chuck4100 Posted August 25, 2016 Report Share Posted August 25, 2016 (edited) So I was reading through some post and such about security and I'm not really concerned about BTSync's security but a thought occurred to me that I did not feel was addressed. What exactly stops someone from mass generating W/R keys then adding them in bulk to see if they catch anyone's shared folders? Like I realize its impossible or so to guess any given individual's folder but like game distributors like Steam will soft-ban and perma-ban accounts with too many invalid key redemptions to prevent people from typing random keys. Edited August 25, 2016 by chuck4100 Quote Link to comment Share on other sites More sharing options...
iswrong Posted August 25, 2016 Report Share Posted August 25, 2016 Warning: I am not a cryptographer, so this might be wrong. Standard Sync folder use 160-bit of random material. Brute forcing a specific folder is virtually impossible, because it is a search space of 2^160. We can use the birthday paradox to find out when we expect a collision, the birthday bound is 2^(n/2), so we expect a collision when 2^80 folder keys are generated. In other words, every member of the world population needs to have 1.633684e+14 folders before we expect a certain collision. Obviously, the key space is very sparse, so you'd have to do many more than 2^80 attempts to find a collision. Moreover, finding a collision has two complicating factors: For every generated key, you need to query the DHT, which has quite a lot of overhead for brute-forcing. BTSync sends a derivative of the key to discover peers. Even if you find a collision of the folder ID, it does not mean that you have found an in-use key. I am not sure if nodes that participate in the DHT apply rate limiting. But even if they don't, the attack that you mention seems impractical. Though it would be nice if one of the Resilio cryptographers can weigh in. Quote Link to comment Share on other sites More sharing options...
GreatMarko Posted August 29, 2016 Report Share Posted August 29, 2016 See also: Quote Link to comment Share on other sites More sharing options...
iswrong Posted August 30, 2016 Report Share Posted August 30, 2016 15 hours ago, GreatMarko said: See also: But this only talks about attacks on a specific folder. The topic starter is interested in the probability of colliding with any folder key and possible mitigations. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.