Secure, Permanent Peer Identifiers

When you meet another peer in a Bittorrent swarm there is no security mechanism. It is trivial to spoof the identity of another peer. We have designed an open standard for this problem and have an operational reference implementation.

At present, BitTorrent does not require strong authentication of peers, as peer-to-peer interactions are transient and shortlived and security stems from the digests in the trusted torrent file. We want to establish longer term relationships between peers and introduce a number of privileged operations which should only be available to friends. We therefore extended the Bittorrent protocol with secure, permanent peer identifiers called PermIDs. We assume a PermID maps to a single IP address and port number and is initially also used to identify users. The mapping of PermID to IP address is controlled by the owner of the PermID (a user). Initially we primarily use PermIDs for authentication of friends in cooperative downloads. For more details on identities in general, please read this.

Implementation

We use public-key cryptography and give each peer a public/private keypair, where the public key will act as the PermID. Elliptic Curve-based public key cryptography is used because it provides stronger protection using small keys than e.g. RSA-based algorithms. Having small PermIDs is useful to allow caching of large numbers of (PermID,IP) pairs.

Our implementation of ECDSA signatures and ECDH key agreement was accepted inside M2Crypto V0.16 and support in OpenSSL 0.9.8+. These security foundation are used in Python to prevent peer-spoofing. A fundamental weakness in all other Bittorrent clients.

• The source code (.py file)
• The technical documentation (.tex)