Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Bit sync personal_cloud


Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Bit sync personal_cloud

  1. 1. Personal Cloud using Bittorrent Sync Flavio Martins Marcos Vit Faculdade de Engenharia Elétrica e de Computação – Universidade Estadual de Campinas (UNICAMP) Av. James Maxwell 30, Cidade Universitária Zeferino Vaz, Distrito Barão Geraldo CEP 13083-852 - Campinas-SP Brasil Abstract. The BitTorrent peer-to-peer protocol has proved to be very efficient for sharing files in a network without the coordination of central servers. There are currently several cloud storage solutions such as Dropbox but recent events involving USA government, private data leakage and spying motivated the development of Bittorrent Sync for offering a personal cloud for data storage. 1 Introduction Bittorrent Sync[1] by Bittorrent, Inc[2] is a proprietary solution for sharing files among other computers or mobile devices based on the Bittorrent peer-to-peer protocol, which was adapted for this purpose. It is currently in Beta phase and it is available for Windows, Mac, Linux, BSD, iOS and Android. The files are shared only with the devices specified by the user. It requires no cloud and it is fully independent of any servers. Figure 1. BitTorrent Sync – Data sharing only among user’s devices
  2. 2. There is no data size limitation or subscription fees that come with traditional cloud based solutions such as Dropbox[3]. This work will depict this new application checking its performance, security, usability and possible new applications. 2 Background Bram Cohen developed the Bittorrent protocol and released the first version in 2001. It proved along the last years to be a successful solution for sharing large volumes of files using peer-to-peer networks. There are available in the market many solutions for storing data remotely but all of them relies on central sever for storing the data. There was a gap for an application able to automatically sync files without the dependency of a central coordination and not storing the files outside the user domain. Bittorrent Sync was conceived to fulfilling this gap ensuring the user could have total control of what is being shared. 2.1 P2P Protocol BitTorrent Sync synchronizes your files using a peer-to-peer (P2P) protocol. This protocol is very effective for transferring large files across multiple devices, and is very similar to the powerful protocol used by applications like µTorrent and BitTorrent. The data is transferred in pieces from each of the syncing devices, and BitTorrent Sync chooses the optimal algorithm to make sure you have a maximum download and upload speed during the process. The devices chosen to be synched are connected directly using UDP, NAT traversal and UPnP port mapping. It is also provided additional methods of ensuring connectivity as relay and tracker servers. If the devices are on the same local network, BitTorrent Sync will use the client LAN for faster synchronization. 2.2 Security BitTorrent Sync was designed with focus on privacy and security. The system uses SRP [4] for mutual authentication and for generating session keys that ensure Perfect Forward Secrecy. All traffic between devices is encrypted with AES-128 in counter mode, using a unique session key. Modification requests are all verified using Ed25519 [5] signatures and only systems with full access keys can generate valid modification requests.
  3. 3. 2.3 Secret The secret is a randomly generated 20-byte key. It is Base32-encoded in order to be readable by humans. BitTorrent Sync uses /dev/random (Mac, Linux) and the Crypto API (Windows) in order to produce a completely random string. This authentication approach is significantly stronger than a login/password combination used by other services. That's why using a secret generated by BitTorrent Sync is very safe and secure. The secret can be shared using copy and paste or using QR code and a camera from the mobile device. Figure 2. Using a QR code for connecting a mobile device to a sync folder 2.4 Peer Discovery In order to find proper peers that have the same secret, Sync uses: • Local peer discovery. Sending broadcast packets discovers all peers inside local network. If there are peers with the same secret they respond to the broadcast message and connect. • Peer exchange (PEX). When two peers are connected, they exchange information about other peers they know. • Known hosts (folder settings). If there is a known host with a static ip:port, it is possible to specify this in Sync client, so that it connects to the peer using this information.
  4. 4. • DHT. Sync uses DHT to distribute information about itself and obtain the information about other peers with this secret. Sync sends SHA1(Secret):ip:port to DHT to announce itself and will get a list of peers by asking DHT for the following key SHA1(Secret) • BitTorrent tracker. BitTorrent Sync can use a specific tracker server to facilitate peer discovery. The tracker server sees the combination of SHA1(secret):ip:port and helps peers connect directly. The BitTorrent Sync tracker also acts like a STUN server [6] and can help do a NAT traversal for peers so that they can establish a direct connection even behind a NAT. 2.5 Traffic Relay There are rare cases when peers can’t talk directly. This usually happens when devices are in an office behind strong firewalls. In such a case BitTorrent provides a relay server to route traffic between peers. All traffic is AES encrypted with your secret, so there is no chance for us to see any of your data. 3 Developer API It is available an API for developing new applications based on BitTorrent Sync. It offers to developers a wide range of possibilities. It is possible to integrate Sync into new apps, build, improve, and change the way Sync works on the devices, or use the API to automate workflows. This API is based on JSON and gives almost full flexibility to customize Sync behaviors, as examples below: • Get folders and the secrets if available • Add folders to sync • Remove folder from sync process • Get files from a synced folder • Set synced files preferences, allowing to selectively allow or not a file to be synced • Get the folders peers which are currently connected to the P2P network • Set folder hosts instead using the tracker and relay server form BitTorrent Inc • Get download and upload speed • Shutdown gracefully
  5. 5. 4 BitTorrent Sync Setup and Tests The following test environment was setup for verifying and measuring Bittorrent Sync usability and performance: • OSX MacBook Pro • Android Sony Xperia L mobile phone • Windows 7 notebook • 802.11g WIFI D-LINK DIR-655 router connected to the Internet via DSL (10Mbps connection) The first 2 devices above were connected to same local network connected the WIFI router. The Windows notebook was located in other network reachable through the Internet. Bittorrent Sync was installed on each device. The user interfaces were slightly different among each other but in general it was straightforward to install and setup. The usage of Bittorrent Sync is also very similar in each distribution. It will be described in the following sections the test scenarios, results and network packets analysis using Wireshark 1.10.3. 4.1 Configuring the Bittorrent Sync Basically the synching setup is very similar on all operating system. It is needed to specify a synching folder and generate a shared secret key, or it is possible to get the secret key from someone else who want to share data content. It is also possible to define if the sync will allow full access or read only permissions to the folders. For more details about Bittorrent Sync configuration and setup please refer to its online documentation [1]. 4.2 Synching Devices Connected to LAN The following test scenario was executed with devices connected to a LAN with no Internet connection: 1) An empty sync folder was defined in the MAC Book Pro (IP address 2) A newly shared secret was generated for this folder. 3) Wireshark was used for capturing network traffic for further analysis.
  6. 6. 4) A new sync folder was setup on the Xperia L mobile phone (IP address and configured the sharing secret from step 2) using the QR code and the mobile phone camera. 5) A test file was created in the Mac Book Pro executing the command below in the sync folder defined in the step 1) dd if=/dev/zero of=test_file_512kB bs=500k count=1 6) After some seconds (folder scan interval set to 60 seconds by default) the test file was synched with the mobile phone. 7) The observed transfer rate was closer to the limit of the WIFI connection used in the test (average speed around 6~8Mbps). 4.3 Synching Devices Connected through Internet This test scenario was similar to the previous one despite the fact that the Windows notebook was located on the Internet instead the local area network. 5 Results The tests results indicated that Bittorrent Sync performed very well enabling the sharing of files among several devices (PCs and mobile phone). The installation and configuration is straightforward. The synchronization process was tested on a local network and also with a PC in the Internet. On both scenarios the synchronization was successful and it was noticed data transfer rates closer to the limit of the router and Internet connection used in the tests. The captured data from Wireshark was analyzed and the following results were obtained: 1. The first interesting package sent from the MacBook was a multicast UDP with the message “ping4:peer”. BitTorrent Sync was trying to locate peers in the local network that have folders configured with the same secret. 2. During the folder sync setup it was noticed communication with IP address, which it is under Amazon domain. This indicated that BitTorrent Sync is using services in Amazon for hosting its tracker or relay servers for enabling the peer discovery over the Internet. The protocol used was DIS[7] and it was possible to check that message “get_peers4:peer“ was used. A response was received back with message “peers“ which seems to be the information about the available peers for the configured folder.
  7. 7. 3. The data transfer synchronization was done among the peers using UDP. 6 Conclusions BitTorrent Sync demonstrated to offer a very innovative solution for sharing content using an efficient P2P protocol and highly secure data transmission, allowing the user to create a personal cloud for data storage, free of subscription fees, disk space limitation and able to run even when not connected to the Internet. This solution also offers a very flexible developer API that enables the development of other applications on top of BitTorrent Sync. However, it was noticed the following negative points: 1) It could be unsafe to share the folder secret key with full access permission with someone else. There is a risk of compromising the user data if the secret is forwarded to unreliable parties. 2) The user must be very careful when defining full access directories since an accidental content change or deletion will be synched among all devices, affecting the data permanently. 3) As noticed on Wireshark capture logs during the tests, there is some communication being performed from BitTorrent Sync to some external IPs. When a sync folder is created, it is enabled by default the relay and tracker server offered by BitTorrent Inc. Those servers are used by the P2P protocol for enabling peers discover and communication through the Internet. Case those servers are down the sync process will not work over Internet. In other hands, it is possible to disable the tracker and relay servers, so the user can define any other server than those offered by BitTorrent Inc. for acting as tracker and relay servers. 4) It was checked in the BitTorrent forum a comment from a developer who works for BitTorrent Inc. explaining that the sync process sends some data to BitTorrent servers but it is just for statistics purposes and no user content data is exposed. Looking in the Wireshark capture data it was not possible to check what information is being transferred since the data was encrypted. 7 References 1. BitTorrent Sync 2. BitTorrent 3. DropBox
  8. 8. 4. Secure Remote Password Protocol 5. Ed25519: high-speed high-security signatures Daniel J. Bernstein, Niels Duif, Tanja Lange, Peter Schwabe, Bo-Yin Yang. High-speed high-security signatures. Journal of Cryptographic Engineering 2 (2012), 77–89. Document ID: a1a62a2f76d23f65d622484ddd09caf8. 6. Session Traversal Utilities for NAT RFC 5389, J. Rosenberg, R. Mahy, P. Matthews, D. Wing 7. IEEE Standard for Distributed Interactive Simulation--Application Protocols IEEE Std 1278.1-1995