Search Slyck  
BitTorrent End to End Encryption and Bandwidth Throttling - Part II
February 16, 2006
Thomas Mennecke
Font Bigger Font Smaller
Commercial ISPs (Internet Service Providers) and Universities have much in common. Both have a limited amount of bandwidth to share among thousands - if not millions - of individuals. Trying to allot this bandwidth for numerous protocols, such as HTTP, FTP, POP, and of course BitTorrent, has forced many ISPs to shape their traffic - also known as bandwidth throttling.

Considering BitTorrent potentially consumes at least 60% of all available ISP bandwidth, this protocol has become the center of the traffic shaping debate. Some universities, such as the University of Manchester, recently publicized the usage of Packeteer. Packeteer specializes in the manufacture of traffic shaping hardware and software.

"Deploying Packeteer at our network core enables us to block all unwanted P2P traffic while allowing useful P2P traffic such as Skype to transit the network," said Ben Horner, IT officer at the University of Manchester.

The IT office accounted that 70% of its network traffic was diverted to “undesirable” P2P network traffic. tried to follow up several times on this contention. Specifically, we asked whether the 70% of “undesirable” bandwidth consumption was subsequently restored, and if Packeteer was effective in stopping file-sharing clients with end to end encryption support. Our inquiries went unanswered.

Although Packeteer and similar traffic monitoring devices are effective in shaping common P2P clients such as iMesh, Kazaa, eDonkey and LimeWire, it appears their success is limited. Detecting a file-sharing protocol is easily recognized by specific byte patters (in this case the BitTorrent handshake.) Yet if this handshake is encrypted to appear as little more than random data, Packeteer and its ilk may become powerless. To gather where traffic shaping is heading, and the efforts in motion to level the playing field, Team Azureus discusses these issues with in Part II. First and foremost, how effective is end to end encyrption?

Azureus: We know from our beta program that technically the solution works well, with no significant performance overhead, and reports so far have been positive. With the release of Azureus 2.4 we will have the opportunity to measure its effectiveness when used at a large scale. What is your motivation and philosophy behind this feature? Why are you working on it and what do you hope the benefit for the BitTorrent community will be?

Gudy: One of our commercial customers was getting worried about ISPs throttling BT traffic, even for legitimate uses. P2P is a great technology that benefits almost everyone: the content provider (much lower cost, and much greater efficiency), the user (better QoS / Speed), however all this is made at a cost, and the only actors that actually "suffers" from (legitimate) P2P are ISPs.

Soon, even ISPs will realize that they can benefit from P2P in order to provide new services to their clients. Even if they can by-pass the bandwidth costs, storage & server costs are still there. New services like video on demand will be easier for ISPs to provide using a P2P network than a centralized network. Another client had a need for some basic level of encryption between every point in the network so that someone sniffing the connection couldn't make sense of the data.

Those were the 2 main reasons why we decided to bring in PHE. Finally we'd like to remind people that well designed P2P traffic (as in Azureus) isn't that bad for ISPs. While bandwidth may be an issue, online video games tends to create a much greater stress on network elements because they involve a lot of very small packets.

Paul, Alon & Gouss:

Over the months we have been getting more and more complaints from our users about their ISPs blocking BitTorrent downloads, often rendering Azureus (and BitTorrent in general) completely useless to them. Naturally, some sort of protocol encryption has been one of the top feature requests, which we have obliged, since people should be free to choose which programs to use, not their ISP. This is crucial for the health of the BitTorrent community as a whole, as more and more ISPs shut out their users arbitrarily. Because of it usefulness, a growing number of people are building business based on BitTorrent technology. ISPs targeting the protocol as a simplistic way of managing their network traffic prevent these legitimate businesses from operating with customers unfortunate enough to have such an ISP. ISPs really need to take a fairer approach to bandwidth management, ultimately targeting not a particular transfer protocol but rather something protocol-neutral, such as byte counting or tiered pricing. BitTorrent is just another protocol, like FTP or HTTP, so why should people be penalized for using one and not the other? What cooperative efforts are currently underway with other BitTorrent client developers?

Azureus: Not too many BitTorrent clients are still actively being developed, and getting in touch with the developers can sometimes be difficult, but this encryption scheme specification has been designed in cooperation with µTorrent and the contributions of other knowledgeable devs. The technical specifications are openly available on our wiki for other developers to implement the protocol in their own clients. Could you spend a moment to explain how end to end encryption works?

Azureus: With plain BitTorrent connections the peers engage in an easily recognizable protocol handshake when setting up a connection for data transfer. End-to-end encryption inserts an initial handshake which is not easy to recognize (it appears to be random data) and allows a secret key to be shared between the peers. This secret key can then be used to encrypt the subsequent BitTorrent protocol, thus securing both the recognizable regular handshake and the following data stream. Recently, Bram Cohen brought up several arguments against end to end encryption. What is your reaction to these arguments, and how valid do you believe they are?

Azureus: There's really no argument about whether ISP filtering is becoming a problem for people; hundreds of our frustrated users tell us it is (read more here). Certainly far more ISPs have taken to throttling down/off their users than have bothered to improve the quality of service via caching. The encryption protocol was designed from the beginning to coexist peacefully with existing non-encryption clients. The user can choose if they want to connect to one or the other or both. The performance impact of using encryption is quite minimal, far less than many normal BitTorrent client operations, like SHA1 piece hashing, and certainly isn't any more "hostile" towards ISPs than HTTPS is. How dynamic is your approach to end to end encryption? For example, will you be able to maintain a likely technological arms race with ISPs?

Azureus: The point is absolutely not to be enemies with the ISPs, but rather to be able to use a technology without unnecessary restrictions. It's not even a race worth fighting for, as ISPs are ultimately in control over what passes through their network, especially when it comes to bandwidth, no matter how sophisticated we might get. We just want a level playing field for all data distribution protocols, and we are open to discussion as to how this can be achieved to the benefit of everyone. Are some ISPs more capable than others in countering end to end encryption? Which ones?

Azureus: We really don't know what measures ISPs will attempt to counter the encryption, if at all. It's likely much easier to just filter connections based on actual usage than on particular protocol identification. All we can do is release and see what time will tell. Encryption is a tool better known for securing the transfer of private information. Are there any benefits of securing the transfer of information that is being offered publicly, or is the encryption solely to circumvent ISP throttling?

Azureus: There are many legitimate uses for keeping transferred data from prying eyes, particularly users and businesses interested in using BitTorrent as a secure means of data sharing/distribution. It's also important not to confuse being encrypted with being anonymous, as using encrypted peer connections does not make what you are downloading any less public. By encrypting the data, is there a risk BitTorrent will lose some of its acceptance, hence encouraging more ISPs to throttle?

Azureus: The securing of information sent over the Internet is taken for granted by most users, and encrypting the data provides a simple means for obtaining a level of confidentiality similar to that which HTTPS provides over HTTP. Certainly HTTPS based websites have not lost any acceptance over their non-encrypted HTTP counterparts. Quite likely just the opposite.

--With the rollout of Azurues 2.4, expectations and anticipations are running high on both sides of the debate. Azureus 2.4 will represent the first large scale and wide spread useage of this brave new concept, and will settle much of the debate on its effectiveness. Which side the debate settles on however, will be answered soon enough.

This story is filed in these Slyck News categories
BitTorrent :: BitTorrent Clients
File-Sharing/P2P Related :: Interviews

You can discuss this article here - 23 replies

© 2001-2020