Possible Torrent Alternative.

Joe Crown joecr at linuxmail.org
Wed Oct 24 20:16:15 MDT 2007


All I can say is go listen to Bram Cohen on his 2002 presentation at 
code con.  Basically he says that designing a new protocol is a major 
pain in the butt.  I'd have to listen to it again to give an exact quote.

Steve wrote:
> Recent reports are that Comcast is killing torrents by using a packet
> spoof to tell two connected clients that the other is requesting a
> connection close.
> 
> Not only is this evil, it seems to me that a man in the middle attack
> should be something the designer should account for when designing a
> protocol such as this.
> 
> However it looks as though this particular attack is against the TCP
> portion of Bittorrent, so this attack would be unavoidable, without
> changing something fundamental in the TCP/IP stack.
> 
> Therefore I would like to propose that we create a new protocol which
> is not susceptible to man in the middle attacks, and is stable, safe,
> secure and reliable.
> 
> I would like to propose the following as the "PLUG" protocol in honor
> of our beloved LUG.
> 
> It should accomplish the exact same things as bittorrent, i.e. it
> should posses the ability to publish large files as much smaller
> chunks distributed across multiple clients.
> 
> However instead of using TCP, and a connection based protocol, it
> should use UDP and a connectionless protocol.
> 
> Furthermore the data should have the option of being encrypted using
> some sort of solid encryption protocol.  This would allow for a
> signature of sorts on each packet of data, to ensure that yes, this
> packet did in fact originate from this sender.
> 
> Also instead of a tracker which can be taken down, I propose a query
> request method using a globally unique identifier,  based on some sort
> of file signature algorithm.  So essentially you query a list of known
> hosts for each file, if they don't have it they query all the hosts
> they know about etc and so forth.  A query result should return a list
> of known hosts which have the file.
> 
> Replacing friend with IP addresses the whole system looks something like this...
> 
> plug://myfriend/verylongguid/
> 
> <query result>
> me
> myfriendsfriend
> hisfriend
> herfriend
> </query result>
> 
> Then a file request would look something like
> 
> "I am looking for bytes 10-1000 of GUID"
> 
> or
> 
> "What bytes do you have for GUID?"
> 
> To which a reply would look like
> 
> "Here are bytes 10-1000 of GUID"
> "File Checksum blah"
> "Signature bytes"
> 
> or
> 
> "I don't have all of  those bytes"
> "I have 900-1000"
> "File Checksum blah"
> "Signature bytes"
> 
> or
> 
> "I have none of those bytes"
> "I possess 1001-EOF and 0-9"
> 
> or
> 
> "No file by that GUID, please remove me from list"
> 
> 
> Anyways something like this should be fairly easy to put together if
> anyone is interested in helping me test it out.  It's basically a
> bullet proof bittorrent as far as I can tell, unless Comcast or some
> other ISP decides to start filtering UDP.
> 
> Thoughts?
> 
> Sincerely,
> Steve
> 
> /*
> PLUG: http://plug.org, #utah on irc.freenode.net
> Unsubscribe: http://plug.org/mailman/options/plug
> Don't fear the penguin.
> */
> 
> 

-- 

American Family Association & 30+ Other Groups Call for Boycott of Ford 
Motor Company
http://www.boycottford.com/

Don't pay malware vendors - boycott Sony



More information about the PLUG mailing list