Help for Encryption in Linux

[conmac7h]

Good morning from Greece.
I need some help for full encryption.

--> @ Encryption mode i have 3 choices: Allow Encryption, Prefer, Require. I thing the "Require Encryption" is this for "full" encryption, right?
--> Also there are two other checkboxed: "Use PEX to find more peers" and "use DHT to find more peers". What should do this those checkboxes?

To give you an example, @ my mtorrent client (windows) my setting are those:



I have Forced the encryption and "allow incoming legacy connections" checkbox, unchecked
I thing the "forced" @ mtorrent is the same with require encryption @ transmission. Am i right?.

[blacke4dawn]

If by "full" you mean only encrypted peers then yes, you are correct.

DHT and PEX are parts of a system to find more peers without relying on a tracker and has nothing to do with encryption itself, they are very good at adding peers when there are no trackers available. Unless you have a fairly low transfer quota from your ISP then you can leave them on, they generate some traffic even if there are no active torrents.

[conmac7h]

If by "full" you mean only encrypted peers then yes, you are correct.

Yes that i mean.
So thew only thing that matter is to have the encryption mode set to "Require Encryption", right?
One other thing. the azureus client have a choice for encryption level (plain and RC4), also there is another checkbox for "cryptoport" to avoid plain incoming connections.
Those settings doesnt exist for transmission huh?
Arent important or what?

[blacke4dawn]

I haven't read up on the bittorrent protocol but I take it that "plain" encryption isn't worth bothering with. As for the port as far as I know there is no defined way to tell other clients to make encrypted connections on one port and non-encrypted on another.

[Nemo_bis]

Transmission normally uses RC4, however I think there may be certain circumstances where plaintext would be used for a DHT handshake.

This sounds very bad, where can I verify what sort of traffic Transmission doesn't encrypt (or doesn't encrypt without enabling "forced" encryption)?

P.s.: Older messages couldn't tell anything definite about DHT.

To clarify a misconception -- Deluge and Transmission both have RC4 based encryption, same as Vuze. The encryption spec for BitTorrent is well-defined and implemented by all the major players.

I know I insist a little bit ^^ but if the encryption is set to required encryption I'm sure that all exchanges (peers ) are encrypted ?

Peer to peer communication, yes, but not trackers and DHT. Actually I'm not 100% sure about DHT, so maybe someone else will provide a definite answer.

P.p.s.: Adnan claims:

This is client-specific. A while ago, I've analyzed uTorrent and Transmission, they both use encryption for DHT/PEX (if enabled and forced). Many other clients have encryption enabled, yet they allow legacy connections (non-encrypted).