It is possible for a network appliance (sandvine) to MITM the MSE protocol. A Proof of Concept (PoC) was written by modifying the official python bit torrent client. This PoC is available here:
http://bittorrenthacks.googlecode.com/f … E_MITM.zip
A more in-depth discussion of the attack can be found here:
http://www.blackhat.com/presentations/b … -PAPER.pdf
This is apart of the BitTorrent hacks project:
Last edited by TheRook (2011-04-27 17:15:45)
MSE is not designed to be MITM-secure. Its built under the assumption that MITM-attempts would be an unreasonable and potentially illegal modification of the user's traffic.
Last edited by TheRook (2011-04-29 11:34:24)
You only say that because you don't understand the threat model.
In MSE's threat model the adversary should be the ISP. ISP's are engaging in active attacks against BitTorrent (tcp rest flag). The MSE MITM attack I wrote is also an active attack. If you can't detect a protocol then you can't throttle it. The problem is that MSE looks strange. By contrast a lot of traffic is transmitted over ssl/tls and to ISP's this traffic looks normal. Also ssl/tls can be immune to active mitm attacks if they are backed by a PKI. An added benefit is that ssl/tls supports caching of handshakes, so after the initial connection the overhead is minute, especially when compared to the overhead of throttling.
In light of these attacks, which includes throttling. What purpose does MSE still serve?
Last edited by TheRook (2011-04-29 11:38:05)