BitTorrent dismissed claims that its popular peer-to-peer file synchronization program BitTorrent Sync has an insecure cryptographic implementation that potentially gives the company access to users’ files.
A group of security researchers who recently reverse engineered parts of BitTorrent Sync released a report Monday outlining several potential security issues they found. The most serious of those issues had to do with the leak of cryptographic hashes that correspond to folders shared between users to GetSync.com, a remote server operated by BitTorrent.
The analysis revealed the “probable leak of all hashes to getsync.com and access for BitTorrent Inc to all shared data,” the researchers said in their report posted on the website of the Hackito Ergo Sum security conference.
This results from a change in the folder-sharing procedure that was introduced after the original Sync releases, which used a different, more secure mechanism, the Hackito researchers said. “This may be the result of NSL (National Security Letters, from US Government to businesses to pressure them in giving out the keys or introducing vulnerabilities to compromise previously secure systems) that could have been received by BitTorrent Inc and/or developers.”
BitTorrent posted a response on its community forum to clarify that the central server is just there to enable peers to discover each other and does not play a role in the actual synchronization process, which is encrypted peer-to-peer.
“Folder hashes are not the folder key (secret),” Konstantin Lissounov, the general manager for BitTorrent Sync, said. “They are used to discover other peers with the same folder. The hashes cannot be used to obtain access to the folder; it is just a way to discover the IP addresses of devices with the same folder.”
The folder-sharing mechanism between BitTorrent Sync users relies on links to GetSync.com that include the folder hash and cryptographic keys, according to the Hackito report.
However, those links only contain the public keys that are needed before the machines can actually exchange the secret keys, Lissounov said.
“The link itself cannot be used for decrypting the communication as it only contains the public keys of the machines involved in the exchange,” he said. “After a direct connection is established (the user can verify that by comparing the certificate fingerprint for both peers) Sync will pass the folder key over an encrypted channel for the other peer. In addition, the public key and the folder hash appear after the # sign in the URL, which means that all modern browsers won’t even send this to the server.”
Compromising the public infrastructure that supports the peer discovery cannot impact the security of the Sync program, which is completely dependent on the client-side implementation, Lissounov said.
In order to support these claims, BitTorrent also published a letter from iSEC Partners, a security firm that was contracted earlier this year to audit BitTorrent Sync’s cryptographic implementation. According to the letter, iSEC’s review covered the program’s implementation and usage of cryptographic primites like hashing, encryption and randomness generation; the key exchange mechanism; the invite and approval process; folder discovery by remote peers and possible cryptographic attacks on Sync infrastructure.
“BitTorrent Sync applied generally accepted cryptographic practices in the design and implementation of Sync 1.4 as of July 2014,” the iSEC letter reads.