search

qbittorrent / qBittorrent

qBittorrent BitTorrent client
https://www.qbittorrent.org
Other
27.04k stars 3.89k forks source link

Leaving settings_pack::allowed_enc_level to default? #18752

Open mayli opened 1 year ago

mayli commented 1 year ago

Suggestion

Historically RC4 and Message Stream Encryption is chosen for protocol obfuscation, not really anything secure. As noted from libtorrent.

The protocol encryption feature is not intended to provide any authentication or confidentiality.

I'v noticed qb always set this option to pe_rc4 even for the "allow encryption", this extra enc/dec could slowdown on machines with weaker CPU, and make it less compatible with the default option.

https://github.com/qbittorrent/qBittorrent/blob/77bd09bb8b3191e98cff7502284c657cf33e73f0/src/base/bittorrent/sessionimpl.cpp#L1610

The current hardcoded default will decrease the performance and compatibility, and will not bring too much security. I suggest qb should only set this on case 1: // Forced, to allow users to lower the cpu usage and talk to systems with lt::settings_pack::pe_forced with allowed_enc_level=pe_plaintext.

Use case

Seeding at high speed or on a system weaker cpu.

Extra info/examples/attachments

No response

Chocobo1 commented 1 year ago

Seeding at high speed or on a system weaker cpu.

Then you should consider turning off encryption, see https://www.libtorrent.org/single-page-ref.html#out_enc_policy Also the highest cost isn't at RC4. Allowing pe_plaintext isn't going to be significantly different.

Those encryptions doesn't bring better security (or anything beneficial nowadays), you even said it yourself:

Historically RC4 and Message Stream Encryption is chosen for protocol obfuscation, not really anything secure.

mayli commented 1 year ago

Turning it off will make the client unable to handshake with peers that only accepts encrypted connections. I think there should be an option to allow connecting to such peers, and negotiate with both pe_plaintext and pe_rc4.

Yeah, there won't be a significant difference, but as from the vuze, there is some

Where the plaintext mode only provides basic anti-shaping obscurity, no security and low CPU usage the RC4 encryption obfuscates the entire stream and not only the header and adds some cryptographic security at the price of spent CPU cycles.

It might worth to benchmark the difference of these two modes on the impact of cpu usage with the simulation here. I might come back with some data later.