14 DAY TRIAL // BitTorrent counters the report from tech enthusiasts claiming high severity issues with Sync by providing details about the security mechanism that ensures the safety of information synchronization.
The company dismisses the many flaws detected by the research group and explains why the main points in the study lead to an erroneous conclusion.
BitTorrent Sync has been designed as a secure way to exchange files between one or more hosts without the need of a cloud datacenter, using the peer-to-peer protocol. Access to the items is protected by secret keys that are shared by the source with the intended recipient(s).
Shared data is secure, keys and folder hashes not leaked
One of the main points highlighted by the enthusiast security researchers was that the hashes of the secret keys were being leaked to the tracking server that establishes the connection between the peers, thus offering BitTorrent and possibly government organizations the possibility to access the shared data.
The response to these claims from BitTorrent explains that the folder hashes are not the secret access keys set at the source; they are just a way to discover peers with the same folder and are not useful for getting access to the data; moreover, they cannot be guessed because they are 160-bit numbers.
In addition to this, all shared links rely on standard public-key cryptography (Ed25519) and include only the public keys of the hosts involved in the exchange; private keys are required for decryption.
“After a direct connection is established (the user can verify that by comparing the certificate fingerprint for both peers) Sync will pass the folder key over an encrypted channel for the other peer. In addition, the public key and the folder hash appear after the # sign in the URL, which means that all modern browsers won’t even send this to the server,” reads the BitTorrent response.
Default setup contributes to secure key exchange
Apart from this, according to the default configuration of Sync, the sharing links expire after three days and approval from the inviting peer is needed for exchanging the public keys.
Konstantin Lissounov, general manager of the Sync project, says that the server is only a tracker designed for finding the peers and it is not involved in the data sharing process.
In support to the company response, Lissounov made available the results of a professional security evaluation of the product from third-party auditing firm iSEC Partners.
The audit was completed in July and evaluated the implementation and usage of cryptographic primitives like hashing, encryption and randomness generation, as well as key exchange, folder discovery and synchronization, the approval process in the application, and file transfer.
Lissounov draws attention to the fact that file exchange through Sync can be compromised due to weak client-side security measures. Attackers with access to the source machine can interfere with the secure process established by Sync.
However, this issue is not part of the sharing model implemented by BitTorrent and it falls into the hands of the user to keep their machines protected from unauthorized access.
