SecurityTube

Description: Distributed Hash Tables implement Routing and Addressability in large P2P networks. In the Kademlia adaption for Bittorrent a peer's address (NodeID) is to be generated randomly, or more appropriate: arbitrarily. Because randomness isn't verifiable, an implementation can advertise itself with popular NodeIDs or even change them on a per-packet basis.

Two issues arise due this design problem:

Amplification of UDP traffic
Amplification of TCP traffic
Anyone with a moderate bandwidth connection can induce DDoS attacks with the BitTorrent cloud.

Starting with the prerequisites of BitTorrent, I will outline the importance of tracker-less operation and how Magnet links work. Distributed Hash Tables are explained pertaining to the Kademlia algorithm. It is most interesting how implementations maintain and refresh routing information, allowing a malicious node to become a popular neighbour quickly, and how traffic can be amplified in two ways.

I will present packet rate analysis measured during tests on Amazon EC2.

In conclusion it is explained how the problem of arbitrary NodeIDs can be avoided if the protocol was to be redesigned. A few words are to be given what client authors can do to alleviate the damage potential of the BitTorrent DHT.

Tags: securitytube , Confidence , hacking , hackers , information security , convention , computer security , 27c3 , 27c3 ,

Latest from the SecurityTube Blog:

Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Original Source: http://www.youtube.com/watch?v=b3wGmTHBcv0

Comments (None):

Login to post a comment