Professional Documents
Culture Documents
com
If you are a frequent (or even casual) bittorrent user, you should absolutely be
encrypting your torrent traffic. Torrent encryption has several privacy advantages
including:
We’ll also discuss the 2 primary methods of encrypting torrent traffic (one of which is
much stronger and more secure).
What is encryption
Dictionary.com defines ‘Encryption’ as the act of:
1. to put (a message) into code
2. to put (computer data) into a coded form
3. to distort (a television or other signal) so that it cannot be understood without the appro
A VPN is definitely the best option as we’ll explain, because of the difference in how
the encryption is applied. To see why, we’ll examine how each option works:
Most torrent clients include a ‘protocol encryption’ option. This will allow you to make
encryption an available option, and some clients allow you to force encrypted
connections to peers. This sounds great (because it’s totally free) but there are
drawbacks to this method:
1. Reduced Peer Availability: If you don’t choose to ‘force’ encryption, then most of
your peer connections will be made unencrypted (defeating the purpose). If you
do force encryption, then the number of available peers will drop significantly
(limited to only other peers that allow encryption). This can negatively affect
torrent speeds, or even make downloading the complete file impossible.
2. Weak encryption algorithm: The bittorrent protocol uses the RC4 encryption
cipher with an encryption key strength of between 60-80 bits (which is quite
weak compared to AES which is the standard for OpenVPN traffic).
3. Obfuscation Not Effective against torrent-blocking technology: The torrent
encryption protocol is designed to help torrent traffic survive DPI inspection
and slip through torrent-blocking firewalls. But Sandvine (a company that builds
enterprise-level firewalls for ISPs) can reportedly identify and block most
bittorrent traffic despite protocol encryption.
4. May encrypt data ‘header’ not full stream: Each torrent client (Vuze, uTorrent,
Tixati, etc.) chooses it’s own encryption implimentation. And some only encrypt
the ‘headers’ of the data packets, not the contents or payload. This makes it
trivially easy to identify torrent traffic by inspecting the message payload. Some
clients like uTorrent and Vuze do offer full stream encryption.
VPN Encryption
The built-in protocol encryption in your torrent client encrypts each connection on a
peer-by-peer basis. This means it’s managing several (possibly hundreds) of weak
encrypted connections simultaneously.
A Virtual Private Network encrypts your traffic as a whole, not just torrent traffic. And
it does so using extremely strong AES encryption, which can’t be inspected or
decrypted by your Internet Provider or network firewall.
No Setup Required: Unlike your torrent client’s encryption, a VPN doesn’t require you
to change (or screw up) any manual settings in your torrent software. It’s just 1-click
to connect and it just works.
Best Options: We’ll discuss or recommended VPNs in the next section, but they’re all
from our list of top p2p/torrent VPNs.
That’s it. One click and you’re set. You can also turn on the kill-switch which will
prevent your real IP address from leaking if the VPN connection fails.
Kill Switch ENGAGED
Note: We’ll only be showing the ‘maximum’ encryption settings for each torrent client.
Anything less than ‘forced’ encryption (to all peers) will mean that some connects
aren’t encrypted. That defeats the whole purpose.
Finally, there is no need to use this method if you’re already using a VPN for
encryption. It’s redundant, adds no security, and will just slow your speeds.
uTorrent/BitTorrent
Vuze
Deluge
QBittorrent
Tixati
uTorrent/BitTorrent Encryption settings:
1. Go to: Options > Preferences > Bittorrent (tab) > Protocol Encryption
2. Choose ‘Forced’ for outgoing encryption.
3. Click ‘apply’
Vuze/Azureus
1. Go to: Tools > Options > Connection > Transport Encryption
2. Enable ‘require encrypted transport’
3. Set minimum encryption level to RC4
4. Optional: Use the ‘Cryptoport’ extension to block some unencrypted tracker
communications
If you want you can chose to ‘allow non-encrypted connections’ as a fallback (for
poorly seeded torrents) but remember that this means some peer connections won’t
use encryption. Your ISP could monitor, throttle, or block them.
Deluge Encryption
Deluge gives you a bit more control over the encryption settings than some other
torrent software.
There several encryption options, but they really boil down to 2 basic profiles:
Inbound: Enabled
Outbound: Enabled
Level: Either
Encrypt entire stream: Yes
Inbound: Forced
Outbound: Forced
Level: Full Stream
Encrypt Entire Stream: Yes
Go to: Tools > Options > Bittorrent (left menu) > Privacy (top section) > Encryption
mode
Note: The Qbittorrent Wiki doesn’t clarify the encryption settings. Nor does it say
whether it’s up/down (or just one way) or full-stream or just an encrypted header. If
you want serious encryption with QBittorrent, choose one of these VPNs.
Tixati
To access Tixati’s encryption settings, go to:
Just remember that the built-in option is quite limited in strength and effectiveness. If
you’re up against a firewall or ISP that actively blocks torrents, you’ll need to get a VPN
like IPVanish. Try this 20% off coupon and get security and torrent privacy in one
awesome tool.
If you have any questions or suggestions, please leave them in the comments. Please
follow us @vpnuniversity for security tips, VPN tutorials, and special discount offers.
https://www.vpnuniversity.com/bittorrent/torrent-encryption