused with libtorrent) libraries for Unix, whose author's goal is "a focus on high performance and good code". Technical detail ...
,
Transmission Transmission may refer to: Medicine, science and technology * Power transmission ** Electric power transmission ** Propulsion transmission, technology allowing controlled application of power *** Automatic transmission *** Manual transmission *** ...
,
Tixati Tixati is a proprietary Linux and Windows BitTorrent client written in C++. It has standalone and portable versions with each new client version. Features In addition to standard BitTorrent client-sharing functions, Tixati provides integral ...
and
Vuze Vuze (previously Azureus) is a BitTorrent client used to transfer files via the BitTorrent protocol. Vuze is written in Java, and uses the Azureus Engine. In addition to downloading data linked to .torrent files, Azureus allows users to view, p ...
. PHE was implemented in old versions of BitComet. Similar protocol
obfuscation Obfuscation is the obscuring of the intended meaning of communication by making the message difficult to understand, usually with confusing and ambiguous language. The obfuscation might be either unintentional or intentional (although intent u ...
is supported in up-to-date versions of some other (non-BitTorrent) systems including
eMule eMule is a free peer-to-peer file sharing application for Microsoft Windows. Started in May 2002 as an alternative to eDonkey2000, eMule now connects to both the eDonkey network and the Kad network. The distinguishing features of eMule are ...
.


Purpose

As of January 2005, BitTorrent traffic made up more than a third of total residential internet traffic, although this dropped to less than 20% as of 2009. Some ISPs deal with this traffic by increasing their capacity whilst others use specialised systems to slow peer-to-peer traffic to cut costs. Obfuscation and encryption make traffic harder to detect and therefore harder to throttle. These systems were designed initially to provide
anonymity Anonymity describes situations where the acting person's identity is unknown. Some writers have argued that namelessness, though technically correct, does not capture what is more centrally at stake in contexts of anonymity. The important idea he ...
or
confidentiality Confidentiality involves a set of rules or a promise usually executed through confidentiality agreements that limits the access or places restrictions on certain types of information. Legal confidentiality By law, lawyers are often required ...
, but became required in countries where
Internet Service Providers An Internet service provider (ISP) is an organization that provides services for accessing, using, or participating in the Internet. ISPs can be organized in various forms, such as commercial, community-owned, non-profit, or otherwise privatel ...
were granted the power to throttle BitTorrent users and even ban those they believed were guilty of illegal file sharing.


History


Early approach

Protocol header encryption (PHE) was conceived by RnySmile and first implemented in
BitComet BitComet (originally named SimpleBT client from versions 0.11 to 0.37) is a cross-protocol BitTorrent, HTTP and FTP client written in C++ for Microsoft Windows and available in 52 different languages. Its first public release was version 0.28. Th ...
version 0.60 on 8 September 2005. Some software like IPP2P claims BitComet traffic is detectable even with PHE. PHE is detectable because only part of the stream is encrypted. Since there are no open specifications to this protocol implementation the only possibility to support it in other clients would have been via
reverse engineering Reverse engineering (also known as backwards engineering or back engineering) is a process or method through which one attempts to understand through deductive reasoning how a previously made device, process, system, or piece of software accompli ...
.


Development of MSE/PE

In late January 2006 the developers of
Vuze Vuze (previously Azureus) is a BitTorrent client used to transfer files via the BitTorrent protocol. Vuze is written in Java, and uses the Azureus Engine. In addition to downloading data linked to .torrent files, Azureus allows users to view, p ...
(then known as Azureus) decided to design and simultaneously implement a new, open protocol obfuscation method, called message stream encryption (MSE). It was included in Azureus CVS snapshot 2307-B29 on 19 January 2006. This first draft was heavily criticized since it lacked several key features. After negotiations between different BitTorrent developers a new proposal was written and then implemented into the Azureus and
μTorrent μTorrent, or uTorrent (see pronunciation) is a proprietary adware BitTorrent client owned and developed by Rainberry, Inc. with over 150 million users. It is the most widely used BitTorrent client outside China; globally only behind Xunlei. Th ...
betas within days. In μTorrent, the new protocol was called protocol encryption (PE).


MSE/PE in BitTorrent client versions


aria2
supports MSE/PE as of build v1.34 but is not enforced by default. *BitComet version 0.63 was released 7 March 2006. It removed the old protocol header encryption and implemented the new MSE/PE to be compatible with Azureus and μTorrent. * BitTornado supports MSE/PE as of build T-0.3.18. As of January 5, 2007, this build is still marked "experimental" on the Download page. * BitTorrent (Mainline) supports MSE/PE since version 4.9.2-beta on May 2, 2006. *
Deluge A deluge is a large downpour of rain, often a flood. The Deluge refers to the flood narrative in the Biblical book of Genesis. Deluge may also refer to: History *Deluge (history), the Swedish and Russian invasion of the Polish-Lithuanian Comm ...
supports MSE/PE as of Deluge-0.5.1. *
KTorrent KTorrent is a BitTorrent client that is part of the KDE Gear. Features KTorrent is often received as a client intended to be feature rich. Features include: *Upload and download speed capping / throttling & scheduling *Internet searching with ...
implemented MSE/PE in SVN version 535386 SVN vn://anonsvn.kde.org/home/kde/trunk/extragear/network/ktorrent server KDE.org. 2006-04-29.Subversion client required. on April 29, 2006. *
libtorrent libtorrent is an open-source implementation of the BitTorrent protocol. It is written in and has its main library interface in C++. Its most notable features are support for Mainline DHT, IPv6, HTTP seeds and μTorrent's peer exchange. libtor ...
implemented protocol encryption in v0.13 released on 10 December 2011. *
rTorrent rTorrent is a text-based BitTorrent client written in C++, based on the ncurses and libTorrent (not to be confused with libtorrent) libraries for Unix, whose author's goal is "a focus on high performance and good code". Technical detail ...
supports MSE/PE as of rTorrent-0.7.0. *
Transmission Transmission may refer to: Medicine, science and technology * Power transmission ** Electric power transmission ** Propulsion transmission, technology allowing controlled application of power *** Automatic transmission *** Manual transmission *** ...
supports MSE/PE as of Transmission-0.90. *
Vuze Vuze (previously Azureus) is a BitTorrent client used to transfer files via the BitTorrent protocol. Vuze is written in Java, and uses the Azureus Engine. In addition to downloading data linked to .torrent files, Azureus allows users to view, p ...
(formerly Azureus) supports the final spec since 25 January 2006 (CVS snapshot 2307-B33). Azureus version 2.4.0.0 was released 10 February 2006, and was the first stable version of a client to support MSE/PE. However, glitches in Azureus' implementation resulted in improperly encrypted pieces that failed hash checking. The glitches were rectified as of version 2.4.0.2. *
μTorrent μTorrent, or uTorrent (see pronunciation) is a proprietary adware BitTorrent client owned and developed by Rainberry, Inc. with over 150 million users. It is the most widely used BitTorrent client outside China; globally only behind Xunlei. Th ...
premiered MSE/PE 4 days after Azureus with beta 1.4.1 build 407. μTorrent version 1.5 (build 436) was released on 7 March 2006; it was the first stable version of μTorrent with PE.


Operation

The BitComet PHE method used in versions 0.60 to 0.62 is neither published, nor is it compatible with MSE/PE. MSE/PE uses
key exchange Key exchange (also key establishment) is a method in cryptography by which cryptographic keys are exchanged between two parties, allowing use of a cryptographic algorithm. If the sender and receiver wish to exchange encrypted messages, each m ...
combined with the infohash of the torrent to establish an
RC4 In cryptography, RC4 (Rivest Cipher 4, also known as ARC4 or ARCFOUR, meaning Alleged RC4, see below) is a stream cipher. While it is remarkable for its simplicity and speed in software, multiple vulnerabilities have been discovered in RC4, ren ...
encryption key. The key exchange helps to minimize the risk of passive listeners, and the infohash helps avoid
man-in-the-middle attack In cryptography and computer security, a man-in-the-middle, monster-in-the-middle, machine-in-the-middle, monkey-in-the-middle, meddler-in-the-middle, manipulator-in-the-middle (MITM), person-in-the-middle (PITM) or adversary-in-the-middle (AiTM) ...
s. RC4 is chosen for its speed. The first
kibibyte The byte is a unit of digital information that most commonly consists of eight bits. Historically, the byte was the number of bits used to encode a single character of text in a computer and for this reason it is the smallest addressable unit ...
(1024 bytes) of the output is discarded to prevent the
Fluhrer, Mantin and Shamir attack In cryptography, the Fluhrer, Mantin and Shamir attack is a stream cipher attack on the widely used RC4 stream cipher. The attack allows an attacker to recover the key in an RC4 encrypted stream from a large number of messages in that stream. The F ...
. The specification allows the users to choose between encrypting the headers only or the full connection. Encrypting the full connection provides more obfuscation but uses more CPU time. To ensure compatibility with other clients that don't support this specification, users may also choose whether unencrypted incoming or outgoing connections are still allowed. Supported clients propagate the fact that they have MSE/PE enabled through
PEX PEX is cross-linked polyethylene, a form of polyethylene with cross-links. PEX or Pex may also refer to: Science and technology *Peer exchange, a method to gather peers for BitTorrent * PHIGS Extension to X, in programming * Pex (software), a un ...
and DHT.


Security

The estimated strength of the encryption corresponds to about 60–80 bits for common symmetrical ciphers. Cryptographically, this effective key length is quite low, but appropriate in that the protocol was not designed as a secure transport protocol but rather as a fast and efficient obfuscation method. AES was proposed as the encryption method, but not adopted because it consumed too much CPU time. The required Diffie–Hellman keys to achieve a security equal to AES would have been much bigger or require
elliptic curve cryptography Elliptic-curve cryptography (ECC) is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. ECC allows smaller keys compared to non-EC cryptography (based on plain Galois fields) to provide e ...
, making the handshake more expensive in terms of used CPU time.


Effectiveness

Analysis of the BitTorrent protocol encryption (a.k.a. MSE) has shown that statistical measurements of packet sizes and packet directions of the first 100 packets in a TCP session can be used to identify the obfuscated protocol with over 96% accuracy.


Criticism

Bram Cohen Bram Cohen is an American computer programmer, best known as the author of the peer-to-peer (P2P) BitTorrent protocol in 2001, as well as the first file sharing program to use the protocol, also known as BitTorrent. He is also the co-founder of ...
, the inventor of BitTorrent, opposed adding encryption to the BitTorrent protocol. Cohen stated he was worried that encryption could create incompatibility between clients. He also stressed the point that the majority of ISPs don't block the torrent protocol. In 2006 Cohen wrote "I rather suspect that some developer has gotten rate limited by his ISP, and is more interested in trying to hack around his ISP's limitations than in the performance of the internet as a whole". Many BitTorrent community users responded strongly against Cohen's accusations. Cohen later added encrypted connections to his Mainline client with the ability to receive but not originate them. Notably, when μTorrent was purchased by BitTorrent, Inc. and then became the next mainline release, the ability to originate encrypted connections was retained, but it became turned off by default. In an interview in 2007, Cohen stated "The so-called 'encryption' of BitTorrent traffic isn't really encryption, it's obfuscation. It provides no anonymity whatsoever, and only temporarily evades traffic shaping.""Interview with Bram Cohen, the inventor of BitTorrent"
. TorrentFreak. 2007-01-17. Retrieved 2013-04-07.


Notes


References


External links


"Message Stream Encryption"
Vuze.
"ISPs that shape BitTorrent"
Vuze.
"BitTorrent End to End Encryption and Bandwidth Throttling - Part I" with µTorrent developers
Slyck News.
"BitTorrent End to End Encryption and Bandwidth Throttling - Part II" with Azureus developers
Slyck News.
"BitTorrent and End to End Encryption"
Slashdot.

BitTorrent.org.
"Identifying the Message Stream Encryption (MSE) protocol" for Statistical Protocol IDentification
SourceForge.
"Block P2P Traffic on a Cisco IOS Router using NBAR"
Cisco.
"Aria2c VPN/Proxy Tutorial"
GoTux. {{BitTorrent BitTorrent Cryptographic protocols