Encrypting BitTorrent to take out traffic shapers
Written by Ernesto on February 05, 2006Over the past months more BitTorrent users noticed that their ISP is killing all BitTorrent traffic . ISP’s like Rogers are using bit-shaping applications to throttle the traffic that is generated by BitTorrent.
But, at the same time two of the most popular BitTorrent clients are working together to implement header and message stream encryption in order to take out these traffic shapers.
Currently both Azureus and uTorrent included this new form of encryption (specs) in their latest Beta’s. The fact that these two clients are actively working together to implement this new feature is promising and will make this form of encryption the new standard since the users of these two clients cover the majority of all BitTorrent users.
There are two “encryption modes” available.
The 2 different payload encryption methods plaintext transmission and RC4 provide a different degree of protocol obfuscation, security and speed. Where the plaintext mode only provides basic anti-shaping obscurity, no security and low CPU usage the RC4 encryption obfuscates the entire stream and not only the header and adds some cryptographic security at the price of spent CPU cycles.
The question now is.. Does it work? and how effective is it? If it works it will definitely offer a great solution to all BitTorrent users who suffer from traffic shaping ISP’s.
Bram Cohen, the creator of the BitTorrent protocol reacted quite negatively on these new developments. He questions the need for encryption since only a few ISP’s are actively shaping traffic. Among other things he also fears incompatibility between clients and increased cpu usage. Although these arguments can be countered quite easily, developers should keep them in mind.
But the fact is, if this new encryption method is launched successfully it will be a huge step forward for the BitTorrent community.
Previously: Speed up your torrents II
Next: Opera integrates BitTorrent in their Browser
162 Responses (Add yours or TrackBack)
Pages: « 1 [2] 3 4 5 6 7 » Show All
The Spanish ISP Ono is aplying traffic shaping right now, with 1024/512 my maximum download rate is 30kb/s. This is a great notice to all spanish people
Ono esta capando el p2p, con 1024/512 de Ono no pasamos de 30kb/s. Esta noticia es cojonuda
The VPN/SSH comments are dead on. Encrypting BT won’t help much when an ISP does like RCN, and simply packet spoofs EOFs into your stream, actively disrupting BT peer protocols and preventing all seeding/uploading after 100% is reached.
Rather than implement encryption on a per-application basis, simply attach a BitTorrent client to an encrypted channel and route it through a packet anonymising service using an SSH tunnel. Or just VPN the entire connection. There really is no need to build in encryption into the client, which from a layer point of view is a bad idea anyway. Two such services that offer application or connection anonymity are:
http://www.findnot.com/setupsupp.html
http://www.your-freedom.net/6/
If more ISPs go lame like RCN then services like these will only grow in popularity and become more prevalent. We might even see entire voluntary darknets growing in popularity:
http://tor.eff.org/
http://www.i2p.net/faq
There’s already a quite substantial plugin for Azureas that already implements an encrypted darknet:
http://azureus.sourceforge.net/doc/AnonBT/i2p/I2P_howto.htm
Rogers is quite likely the most incompetent large ISP in North America. I can say this after having read numerous tales of woe from others about their ISPs. Rogers subscribers (and I am one) could only wish to have our service work as well as those complainers get (they do not know how lucky they are).
Rogers ran their own ISP operation with their own staff. How incompetent were they? They joined the @Home “group” and waited until the last few weeks that @Home was operating before providing any sort of migration path. The migration was so incompetent (I had to try it to see just how bad it was) that my call to their help desk about migrating two usernames (yes, I had one and my wife had her own — and clearly no one at Rogers expected anything so complicated) to Rogers recommended email program (Outlook Express - duh!) got the response: that can’t be done; you can have only one email address, you have to create another account on the computer to access a second Outlook Express email account.
Ok, so by now you know that they are useless. How useless?
There are far too many stories for me to accept anything other than this: Rogers (when they ran their own email operations) were hacked.
Twice.
My spam messages had been 1-2 a week ever since I joined until one day (and every day since then) it jumped to 20/30 per day. Only on my Rogers email account. I have another (non-Rogers) account for ‘dubious’ sites and it doesn’t see anything like that amount of spam.
Now they let Yahoo handle their email and the spam is identified (with only one or two false positives). In order to maintain my email accounts, I have to go to a Rogers/Yahoo “smail support” page. For a long time, I had to use IE because their pages wouldn’t support Opera/Moz/FF. I can get there now using Opera.
But suppose I have a question that needs the help desk support. I have to go through … well, try it for yourself: 1-888-288-4663 … interactive voice response. When prompted for your phone number simply say “general information” — for fun, try saying it before the voice completes his remarks.
Their incompetence knows no bounds: for six months I was getting telemarketer calls to enroll in Rogers High Speed. They are so incompetent that they couldn’t even do a quick “pass” of subscribers phone numbers against the lists they were purchasing. I started telling them I was already subscribed and wanted the account cancelled immediately.
I do have one good thing to say about Rogers: they have an excellent help desk. Of course, if you have to field as many calls as they do, eventually even the dumbest person on the help desk achieves a level of competence, I suppose.
I’ve just got too much on my plate right now so I can’t afford to take the time to move off Rogers onto Bell. But there may be a relocation move in my future. I’ll say “bye-bye” to the house, “bye-bye” to the neighbours, and “good f*cking riddance” to Rogers.
I never really get anything using Bittorrent but recently needed to download 2 DVDs worth of Debian Sarge. Bittorrent saved me a bunch of time and the mirror servers a lot of bandwidth. It would indeed suck to have my BT throttled for those times when I actually need to use it, so maybe it’s not a bad idea to have the headers encrypted. As long as there’s backwards compatibility, I see no reason not to.
I don’t understand why you guys are ignoring one of Brams principal objections - namely that it won’t work, as ISPs will still be able to packet shape traffic with more advanced shaping rules, and if one day it gets to the point where they can’t do that they’ll just enforce draconian rules on EVERYBODY. You guys are the few who are ruining it for the many, please stop!
@MH
Kind of a cliche, but guns are still available aren’t they?
ISP’s don’t have the right to block traffic just because it’s an effective way of distributing files.
ERNESTO-
ISP’s can block anything they want, because they own the network. Your option is to find a different provider.
“I don’t understand why you guys are ignoring one of Brams principal objections - namely that it won’t work”
We should believe him just because he says so? Rubbish.
I think it’s a great way to go into, this will give ISP less power and more to consummer.
Still you can seed before you finish the 100% and stop at 99.99% … (If they try to prevent seeding after 100%)
But still there are so many ISP that are not doing it and that you can switch to…
This is a telecom arms race; escalation is inevitable between ISPs and p2p devs.
Eventually the ISP will simply throttle traffic to $SLOW kbps after a customer transfers >$QUOTA per day (regardless of traffic type).
That’s really what ISPs want, and the technology to do it already exists.
Now’s a good time to IM a friend and begin building a wifi darknet.
-GC
Internet provision shouldn’t really be an “arms race”, but I agree that what’s on the short-term horizon is something like that. I hope ISPs consider something more innovative to avoid this becoming a necessity.
If what they’re worried about is the bandwidth taken up by BitTorrent and other p2p protocols, this isn’t going to help. The hi-tech innovators screwing around at home for fun will always beat the big guys. It’s just too decentralized for a few giant organizations to anticipate their every move.
If certain ISP’s are really so concerned about the bandwidth usage, why don’t they just charge by the Gig, or something like that? If someone were to offer $5-10 flat per month just for the hookup (higher price for faster connection speed), and say, 50-75 cents per Gig (lower price the more you download… i.e. bulk rates) on top of that, they’d have my business, as I’d pay more when I used more, and less when I used less. It seems pretty intuitive to me.
They wouldn’t have to put tons of effort into checking headers and whatnot, as it would apply to *all* traffic. I’d pay the same price per gig whether I was in a torrent swarm, or downloading movie trailers/news footage via HTTP.
Perhaps during holidays, the rate could be bumped up a little bit so that people would be less inclined to to their heavy traffic on those days. Every Christmas, it’s the same damn thing: internet’s slow. I’m the only one in the family who understands why: The ISP can handle the flow of leechers on a regular day, but when you heap on the gigs upon gigs of personal video and family pictures sent around on holidays, it just pushes the ISP to its breaking point, and it just can’t handle all the requests for info.
Although there is clearly a market for the flat-rate unlimited traffic solutions currently popular, and such plans will likely be around forever, pricing traffic by the byte for those people who want that kind of plan will solve a ton of problems while giving people more fluid pricing.
It won’t require throttling, quotas, and packet-blocking, because before any big download, customers will have to ask themselves: “Hey, I’ve already spent 40 bucks on data this month, do I really want to spend another two bucks for this movie?” They likely will since the marginal cost is so low, but the ISP benefits as well from the extra revenue. That extra revenue will encourage them to keep the pipes wide open for as much data as possible so that they can milk every last cent out of their customers, while customers will benefit from fewer slowdowns. I bet anything that services with this kind of pricing plan will eventually grow to be the highest-quality, most respected providers of internet bandwidth.
It’s just a win-win situation that way.
Okay, I’m done.
Don’t forget that some of us shape for a reason. I work for the resnet at a public US university. We have a 30mbit connection for our on-campus students. We have a reasonable AUP which doesn’t really care about much other than legality.
We also have 3200 on-campus residents, many of whom use bittorrent. Because the bandwidth is paid for by students, we fill the pipe to full capacity 24/7. Bittorrent and other P2P programs have the lowest priority, but we let them fill the pipe.
If encrypted torrents become commonplace, it could seriously degrade service to other students. Its not unreasonable to imagine that if our packet shaping devices become ineffective far more restrictive policies will follow. Who wins then?
Much of the marketeering going on from ISPs revolves around connection speed, especially in terms of broadband versus dial-up. One of the ways the providers get subscribers is by specifically touting the speed of their service over say dial-up, and talking all about the ability to download content at high speeds. Between Broadband competitors, the advertising usually focuses on better speed/price ratios, or service.
The ads tout content content content, download, download, download…
It’s pretty crappy to then sign on and realize you can’t - cause well, you are downloading -too- much. I simply don’t think packet-shaping is ‘fair’ when you are already ponying up money up front for ‘broadband’ which was marketed to you specifically as a tool to obtain content, then you are restricted on the amount of content you can get.
Marketing an ‘unlimited’ service should simply be that - unlimited - and let people pay what they will… I’d happily pay ‘overuse’ charges if it would give me more bandwidth.
One could argue ‘if yer willing to pay more, upgrade your service.’ Well, my particular annoyance at my ISP is that my pipe is supposed to be 1.5mbps and my speeds in terms of d/l tend to be slower than friends on slower rated connections just down the street. I want the bandwidth I’m paying for, and I damn well wouldn’t be happy if I not only got screwed outta bandwidth on the one end, but got charged or penalized for too much downloading on the other with a pipe that’s already slower than it should be.
On top of that, if I ‘overuse’ my connection by say downloading movies at google video and then get my ability to DL WoW content over say BT neutered, what was the point in subscribing to broadband?
I believe eventually ISPs will develop the bandwidth to accomodate heavy widespread use of bittorrent simply because of stuff like IPTV and HDTV (think FIOS), and the fact that each newer generation of users will grow up more technoligcally inclined and therefore more likely to be a heavy downloader, and this whole problem of bittorrent might simply go away on its own as the net continues to mature. But that’s a ways away and does nothing to help the short term users of packet shaping ISPs. If encrypting BT helps out short-term I’m all for it.
Here’s the 8.75 million reason why Bram Cohen has commercial
http://thomashawk.com/2005/11/bram-cohen-and-his-deal-with-devil.html
oh get over it, encryption barely uses any cpu time just to decrypt a header for every packet.
Here’s the reality of running an ISP, regardless of size:
you pay based on the 95th percentile of bits/s to peer with other providers, except when you have reciprocal agreements. So more traffic equals more costs. That can be profit when you are selling Internet as an upstream peer to a smaller ISP - but eventually you have to pay to peer with the rest of the internet yourself.
Higher bit rate requires more expensive equipment. With the traffic rates going no these days, that equipment is fantastically expensive, make no mistake.
Now I actually get a consistent 4 mbit/s on my home cable connection, for $40 a month. I also know that if I sustain that rate for a period of time, it becomes a losing proposition for my ISP.
If all my ISP’s customers started doing this, the economics stop working out. Somewhere there’s a curve where profit and cost make sense to run a business. Beyond that you might as well close your doors.
As a rampaging torrent user myself, I fully enjoy my current ratio of bit rate to dollar, but since I run ISP networks and understand the dynamics involved, I have no illusions of the sustainability or scalability of my own traffic patterns across the entire customer base.
Correction… sorry my poor English:
If ISPs were selling the bandwidth they can give, they wouldn’t be blocking any traffic because they could fill all the pipes of all the users. The problem is that they have X bandwith, and sell X*(Bigger Than One), so you only get full speed if lots of people are using little bandwith.
I am a shaw subscriber and I was using Shareaza until a few weeks ago when I noticed that my download rate was dropping. I switched to utorrent and my KB/second has increased dramatically.
I do not have a problem with thottling, but I do have a problem with any cable subscriber not notifying me of a change in services.
You also have to view the Internet as whole. The more people have high speed up- and download, the more traffic the Internet as whole produces. So earlier or later people will start blocking each other.
I agree with some comments. On the other side I don´t understand why people argument and defend points of view of companies and customers. This is VERY SIMPLE:
If an ISP markets its broadband as, say “512kbps” then IT SHOULD BE ABLE TO PEAK AT 512Kbps most of the time, unless there are bottlenecks outside the edge of the ISP, wich of course noone can control and we live with day after day.
If they want to market it and sell it with restrictions they IT SHOULD READ: “up to 512kbps”. PERIOD. Guys that´s IT. There´s not even point of views.
I say this with knowledge of cause. I work on a major Cel company on the data area. I have a major degree in IT and Telecomm engineering and I also have a master degree in MKTG. I don´t say this to bitch anyone around (hell I dont even like what I studied)… its just to ensure credibility.
The ISPs should stop ripping us off… if we are the informed ones and know how to take FULL ADVANTAGE OF WHAT WE BOUGHT the so BE IT… and they should provide the service and not limit it unless stated in contract.
Be well.
Rogers is still killing my torrent usage. I get 40-80 kB/s upload for a while, until randonly it drops to nothing.
i am at 40-80 kB/s for probably 10 minutes.
Rogers sucks. It is throttling all torrent traffic. With new beta uTorrent i can get only 15-20 kB. I hope new protocol will improve to work around throttling porblem.
mine is totally crap. i am getting 0 kb.sec now for upload. rogers is killing my torrents.
2 references to this post
Pages: « 1 [2] 3 4 5 6 7 » Show All
Add your response