[Gllug] Bittorrent and security?

Richard Hall r.j.hall at rhul.ac.uk
Mon Aug 23 13:54:40 UTC 2004 

Bittorrent will distribute the CD image using blocks of a fixed size 
(usually 1 meg or something similar)  you will be  downloading from 
different people, it is inderminate as to which block will be from who, 
and the master torrent file has MD5 hash values for each block.   While 
it is possible to generate a different block that would still match the 
MD5 hash this block would be of nonsense data as the likelihood of being 
able to generate different AND meaningful code which matched the MD5 
hash of the original code is mathematically infeasible.   So someone 
would be able to break a portion of the CD (which would then fail the 
final MD5 check of the whole CD image)  I don't believe they would be 
able to Trojan it without being able to access and change the original 
torrent file, which you should download from a trusted source.

Rich
=== === === === === === === === ===
Richard Hall
Systems Administrator
Information Security Group
Royal Holloway, University of London
Tel: +44 (0)1784 44 3111
Fax: +44 (0)1784 430766
gpg Key fingerprint:
D3AC 1999 9ECC F458 DFCC  FF00 1ACA 8812 F055 BF2F
=== === === === === === === === ===


Chris Bell wrote:
> On Fri 20 Aug, Andrew Roberts wrote:
> 
>>On Wed, 18 Aug 2004 10:55:31 +0100 (BST), Chris Bell  
>><chrisbell at overview.demon.co.uk> wrote:
>>
>>
>>>Hello,
>>>   I have a local proxy box providing quick access to Debian files  
>>>without
>>>excessive loading on the internet, but it seems that the new preferred  
>>>means
>>>of connection is via bittorrent cooperative servers. While it appears  
>>>that
>>>the data should be encrypted and safe, I feel uneasy about security when
>>>there are many unknown boxes linked together, and there are so many  
>>>people
>>>using open relays to distribute worms. It is not unknown for well  
>>>maintained
>>>servers to be broken, but I feel I can place more trust in the large
>>>academic and ISP mirror sites than huge numbers of small sites run by a
>>>variety of users.
>>>
>>
>>http://bitconjurer.org/BitTorrent/FAQ.html
>>Question: How do I know the download isn't corrupted?
>>
> 
>    The system I have been using (jigdo - jigsaw downloader) downloads the
> latest skeleton CD set with command files and signature direct from one of
> the main Debian servers. My local apt-proxy mirror already has most of the
> Woody (stable) and Sarge (testing) distributions. The jigdo facility then
> builds the latest CD set using my local mirror as a proxy server, and does
> security checks on all files and also the complete rebuilt CD's.
>    My local proxy can download files from any mirror sites that I specify,
> including the large academic mirrors and my ISP, so reducing the load on the
> Debian servers. The weekly set of skeleton files did not appear last week,
> but may appear again this weekend.
> 
>    The new bittorrent system appears to use a similar skeleton CD frame
> downloaded from the main site, together with software located on many main
> mirror sites, but relies on file sharing between many clients using local
> software installed at every linked site, all acting as open relay servers
> for encrypted files, with file checking on arrival. This would seem to be
> reasonably secure if all sites can be trusted, and reduces the load on all
> main mirrors. Bittorrent will run on a variety of operating systems,
> including M$.
> 
>    Unfortunately absolute security can not be guaranteed, and even well
> organised and administered main sites can be cracked. The main Debian site
> was found to have a probe installed using a developer's password after his
> personal machine was cracked, so all files on their complete system had to
> be checked last year.
>    There are even doubts about the security offered using SHA-1 and MD5
> encryption after several researchers recently suggested possible ways of
> cracking the code, and it may be possible to crack MD5 using a reasonable
> computer within a few hours, or SHA-1 using linked clusters. If bittorrent
> could be broken on any OS it could provide a linked cluster of computers
> owned by a variety of users expecting a large amount of internet access.
> 
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug

More information about the GLLUG mailing list