message stream encryption.mht

关于ＢＴ的协议文档

The handshake is seperated into 5 blocking steps.

1 A->B: Diffie Hellman Ya, PadA
2 B->A: Diffie Hellman Yb, PadB
3 A->B: HASH('req1', S), HASH('req2', SKEY) xor HASH('req3', S), =
ENCRYPT(VC, crypto_provide, len(PadC), PadC, len(IA)), ENCRYPT(IA)
4 B->A: ENCRYPT(VC, crypto_select, len(padD), padD), ENCRYPT2(Payload =
Stream)
5 A->B: ENCRYPT2(Payload Stream)


Since the length of PadA and PadB are unknown
B will be able to resynchronize on HASH('req1', S)
A will be able to resynchronize on ENCRYPT(VC)


##### Optional early termination conditions
(should verified before the indicated step is started).

If a fail-fast behavior is prefered the following conditions can be used =
to
disconnect the peer immediately. If less recognizable patterns are =
preferred
a peer may wait and disconnect at a later point. If any of these =
conditions
are met the handshake can be considered as invalid.

2 (termination by B)
if A sent less than 96 Bytes within 30 seconds
if A sent more than 608 bytes=20

3 (termination by A)
if B sent less than 96 Bytes within 30 seconds
if B sent more than 608 bytes

4 (termination by B)
if A didn't send the correct S hash within 628 bytes after the =
connection start (synchronisation point)
if A didn't send a supported SKEY hash after the S hash
if VC can't be decoded correctly after the SKEY hash
if none of the crypto_provide options are supported or the bitfield is =
zeroed
from here on it's up to the next protocol layer to terminate the =
connection

5 (termination by A)
if VC can't be decoded correctly within 516 bytes after the connection =
start (synchronisation point)
if the selected crypto method wasn't provided
from here on it's up to the next protocol layer to terminate the =
connection

</PRE>
<DIV class=3Deditsection style=3D"FLOAT: right; MARGIN-LEFT: 5px">[<A=20
title=3D"Edit section: Implementation Notes for BitTorrent Clients"=20
href=3D"http://www.azureuswiki.com/index.php?title=3DMessage_Stream_Encry=
ption&amp;action=3Dedit&amp;section=3D3">edit</A>]</DIV><A=20
name=3DImplementation_Notes_for_BitTorrent_Clients></A>
<H2>Implementation Notes for BitTorrent Clients</H2>
<P>Since not all BT clients will support this protocol there are 3 =
possible=20
modes of operation: </P>
<OL>
  <LI>Support incoming connections with the Obfuscation Header and =
legacy BT=20
  headers but always try establish classic BT streams for outgoing =
connections=20
  <DL>
    <DD>This method ensures compatibility but only allows incoming =
obfuscated=20
    connections from traffic-shaped peers, obfuscated connections are =
never=20
    established to them, leading to a similar situation as if the shaped =
client=20
    was firewalled or NATed. </DD></DL>
  <LI>Support incoming connections for both protocols but try to =
establish=20
  connections with the Obfuscation Header first and retry with BT =
headers if=20
  that fails=20
  <DL>
    <DD>Compatibility is still ensured and allows obfuscated connections =
to=20
    shaped peers but might not be suitable for shaped peers and requires =

    reconnect attempts when an obfuscated handshake fails for any =
reason.=20
  </DD></DL>
  <LI>Only support obfuscated streams and treat any incoming connection =
like a=20
  DH key exchange attempt.=20
  <DL>
    <DD>This method doesn't provide backwards compatibility but ensures=20
    obfuscation. The CPU load can still be adjusted by choosing and =
providing=20
    different encryption methods </DD></DL></LI></OL>
<P>Any peer A in mode #1 or #2 should avoid unneccessary non-crypto =
connections=20
to a peer B that uses crypto-only (mode #3) whenever possible. </P>
<P><BR></P>
<DIV class=3Deditsection style=3D"FLOAT: right; MARGIN-LEFT: 5px">[<A=20
title=3D"Edit section: Tracker Extension"=20
href=3D"http://www.azureuswiki.com/index.php?title=3DMessage_Stream_Encry=
ption&amp;action=3Dedit&amp;section=3D4">edit</A>]</DIV><A=20
name=3DTracker_Extension></A>
<H2>Tracker Extension</H2>
<P>A client may append the following parameters to a HTTP GET: </P>
<UL>
  <LI><I>supportcrypto=3D1</I> which means a peer can create and recieve =
crypto=20
  connections=20
  <LI><I>requirecrypto=3D1</I> which means a peer only accepts/creates =
crypto=20
  connections=20
  <LI><I>cryptoport=3DX</I> in combination with <I>port=3D0</I> which =
tells the=20
  tracker the port X on which the client is listening on as usual, but =
prevents=20
  the tracker from handing out a valid IP/Port combination if he doesn't =
support=20
  the crypto extension. This is only valid in combination with=20
  <I>requirecrypto=3D1</I>. <I>cryptoport</I> is not mandatory, a client =
may=20
  choose to use the <I>port</I> parameter as usual if it accepts legacy=20
  connections as a fallback measure. </LI></UL>
<P>A tracker response when neither flag is set: The tracker will return=20
IPs/Ports as usual but omit peers that signaled <I>requirecrypto</I> =
</P>
<P>A tracker response when the <I>supportcrypto</I> flag is set: In =
addition to=20
the normal <I>peers</I> list (or string in the <I>compact=3D1</I> case) =
an=20
additional <I>crypto_flags</I> string which contains a bytearray in the =
same=20
order as the peers list is sent. 1 means the corresponding peer requires =
crypto=20
connections 0 means the peer supports and prefers classic BT </P>
<P>A tracker response when the <I>requirecrypto</I> flag is set: In =
addition to=20
the normal <I>peers</I> list (or string in the <I>compact=3D1</I> case) =
an=20
additional <I>crypto_flags</I> string which contains a bytearray in the =
same=20
order as the peers list is sent. 1 means the corresponding peer requires =
crypto=20
connections 0 means the peer supports and prefers classic BT. The =
tracker should=20
try to achieve the <I>numwant</I> limit with peers that flagged=20
<I>requirecrypto</I> or <I>supportcrypto</I> first and only add =
non-supporting=20
peers if no others are available. </P>
<P>Azureus supports this from 2403 B55+. </P>
<DIV class=3Deditsection style=3D"FLOAT: right; MARGIN-LEFT: 5px">[<A=20
title=3D"Edit section: Notes about the current Azureus implementation"=20
href=3D"http://www.azureuswiki.com/index.php?title=3DMessage_Stream_Encry=
ption&amp;action=3Dedit&amp;section=3D5">edit</A>]</DIV><A=20
name=3DNotes_about_the_current_Azureus_implementation></A>
<H2>Notes about the current Azureus implementation</H2>
<P>Azureus tries to avoid unnecessary non-crypto connections through=20
obfuscation-header aware <A title=3D"Peer Exchange"=20
href=3D"http://www.azureuswiki.com/index.php/Peer_Exchange">Peer =
Exchanges</A>, <A=20
title=3D"Azureus messaging protocol"=20
href=3D"http://www.azureuswiki.com/index.php/Azureus_messaging_protocol">=
advanced=20
messaging</A> handshakes and <A title=3D"Distributed tracker"=20
href=3D"http://www.azureuswiki.com/index.php/Distributed_tracker">Distrib=
uted=20
tracker</A> announces. Peer A tells its preferred connection mode in the =

handshake to peer B and then B adds additional flags to the PEX messages =
when it=20
propagates A's address/port. This does not work in combination with <A=20
title=3D"Secure Torrents"=20
href=3D"http://www.azureuswiki.com/index.php/Secure_Torrents">Secure =
Torrents</A>=20
since they disable PEX and the DHT. </P>
<P>Azureus currently allows its users either to specify fallback support =
for=20
incoming and outgoing connections seperately when the encryption is =
enabled or=20
passive support only instead. Specified encryption methods aren't =
preferences=20
but minimum requirements, for both incoming and outgoing connections, =
i.e. if a=20
peer doesn't support the minimum (or possibly higher levels in the =
future) then=20
the connection will can't be established. And Azureus will only offer =
minimum or=20
higher level methods. </P>
<DIV class=3Deditsection style=3D"FLOAT: right; MARGIN-LEFT: 5px">[<A=20
title=3D"Edit section: See also"=20
href=3D"http://www.azureuswiki.com/index.php?title=3DMessage_Stream_Encry=
ption&amp;action=3Dedit&amp;section=3D6">edit</A>]</DIV><A=20
name=3DSee_also></A>
<H2>See also</H2>
<UL>
  <LI><A title=3D"Avoid traffic shaping"=20
  =
href=3D"http://www.azureuswiki.com/index.php/Avoid_traffic_shaping">Avoid=
=20
  traffic shaping</A>=20
  <LI><A title=3D"Bad ISPs"=20
  href=3D"http://www.azureuswiki.com/index.php/Bad_ISPs">Bad ISPs</A>=20
  <LI><A class=3Dextiw title=3Dwikipedia:Message_Stream_Encryption=20
  =
href=3D"http://en.wikipedia.org/wiki/Message_Stream_Encryption">Wikipedia=
=20
  Article</A> </LI></UL><!-- Saved in parser cache with key =
azwikidb:pcache:idhash:3669-0!1!0!0!!en!2 and timestamp 20070419135731 =
-->
<DIV class=3Dprintfooter>Retrieved from "<A=20
href=3D"http://www.azureuswiki.com/index.php/Message_Stream_Encryption">h=
ttp://www.azureuswiki.com/index.php/Message_Stream_Encryption</A>"</DIV>
<DIV id=3Dcatlinks>
<P class=3Dcatlinks><A title=3DSpecial:Categories=20
href=3D"http://www.azureuswiki.com/index.php?title=3DSpecial:Categories&a=
mp;article=3DMessage_Stream_Encryption">Category</A>:=20
<SPAN dir=3Dltr><A title=3D"Category:Technical Information"=20
href=3D"http://www.azureuswiki.com/index.php/Category:Technical_Informati=
on">Technical=20
Information</A></SPAN></P></DIV><!-- end content -->
<DIV class=3DvisualClear></DIV></DIV></DIV></DIV>
<DIV id=3Dcolumn-one>
<DIV class=3Dportlet id=3Dp-cactions>
<H5>Views</H5>
<UL>
  <LI class=3Dselected id=3Dca-nstab-main><A=20
  =
href=3D"http://www.azureuswiki.com/index.php/Message_Stream_Encryption">A=
rticle</A>=20

  <LI id=3Dca-talk><A=20
  =
href=3D"http://www.azureuswiki.com/index.php/Talk:Message_Stream_Encrypti=
on">Discussion</A>=20

  <LI id=3Dca-edit><A=20
  =
href=3D"http://www.azureuswiki.com/index.php?title=3DMessage_Stream_Encry=
ption&amp;action=3Dedit">Edit</A>=20

  <LI id=3Dca-history><A=20
  =
href=3D"http://www.azureuswiki.com/index.php?title=3DMessage_Stream_Encry=
ption&amp;action=3Dhistory">History</A>=20
  </LI></UL></DIV>
<DIV class=3Dportlet id=3Dp-personal>
<H5>Personal tools</H5>
<DIV class=3DpBody>
<UL>
  <LI id=3Dpt-login><A=20
  =
href=3D"http://www.azureuswiki.com/index.php?title=3DSpecial:Userlogin&am=
p;returnto=3DMessage_Stream_Encryption">Log=20
  in / create account</A> </LI></UL></DIV></DIV>
<DIV class=3Dportlet id=3Dp-logo><A title=3D"Main Page"=20
style=3D"BACKGROUND-IMAGE: url(/skins/common/images/wiki.png)"=20
href=3D"http://www.azureuswiki.com/index.php/Main_Page"></A></DIV>
<SCRIPT type=3Dtext/javascript> if (window.isMSIE55) fixalpha(); =
</SCRIPT>

<DIV class=3Dportlet id=3Dp-navigation>
<H5>Navigation</H5>
<DIV class=3DpBody>
<UL>
  <LI id=3Dn-mainpage><A=20
  href=3D"http://www.azureuswiki.com/index.php/Main_Page">Main Page</A>=20
  <LI id=3Dn-portal><A=20
  =
href=3D"http://www.azureuswiki.com/index.php/AzureusWiki:Community_Portal=
">Community=20
  portal</A>=20
  <LI id=3Dn-currentevents><A=20
  href=3D"http://www.azureuswiki.com/index.php/Current_events">Current =
events</A>=20
  <LI id=3Dn-recentchanges><A=20
  =
href=3D"http://www.azureuswiki.com/index.php/Special:Recentchanges">Recen=
t=20
  changes</A>=20
  <LI id=3Dn-randompage><A=20
  href=3D"http://www.azureuswiki.com/index.php/Special:Random">Random =
page</A>=20
  <LI id=3Dn-help><A=20
  href=3D"http://www.azureuswiki.com/index.php/Help:Contents">Help</A>=20
  <LI id=3Dn-sitesupport><A=20
  =
href=3D"http://www.azureuswiki.com/index.php/AzureusWiki:Site_support">Do=
nations</A>=20
  </LI></UL></DIV></DIV>
<DIV class=3Dportlet id=3Dp-search>
<H5><LABEL for=3DsearchInput>Search</LABEL></H5>
<DIV class=3DpBody id=3DsearchBody>
<FORM id=3Dsearchform action=3D/index.php/Special:Search>
<DIV><INPUT id=3DsearchInput accessKey=3Df name=3Dsearch> <INPUT =
class=3DsearchButton id=3DsearchGoButton type=3Dsubmit value=3DGo =
name=3Dgo>&nbsp; <INPUT class=3DsearchButton type=3Dsubmit =
value=3DSearch name=3Dfulltext>=20
</DIV></FORM></DIV></DIV>
<DIV class=3Dportlet id=3Dp-tb>
<H5>Toolbox</H5>
<DIV class=3DpBody>
<UL>
  <LI id=3Dt-whatlinkshere><A=20
  =
href=3D"http://www.azureuswiki.com/index.php/Special:Whatlinkshere/Messag=
e_Stream_Encryption">What=20
  links here</A>=20
  <LI id=3Dt-recentchangeslinked><A=20
  =
href=3D"http://www.azureuswiki.com/index.php/Special:Recentchangeslinked/=
Message_Stream_Encryption">Related=20
  changes</A>=20
  <LI id=3Dt-upload><A=20
  href=3D"http://www.azureuswiki.com/index.php/Special:Upload">Upload =
file</A>=20
  <LI id=3Dt-specialpages><A=20
  =
href=3D"http://www.azureuswiki.com/index.php/Special:Specialpages">Specia=
l=20
  pages</A>=20
  <LI id=3Dt-print><A=20
  =
href=3D"http://www.azureuswiki.com/index.php?title=3DMessage_Stream_Encry=
ption&amp;printable=3Dyes">Printable=20
  version</A>=20
  <LI id=3Dt-permalink><A=20
  =
href=3D"http://www.azureuswiki.com/index.php?title=3DMessage_Stream_Encry=
ption&amp;oldid=3D6040">Permanent=20
  link</A> </LI></UL></DIV></DIV></DIV><!-- end of the left (by default =
at least) column -->
<DIV class=3DvisualClear></DIV>
<DIV id=3Dfooter>
<DIV id=3Df-poweredbyico><A href=3D"http://www.mediawiki.org/"><IMG =
alt=3DMediaWiki=20
src=3D"http://www.azureuswiki.com/skins/common/images/poweredby_mediawiki=
_88x31.png"></A></DIV>
<UL id=3Df-list>
  <LI id=3Dlastmod>This page was last modified 19:49, 8 October 2006.=20
  <LI id=3Dviewcount>This page has been accessed 99,069 times.=20
  <LI id=3Dcopyright>Content available under the <A =
title=3DAzureusWiki:Copyright=20
  =
href=3D"http://www.azureuswiki.com/index.php/AzureusWiki:Copyright">GNU =
Free=20
  document Licence (GFDL)</A>.=20
  <LI id=3Dprivacy><A title=3D"AzureusWiki:Privacy policy"=20
  =
href=3D"http://www.azureuswiki.com/index.php/AzureusWiki:Privacy_policy">=
Privacy=20
  policy</A>=20
  <LI id=3Dabout><A title=3DAzureusWiki:About=20
  href=3D"http://www.azureuswiki.com/index.php/AzureusWiki:About">About=20
  AzureusWiki</A>=20
  <LI id=3Ddisclaimer><A title=3D"AzureusWiki:General disclaimer"=20
  =
href=3D"http://www.azureuswiki.com/index.php/AzureusWiki:General_disclaim=
er">Disclaimers</A>=20
  </LI></UL></DIV>
<SCRIPT=20
type=3Dtext/javascript> if (window.runOnloadHook) =
runOnloadHook();</SCRIPT>
</DIV><!-- Served by ae2.aelitis.com in 0.15 secs. -->
<SCRIPT src=3D"http://www.google-analytics.com/urchin.js"=20
type=3Dtext/javascript>=0A=
</SCRIPT>

<SCRIPT=20
type=3Dtext/javascript>=0A=
_uacct =3D "UA-1474242-1";=0A=
urchinTracker();=0A=
</SCRIPT>
</BODY></HTML>

------=_NextPart_000_000A_01C7859D.C7CB7D30
Content-Type: image/png
Content-Transfer-Encoding: base64
Content-Location: http://www.azureuswiki.com/skins/common/images/poweredby_mediawiki_88x31.png