How does the Bittorrent Sync secret work?

StackOverflow https://stackoverflow.com/questions/20594302

  •  02-09-2022
  •  | 
  •  

Question

I was thinking that basically we have all elements there to create a Bittorrent Sync alternative with Open Source software, except for the link mechanism via the secret... (I would use Sparkleshare and then implement a btsync secret like link mechanism either as a "new" Git connection protocol or in a path on a localhost ssh connection, the last providing the advantage that you can permit access to your computer just by sharing a secret, which makes things like tunneling a lot easier...)

So how does that work, and/or how would you implement a similar system (as btsync is closed software)?

(If you read this and feel like implementing this, go ahead, ideas are free)

Was it helpful?

Solution

As stated by BitTorrent (see also the user guide), the secret is a randomly generated key of 20 bytes or more. Simple laws of probability make it virtually impossible to guess. There are four kinds of secrets:

  • (master) secrets for read/write access
  • read-only secrets
  • one-time secrets (both full access and read-only)
  • secrets with encrypted peer support for read-only encrypted access

As far as I understand (and stated in this thread where someone tried to reverse-engineer the BitTorrent Sync protocol in July 2013) the latter three types of secrets can be derived from the master secret. In particular this includes a key for encryption of files for transmission between peers. For peer discovery the secret is hashed, so the hash can be used to find peers with a matching secret withing having to make the secret public.

Before further reverse-engineering BitTorrent Sync, keep in mind that the software is closed source and it includes routines to automatically update from bittorrent.com. This implies the company may change details of implementation (and install arbitrary backdoors as well). Nobody can guarantee there is no hidden method that sends your master secrets to NSA, unless the full client source code is opened.

OTHER TIPS

Some details about the different types of secrets:

  • A read-write secret ("master secret") currently begins with "A" and is 33 characters long.
  • A read-only secret begins with "B" and is 33 characters long.
  • A one-time secret (either full or read-only), valid for 24 hours, begins with a "C" and is 33 characters long.
  • A read-write secret with encrypted support begins with a "D" and is 33 characters long. At the time of this post, you can't generate one of these from the program, but you can just change the first character from "A" to "D" when you generate a new secret. Older versions of btsync will not accept such secrets.
  • A read-only secret for a share supporting encryption begins with an "E" and is 59 characters long.
  • A read-only encrypted secret (i.e. the machine can download and share the files but not decrypt them, so it can seed but not read them) begins with an "F". It is the read-only secret but with the first character changed from "E" to "F" and truncated to 33 characters.

(source: http://forum.bittorrent.com/topic/25823-generate-encrypted-read-only-secret-without-api-key/)

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top