More P2P Traffic Using SSL Encryption
SSL encryption is increasingly being used on peer-to-peer networks to deliver large files and video over the Internet, a trend that is likely to increase as networks step up their efforts to filter traffic based on content type. Some of the P2P networks are encrypting their traffic for business purposes, but for many other P2P networks the primary benefit of encryption is to avoid being blocked by ISPs or universities concerned about bandwidth consumption or illegal file sharing.
The latest data on the trend comes from a UK ISP, whose metrics were obtained by The Register, which said the volume of encrypted P2P traffic has risen ten-fold in just a year, and now represents more than half of all P2P traffic. The Reg’s analysis – that the encryption is being used to hide illegal file transfers – was rebutted by TorrentFreak, which has been tracking the use of SSL to defeat attempts by ISPs to limit P2P network usage, a practice known as bandwidth shaping or “throttling”. SSL is designed to make traffic secure from hackers, and is used in online banking and e-commerce, as well as logins for webmail.
One of the challenges facing network providers is that P2P traffic is traveling over the same ports used by secure web sites. Bill Norton of Equinix, who has studied the operation of P2P networks, noted earlier this year on the NANOG mailing list that “the sophisticated peer-2-peer is encrypting and running over ports no one will shut off, the secure shell ports that are required for VPNs.”
That hasn’t deterred some providers from scrutinizing SSL usage. There were reports this summer that Canada’s Rogers Cable was limiting the amount of bandwidth available to SSL traffic and disrupting SSL-enabled web sites in the process.
One P2P service encrypting traffic is Joost, the peer-to-peer IP television start-up from Kazaa and Skype founders Niklas Zennstrom and Janus Friis. Joost’s use of SSL made the news in early April, when the SSL certificates used to encrypt all communication between the clients and the Joost servers expired, effectively shutting down the service. Joost had hard-coded the details of the certificate into their client software. The company has since updated its software.
But Joost’s Colm MacCarthaigh noted that although the volume of traffic from Joost will affect network operators, they’re not trying to disguise their traffic. “We’ve designed our traffic to be easily categorisable and we know how the real internet works,” he said.