Alliance takes the best from BitTorrent, Direct Connect and Waste and creates a decentralized and secure p2p network. It is a private and secure environment to share files and communicate with people you know. Alliance works on Windows, Linux and Mac.
Project Member Reported by DeathfireD, Feb 6, 2010
I don't know the best way to do this though. I'm thinking the most secure
would be to do it on connection. When attempting to connect to someone at
startup, somehow have alliance clients pass what encryption level their
using. Then your client would auto use that encryption level for that
connection thread. This way if you have 3 friends using SSL 128bit and 5
friends using default, you can still connect and download from them all
fine and still keep shit secure....for the most part. Most Bittorrent
clients have this option.
The only problem I see here is what if you have SSL 128 bit set and your
client uses default for a few connection threads because your friends are
using the default...that defeats the purpose of you setting 128 bit in
settings lol. I'm thinking we might need to pull a bittorrent and create 3
or 4 different connection levels.
1) "Forced default" - only allows people using the default encryption to
connect to and from you.
2) "Auto Determine" - What I suggested at the top of the page. This would
change your connection thread to them to whatever they are using for
encryption. If both have this setting on then the highest encryption level
between you too will take priority.
3) "Forced SSL AES 128 bit" - only allow connections from people using SSL
AES 128 bit.
4) "Forced SSL AES 256bit" - only allow connections from people using SSL
AES 128 bit.
The second being what we have now where only people using the same
encryption levels can connect to eachother.
I'm sure there's loads of problems we'll run into with this...it's
something we'll have to do a lot of thinking before implementing.
May 23, 2010 Delete comment #1 Erol512
Well, you need to make sure you're taking into account a default encryption option.
uTorrent for example allows unencrypted, encryption forced, or encryption with
fallback option. Within Alliance it might be good to have an option for your desired
encryption, and options for the minimum and maximum encryption you will allow.
Another idea is having the desired option, and a toggle as to whether you will
fallback to other encryption levels (this is particularly decent if there are only
two options, Basic and Strong).
Basically, make sure you prepare for a situation where two clients are set to
something like "auto determine" - what encryption would they use?
May 23, 2010 Delete comment Project Member #2 DeathfireD
Erol512 - read #3. "If both have this setting on then the highest encryption level
between you too will take priority." Meaning AES 256. Now that I think about it
though, it might be best to use the default encryption if both have "Auto Determine" on.
May 23, 2010 Delete comment #3 Erol512
Well, in my case, I would want to use 128bit encryption, but allow any other type of
encryption to be used. Within the four connection levels listed above, that isn't
possible.
Jul 22, 2010 Delete comment Project Member #4 DeathfireD
4 should be "Forced SSL AES 256bit" - only allow connections from people using SSL
AES 256 bit.
Mar 3, 2011 Delete comment Project Member #5 DeathfireD
Looking back at this I think a revision is in order. We could actually do this a better way. The easiest way would be to have alliance automatically change your connection thread to whatever the highest encryption level is that's being used between you and your connecting friend(s). So, for example, if you are using default and they are using 256bit AES then your client would switch to that when attempting to connect to them. If you where using 256bit AES and your friend was using 128bit AES then they'd switch to 256bit.
To add more info to the client without making it more confusing, I think an icon or color should be chosen for each encryption level we offer in Alliance and display it in the friends list so you know what levels you are using with each friend.
Project Member Reported by DeathfireD, Feb 6, 2010 I don't know the best way to do this though. I'm thinking the most secure would be to do it on connection. When attempting to connect to someone at startup, somehow have alliance clients pass what encryption level their using. Then your client would auto use that encryption level for that connection thread. This way if you have 3 friends using SSL 128bit and 5 friends using default, you can still connect and download from them all fine and still keep shit secure....for the most part. Most Bittorrent clients have this option.
The only problem I see here is what if you have SSL 128 bit set and your client uses default for a few connection threads because your friends are using the default...that defeats the purpose of you setting 128 bit in settings lol. I'm thinking we might need to pull a bittorrent and create 3 or 4 different connection levels. 1) "Forced default" - only allows people using the default encryption to connect to and from you. 2) "Auto Determine" - What I suggested at the top of the page. This would change your connection thread to them to whatever they are using for encryption. If both have this setting on then the highest encryption level between you too will take priority. 3) "Forced SSL AES 128 bit" - only allow connections from people using SSL AES 128 bit. 4) "Forced SSL AES 256bit" - only allow connections from people using SSL AES 128 bit.
The second being what we have now where only people using the same encryption levels can connect to eachother.
I'm sure there's loads of problems we'll run into with this...it's something we'll have to do a lot of thinking before implementing. May 23, 2010 Delete comment #1 Erol512 Well, you need to make sure you're taking into account a default encryption option. uTorrent for example allows unencrypted, encryption forced, or encryption with fallback option. Within Alliance it might be good to have an option for your desired encryption, and options for the minimum and maximum encryption you will allow. Another idea is having the desired option, and a toggle as to whether you will fallback to other encryption levels (this is particularly decent if there are only two options, Basic and Strong).
Basically, make sure you prepare for a situation where two clients are set to something like "auto determine" - what encryption would they use? May 23, 2010 Delete comment Project Member #2 DeathfireD Erol512 - read #3. "If both have this setting on then the highest encryption level between you too will take priority." Meaning AES 256. Now that I think about it though, it might be best to use the default encryption if both have "Auto Determine" on. May 23, 2010 Delete comment #3 Erol512 Well, in my case, I would want to use 128bit encryption, but allow any other type of encryption to be used. Within the four connection levels listed above, that isn't possible. Jul 22, 2010 Delete comment Project Member #4 DeathfireD
4 should be "Forced SSL AES 256bit" - only allow connections from people using SSL
AES 256 bit.
Mar 3, 2011 Delete comment Project Member #5 DeathfireD Looking back at this I think a revision is in order. We could actually do this a better way. The easiest way would be to have alliance automatically change your connection thread to whatever the highest encryption level is that's being used between you and your connecting friend(s). So, for example, if you are using default and they are using 256bit AES then your client would switch to that when attempting to connect to them. If you where using 256bit AES and your friend was using 128bit AES then they'd switch to 256bit.
To add more info to the client without making it more confusing, I think an icon or color should be chosen for each encryption level we offer in Alliance and display it in the friends list so you know what levels you are using with each friend.