Original URL: http://www.theregister.co.uk/2007/11/08/bittorrent_encryption_explosion/

Surge in encrypted torrents blindsides record biz

BPI claims losing is winning in P2P arms race

By Christopher Williams

Posted in Law, 8th November 2007 11:53 GMT

Exclusive The legal crackdown and publicity blitz aimed at people who share music, videos and software online may be having an unintended consequence for the troubled record industry. The number of file-sharers disguising their BitTorrent activity with encryption is skyrocketing.

Figures from a large UK ISP obtained by The Register show that the portion of BitTorrent traffic encrypted by file-sharers has risen 10-fold in the last 12 months, from four to 40 per cent.

This time last year, unencrypted torrents accounted for about 500Mbit/s of bandwidth, while files that had been scrambled by uploaders swallowed just 20Mbit/s.

The latest data shows that bandwidth used by unencrypted torrents has fallen to 350Mbit/s. Sharing of masked music, video and software has meanwhile exploded to average more than 200Mbit/s.

Matt Phillips, spokesman for UK record industry trade association the British Phonographic Institute, told The Reg: "Our internet investigations team, internet service providers and the police are well aware of encryption technology: it's been around for a long time and is commonplace in other areas of internet crime. It should come as no surprise that if people think they can hide illegal activity they will attempt to."

"When encryption is used to cloak torrent traffic it tends to be to hide something, and attracts greater attention for that reason. If certain ISPs are experiencing disproportionately high volumes of encrypted torrent traffic we expect it is partly in response to a combination of effective ISP abuse teams the enforcement efforts of the police and industry."

The last year has seen a significant escalation of the movie and music industry campaign against copyright infringement. The RIAA secured its first jury trial against Jammie Thomas, popular tracking site TorrentSpy was ordered to collect user data, and the supposedly private UK-based OiNK network was busted.

The file-sharing public's response has been revealed by analysis of data from deep packet inspection (DPI) technology, such as that made by Ellacoya and Cisco's P-Cube. Many ISPs, including BT here and Comcast in the US, have now deployed the kit to help throttle the amount of bandwidth consumed by P2P and other greedy net applications. Some BitTorrent encryption is certainly an effort to avoid such restrictions.

While DPI is able to identify and manage encrypted file-sharing packets, it is unable to look inside those packets for copyright infringement.

The trend towards encryption means current efforts by music publishers and government to cut a deal with ISPs to create a monitoring system to boot persistent copyright infringers off the internet, which we revealed last month is likely to be rendered pointless.

Neil Armstrong, products director at BT-owned ISP PlusNet, said: "It isn't possible for us to tell if a customer is downloading a copyright file or not unless we specifically 'snoop' every packet on the customer's line.

"We would obviously only do this where we have a proper request from the relevant legal authority to do so, and even then it is unlikely we would be able to see inside encrypted payloads."

The most popular BitTorrent client, uTorrent, can be configured to use RC4 encryption to obscure torrent streams and header information. Armstrong said that although future DPI gear may be able to grab some header detail, the music or movie itself is likely to remain inaccessible.

So-called content filtering software from Audible Magic cannot peer inside encrypted packets, either.

The rapid acceleration in encryption isn't limited to BitTorrenters. Estimates say torrent traffic accounts for about between 50 and 60 per cent of all file-sharing. Usenet, which the RIAA recently said is a bigger offender than Kazaa-type services, accounts for about another 25 per cent. It's set to see more scrambled files shared over it, too, as providers including Giganews now offer SSL encryption.

Paul Sanders, part of the team of music and ISP veterans behind PlayLouder, the first "Media Service Provider", which will let subscribers share music freely and legally in exchange for a small premium on the monthly broadband bill, sounded the alarm. "I think this trend is absolutely a warning to those people in the music industry who believe they can win this war," he said.

"There's got to be a commercial settlement. Both sides [ISPs and the record industry] are destroying the value in music." Sanders believes the much-debated blanket licence and download services that are "better than free" are one the way out of the arms race with determined freeloaders.

Even if BitTorrent encryption can be defeated somehow, there's another P2P protocol on the horizon. It's being specifically designed to dodge monitoring systems. ®