Slashdot Mirror

← Back to Stories (view on slashdot.org)

BitTorrent Devs Introduce Comcast-Proof Encryption

Posted by Zonk on from the crafty-devs dept.

Dean Garfield writes "An article at TorrentFreak notes that several BitTorrent developers have proposed a new protocol extension with the ability to bypass the BitTorrent interfering techniques used by Comcast and other ISPs. 'This new form of encryption will be implemented in BitTorrent clients including uTorrent, so Comcast subscribers are free to share again. The goal of this new type of encryption (or obfuscation) is to prevent ISPs from blocking or disrupting BitTorrent traffic connections that span between the receiver of a tracker response and any peer IP-port appearing in that tracker response, according to the proposal.'"

8 of 334 comments (clear)

  1. Re:Traffic Analysis by ookabooka · · Score: 4, Interesting

    I think the idea here is to stop Comcast from injecting their own RST packets into the stream, effectively killing the connection from both sides. Every time an ISP implements a harsh countermeasure, they force the evolution of the protocol. I see this simple as the next logical step in the constant pull and tug of P2P and ISP's. Still, kudos for these guys doing this stuff. I'm sure Blizzard will like hearing that their updates are hindered on Comcast's networks while P2P data has an easier time.

    --
    If you are about to mod me down, keep in mind that this post was most likely sarcastic.
  2. Throttling encryption by diamondmagic · · Score: 3, Interesting

    How long is it until they start throttling encrypted traffic too?

    --
    Wonder what the public key field is for?
  3. Re:Do arms races ever work? by CodeBuster · · Score: 4, Interesting

    The bittorent devs have the upper hand, at least for the forseable future, because of strong crypto like AES, Serpent, and Twofish for symmetric session traffic and strong public key crypto like RSA to handle the handshakes and symmetric key exchanges. The only response of the ISP is to try and automate Man in the Middle (MITM), but that will be extremely difficult and expensive to implement in practice. Remember that Comcast was throttling bandwidth to cut costs on network upgrades so why would they spend exponentially more on new specialized crypto hardware and software to MITM the handshakes on bittorent sessions if they are too cheap to even upgrade their network? Unless and until there are substantial advances in cryptanalyis (as far as I know there have been no substantial improvements on known attacks in recent years, minor optimizations here and there but not enough to really put a dent in the crypto) or quantum computers become cheap and practical, encryption will provide a very strong defense against network filtering, particularly when it is combined with port randomization. That is why it is in the best Interests of Comcast and other ISPs NOT to escalate by engaging in packet filtering. They will only hasten the development of bittorent clients with strong crypto, as they are doing here, AND draw attention to these new "super" clients that are not "slow".

  4. Re:Do arms races ever work? by linzeal · · Score: 4, Interesting

    We are still using HTTP and FTP, who is to say that BT will not just slowly mature like those? If there is any standard P2P protocol emerging than BT would be in the top 3 along with Edonkey and DC++.

    --
    An Education is the Font of All Liberty
  5. Re:Do arms races ever work? by MightyMartian · · Score: 5, Interesting

    Or they could just do the sensible thing, cut out all the bullshit "unlimited" advertising (which should be against the law anyways) and start selling customers a set block of gigabytes, with an over-limit charge per gig, just like the dialup ISPs did with time online in the olden days. That's what I did at the small ISP I worked for. I wrote and maintained the billing software, and just sucked in usage stats off our Radius servers once an hour. The system was even set up to send out an email when a user was close to his gigabyte limit letting him know that the meter was going to start running and what the charge per gig was.

    We tried shaping P2P traffic, and it just annoyed customers, and annoying customers is not exactly a long-term strategy for success.

    --
    The world's burning. Moped Jesus spotted on I50. Details at 11.
  6. What does strong crypto have to do with it? by Joce640k · · Score: 3, Interesting

    Anything stronger than rot-13 will do.

    Even if it only takes an ISP 0.1 seconds to "crack" a packet then there's no way he can crack the millions of packets per second flowing through his routers.

    --
    No sig today...
  7. Source of the unsolicited traffic by Lonewolf666 · · Score: 4, Interesting

    Reportedly most of it comes from botnets:
    Insecure machines that were taken over by hackers and whose clueless owners did not notice anything. Or even don't care.

    Now if ISPs start selling traffic by the gigabyte (again - it was not uncommon a few years ago), the owner of those spam-slaves would notice it on their internet bills. At that point, I think securing one's machine would become a lot more popular and the botnets would shrink. Overall result:
    less spam and DDOS attacks.

    Considering the inbound hacking attempts, my father still has a 2 GByte/month plan and so far I've heard no complaints about suddenly increasing bills. So it seems to be not that much.

    --
    C - the footgun of programming languages
  8. Re:I wonder... by MrShaggy · · Score: 3, Interesting

    Wouldn't breaking the encryption be a violation of the dmca?? I think that would be sweet.

    --
    I have mod points and I am not afraid to use them.