Encrypted File Sharing: P2P Fights Back

Is it possible to end the investigations and prosecutions that the RIAA, the music download police and similar entities use to prosecute users of file-sharing networks? The answer depends, say online security experts, on which next-generation technology proves to be more successful. So far, enforcement investigators hold the upper hand.

“Everybody now knows you can’t download stuff for free,” said Mark Ishikawa, CEO and founder of BayTSP, a leading security firm for the record industry. People who participate in file sharing through networks, he said, sooner or later will get caught. “It’s like playing Russian Roulette.”

But that could change soon. An innovative software product recently released by Syncodea could eliminate concerns about getting caught and sued for sharing music and data files. Syncodea CEO Leo Lee told TechNewsWorld that his product does not hide the IP address. Rather, it allows users of peer-to-peer shareware networks, such as Kazaa, to share files and data in encrypted transmissions on the open-swapping networks.

“This will end any technology that tries to monitor or duplicate files flowing in the P2P networks,” Lee said.

Anonymity Is the Goal

Masking the user’s IP address is the Holy Grail of file-sharing networks. With a hidden IP address, Web surfers can visit Web sites, post messages and send e-mail without leaving a traditional trail that can link the communication with a particular Internet connection to a computer’s physical location. Existing technology provides some degree of online anonymity.

A simple Internet search using the keyword “anonymity” results in several pages of information on service providers and software products that claim to mask a user’s online identity. Choices range from simple pseudonymous servers, such as anonymizer.com, to not-quite-completely impregnable anonymity offered by remailers.

Search results include directions for setting up privacy options and databases with hundreds of anonymous proxy servers located around the world. Also readily available are lists of anonymous proxy servers and directions for chaining connections through multiple proxy servers to further bury one’s Web-surfing tracks.

“We see developers trying to come up with tools that will give anonymity. But it doesn’t work,” Ishikawa told TechNewsWorld. “You can’t make IP addresses completely disappear. There are always tracks of activity on the Internet left behind.”

Ishikawa said IP address tracking is the nature of the beast and won’t change. He also does not see any hope for file traders who seek anonymity on peer-to-peer networks.

“We just don’t see a method for peer anonymity,” he said, adding that his company can even track dynamic addresses with state-of-the-art algorithms. Dynamic IP addresses are assigned by ISPs to a single user for a one-time logon. They are common for dial-up connections over telephone lines.

File Encryption Falls Short

Encrypting files before swapping them isn’t a reliable method to mask online activity, according to Internet security experts. Decryption keys are readily available, especially to experts whose jobs involve intercepting encrypted data that is part of file-swapping activities.

Experts say it is quite common for investigators to trap encrypted files from peer-to-peer networks and determine the content.

“Encryption might be used between nodes in the delivery process, but public keys are available to investigators. So that’s no solution for file swappers,” said Ishikawa of BayTSP.

BayTSP is one of only two companies that seek to identify individuals who are illegally sharing movies, music and software online. Its service is used by three of the five top record labels, six of the seven top movie studios and some of the largest software makers in the world. Those companies use data provided by BayTSP to pursue file traders, have them remove infringing material and, in some cases, prosecute them in the courts.

Fear of Getting Caught Big Deterrent

BayTSP logs 3.5 million to 5 million unique infringement attempts per day. The company publishes a monthly incident report on P2P usage. The report for the latest period available shows that use of Kazaa and its underlying Fast Track protocol held steady in April. Kazaa had an average of 2.9 million users daily, following several months of decline. eDonkey, which had been adding users for several months, also held steady during April with an average of 2.2 million users daily, according to that report.

File-swapping investigators work much like law-enforcement investigators who catch those who use false identities in chat rooms to talk to youngsters. The online investigator logs on to a P2P network and requests a specific file or song. When the file is downloaded to the investigator’s computer, the security company has the evidence needed to file charges.

Ishikawa said his company uses a three-step process to get users to stop sharing illegal files and music. One, investigators identify the file sharer. Two, the company that owns the intellectual property sends out a cease-and-desist notice. Three, investigators go to the file sharers’ ISP with a request that their Internet access accounts be terminated.

Typically, court-imposed fines range from US$5,000 to $150,000 per case. The average settlement is $3,000, according to Ishikawa.

Next Generation Solution

Leo Lee is confident that his innovative software creation, MyGudio, will turn the tables on investigators who hunt down file-sharers on P2P networks.

During a recent phone interview at a conference in Taiwan, Lee said MyGudio is designed to provide users with privacy while downloading every type of file through the Kazaa file-sharing network. The program is available as trialware from mygudio.com and download.com.

Next month, Lee plans to release a version of the program tweaked to work on the Morpheus file-sharing network. He said he doesn’t know yet if users will need a network-specific version of MyGudio or if a later version will work on multiple networks.

According to a mission statement on Lee’s Web site, the software is a solution for giving file sharers a defense against assaults on their online privacy. It says the developers believe P2P network users should have the tools to defend themselves against organizations that invade their privacy and online sharing activities.

How It Works

Lee said MyGudio doesn’t try to mask users’ identities. Instead, it blocks all monitoring software. “There is no perfect way to hide your identity online, so our solution blocks all monitoring software to protect file-sharers,” he told TechNewsWorld.

The software allows users to detect each file’s signature acronym. Much like a fingerprint, the signature acronym is the main source used by investigators to trace and verify the legitimacy of files being shared online.

MyGudio allows users to modify this signature to form a new acronym set. The result is that file-hunting software is disabled and cannot intercept and compare the origin of the file. As a result, the files selected for sharing are invisible or unrecognizable to organizations that search files based on file fingerprints stored in an investigating company’s database.

File encryption technology is a major strategy in the product’s design. MyGudio uses one of the most advanced security measures in the world: AES 256-bit file encryption keys. The 256-bit structure makes encrypted content virtually ironclad.

The Digital Encryption Standard (DES) keys are about 56 bits long. This provides 7.2 x 1,016 possible DES keys. With AES 256-bit keys, there are approximately 1,021 x 2 more keys possible than DES 56-bit keys provide. According to product information, it would take more than 8 million years for today’s fastest supercomputer to crack 256-bit AES encryption.

Shakeout Period

Lee said the initial version of MyGudio has a design limitation: It requires that both parties to a file-sharing exchange have an installed copy of the software. The software links up and periodically changes the decryption key.

Also, the software is designed for private rather than commercial use.

“This is the first stage. There are a lot of things we will have to improve upon,” Lee said.


  • The link in the article is broken: it links to myguido.com, rather than mygudio.com. (A rather understandable error; I read the whole article thinking it was a piece of software that was devoted to a large Italian man.) If you want to check the software out (8 day free trial before paying seventeen bucks for it), just type http://www.mygudio.com into your browser.

    • "Encryption might be used between nodes in the delivery process, but public keys are available to investigators. So that’s no solution for file swappers," said Ishikawa of BayTSP."
      Incorrect. Just having the public key wont help. As demonstrated with WASTE, un-authorized users aka "BayTSP Employees" can’t even connect to the network without exchanging keys with the servers admin.. I.E the admins takes the BayTSP key and the BayTSP takes the WASTE key. This bonding proccess is very unlikey to ever happen within the real underground WASTE P2P.
      "Experts say it is quite common for investigators to trap encrypted files from peer-to-peer networks and determine the content."
      Incorrect again. WASTE uses over 5 megs of encryption or some 5000 bits. It is slow at file tranfers correct, but I can assure you no BayTSB can defeat this PGP style encryption.

  • The article did not mention the Freenet initiative. Freenet (http://freenet.sourceforge.net/) is "free software which lets you publish and obtain information on the Internet without fear of censorship".
    It comes with file-sharing tools, like Frost, that perserve anonymity of the individuals and secrecy of the content.
    Freenet is a noble initiative against censorship and terror campaigns from lobbies like RIAA.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

More by Jack M. Germain
More in Hardware

Technewsworld Channels