Possible Torrent Alternative.

Steve smorrey at gmail.com
Wed Oct 24 21:06:11 MDT 2007


Of course he's going to say that, he wrote Bittorrent and receives
royalties from the licensing of his protocol :)

Truth be told, protocol writing at the application level, should be
part and parcel with any good network enabled program.

Sincerely,
Steve


On 10/24/07, Joe Crown <joecr at linuxmail.org> wrote:
> All I can say is go listen to Bram Cohen on his 2002 presentation at
> code con.  Basically he says that designing a new protocol is a major
> pain in the butt.  I'd have to listen to it again to give an exact quote.
>
> Steve wrote:
> > Recent reports are that Comcast is killing torrents by using a packet
> > spoof to tell two connected clients that the other is requesting a
> > connection close.
> >
> > Not only is this evil, it seems to me that a man in the middle attack
> > should be something the designer should account for when designing a
> > protocol such as this.
> >
> > However it looks as though this particular attack is against the TCP
> > portion of Bittorrent, so this attack would be unavoidable, without
> > changing something fundamental in the TCP/IP stack.
> >
> > Therefore I would like to propose that we create a new protocol which
> > is not susceptible to man in the middle attacks, and is stable, safe,
> > secure and reliable.
> >
> > I would like to propose the following as the "PLUG" protocol in honor
> > of our beloved LUG.
> >
> > It should accomplish the exact same things as bittorrent, i.e. it
> > should posses the ability to publish large files as much smaller
> > chunks distributed across multiple clients.
> >
> > However instead of using TCP, and a connection based protocol, it
> > should use UDP and a connectionless protocol.
> >
> > Furthermore the data should have the option of being encrypted using
> > some sort of solid encryption protocol.  This would allow for a
> > signature of sorts on each packet of data, to ensure that yes, this
> > packet did in fact originate from this sender.
> >
> > Also instead of a tracker which can be taken down, I propose a query
> > request method using a globally unique identifier,  based on some sort
> > of file signature algorithm.  So essentially you query a list of known
> > hosts for each file, if they don't have it they query all the hosts
> > they know about etc and so forth.  A query result should return a list
> > of known hosts which have the file.
> >
> > Replacing friend with IP addresses the whole system looks something like this...
> >
> > plug://myfriend/verylongguid/
> >
> > <query result>
> > me
> > myfriendsfriend
> > hisfriend
> > herfriend
> > </query result>
> >
> > Then a file request would look something like
> >
> > "I am looking for bytes 10-1000 of GUID"
> >
> > or
> >
> > "What bytes do you have for GUID?"
> >
> > To which a reply would look like
> >
> > "Here are bytes 10-1000 of GUID"
> > "File Checksum blah"
> > "Signature bytes"
> >
> > or
> >
> > "I don't have all of  those bytes"
> > "I have 900-1000"
> > "File Checksum blah"
> > "Signature bytes"
> >
> > or
> >
> > "I have none of those bytes"
> > "I possess 1001-EOF and 0-9"
> >
> > or
> >
> > "No file by that GUID, please remove me from list"
> >
> >
> > Anyways something like this should be fairly easy to put together if
> > anyone is interested in helping me test it out.  It's basically a
> > bullet proof bittorrent as far as I can tell, unless Comcast or some
> > other ISP decides to start filtering UDP.
> >
> > Thoughts?
> >
> > Sincerely,
> > Steve
> >
> > /*
> > PLUG: http://plug.org, #utah on irc.freenode.net
> > Unsubscribe: http://plug.org/mailman/options/plug
> > Don't fear the penguin.
> > */
> >
> >
>
> --
>
> American Family Association & 30+ Other Groups Call for Boycott of Ford
> Motor Company
> http://www.boycottford.com/
>
> Don't pay malware vendors - boycott Sony
>
> /*
> PLUG: http://plug.org, #utah on irc.freenode.net
> Unsubscribe: http://plug.org/mailman/options/plug
> Don't fear the penguin.
> */
>



More information about the PLUG mailing list