Transmission: [Feature Request][security] Support for Bittorrent v2 format / BitErrant attack

Created on 20 Dec 2017  ·  6Comments  ·  Source: transmission/transmission

I haven't seen any info on whether there's any effort in transmission to support the bittorrent v2 format [1].

Are there any plans or efforts to support it yet? The major reason is the breakage of SHA1, which causes vulnerabilities like the BitErrant attack [2]. The v2 format switches to SHA256 and a Merkle tree structure.

As long as this is unfixed torrents can't be considered as a secure download method that guarantee data integrity.

[1] http://www.bittorrent.org/beps/bep_0052.html
[2] https://biterrant.io/

picture hannob
👍20 👀4

Most helpful comment

SHA-1 chosen-prefix attacks are now in the USD 10k-100k range. This presents a very real threat, for example against bittorrent-distributed software that might be used by dissidents or whistleblowers.

BitTorrent v2 should be high priority now.

picture sbrudenell on 27 Oct 2020
👍7

All 6 comments

libtorrent announced BEP-0052 / BitTorrent v2 support today.
https://blog.libtorrent.org/2020/09/bittorrent-v2/

lachesis picture lachesis on 8 Sep 2020
👀13

Transmission fails to open torrent files encoded with the v2 reference implementation that contain v1 and v2 data. The libtorrent blog post suggests this torrent should have been compatible with older clients. It works in a lot of other clients. The error message says “invalid or corrupt torrent file.”

da2x picture da2x on 24 Sep 2020

SHA-1 chosen-prefix attacks are now in the USD 10k-100k range. This presents a very real threat, for example against bittorrent-distributed software that might be used by dissidents or whistleblowers.

BitTorrent v2 should be high priority now.

sbrudenell picture sbrudenell on 27 Oct 2020
👍7

real threat, for example against bittorrent-distributed software that

What will happen if Info Hash is generated in DHT that will be the same for different data, i.e. a SHA1 collision? There were some answers on stackechange, but they were not adequate for me...

ValZapod picture ValZapod on 3 Nov 2020

What will happen if Info Hash is generated in DHT that will be the same for different data, i.e. a SHA1 collision? There were some answers on stackechange, but they were not adequate for me...

BitErrant could be used to initially seed a benign payload, then later switch to a malicious payload. You could either selectively deliver the malicious payload only to chosen targets, or just start delivering it to everyone after some time.

sbrudenell picture sbrudenell on 3 Nov 2020

Any updates to this? Can we expect it this year?

txtsd picture txtsd on 18 Jan 2021
Was this page helpful?
0 / 5 - 0 ratings

Related issues

uriva picture uriva  ·  35Comments
ennorehling picture ennorehling  ·  21Comments
ghost picture ghost  ·  27Comments
robross0606 picture robross0606  ·  21Comments
hulekgre picture hulekgre  ·  33Comments