BitTorrent has added a new method for encrypting peer lists. This is an attempt to avoid ISPs (such as Comcast) blocking connections that seem to be P2P traffic, as I previously wrote. This extension’s advantages and limitations are a good example for illustrating the fundamental leverage both sides have in this battle.
The actual extension is pretty straightforward. Trackers manage files by their SHA-1 (aka infohash). The extension specifies that a tracker RC4-encrypt the peer list with a key of SHA-1(infohash). Thus, a peer must know the infohash of the file they are requesting to decrypt the peer list. Obviously, they have the infohash since they had to know it to look up the file in the first place.
There are a couple weaknesses in this design. If an ISP can read the infohash from the peer’s tracker connection, then they can also decrypt the peer list. This is mitigated by some trackers supporting SSL connections. Also, the specification allows for reuse of the RC4 keystream, a definite no-no.
Encryption is only a small skirmish in this battle. Eventually, all traffic will be encrypted and probably encapsulated in SSL-like headers to avoid signature detection. That will leave ISPs with traffic analysis as their only tool. Since it appears that at least Comcast is already doing this and not relying on data in the stream, it’s unclear how effective this additional layer of obfuscation will be.
The BitTorrent developers have the advantage in that they control all endpoints (peers and trackers). Their software can take any measures it wants to obfuscate its data signatures (i.e., encryption) and traffic characteristics (i.e., timing or message sizes). However, the biggest disadvantage is that they don’t control the behavior of non-BitTorrent hosts.
The ISPs have an advantage in that they see all the traffic between the hosts they care about and the Internet. They can forge packets or even add filters to block particular IPs. They know the mapping between IP or MAC address and subscriber account. However, they can’t be sure what software is running on an endpoint and could lose subscribers if their response is too drastic or the wrong application is affected.
Even though traditional wisdom says BitTorrent has the advantage, I think the ISPs have the technical edge in this battle. Since the BitTorrent developers can’t control hosts that don’t run their software, they will be forced to conform to the traffic profile of web browsing. Because this is asymmetrical (uplink is only used for small ACKs), the performance advantages of BitTorrent would be eliminated.
However, it’s likely political/judicial moves will have a longer term impact on which side wins. I think this would be a good thing. Since there are only two broadband circuit providers in the US (telco or cable), competition won’t eliminate a progression of more onerous requirements for endpoints. Without intervention, I could see a slow creep towards requiring virus scanning of endpoints or prohibitions on specific applications. I already have to lie and claim to be running Windows to get tech support to run a line test when my DSL goes down (“oh yeah, it rebooted fine but the line is still down”).
Assuming a bad law doesn’t get added, I think regulation of ISPs would be a good thing to prevent further interference with our traffic. I refuse to use the Internet as a TV.