Security Features

[p3nt4]

Hi,
What are the security features?
Does it support authentication and encryption?

Cheers,

[nirvik]

Hi,
I couldn't figure out, how to make the election process secure in an untrusted decentralized environment. I would love to add that security in future.
But, for the time being, I have made sure that the file transfer is secure. It works as follows:

1. The file is originally chunked into pieces and each piece is hashed.
2. All the piece hashes are concatenated and hashed again to form one single hash called the 'root_hash'.
3. The leecher obtains the 'root hash' from the leader.

So, before the file transfer begins, the leecher requests the seeder to send him the concatenated hashes of all pieces. This is done, so that the leecher can hash them and compare it with the 'root hash' it obtained from the leader.

After the confirmation, the file transfer is initiated.

On receiving every piece, the leecher hashes the piece content and verifies it with the appropriate section of the concatenated piece_hash it received from the seeder earlier.

If the hash of the piece is verified, it safely writes to the file.

[p3nt4]

I would love to implement this tool with my coworkers but we are security enineers so I need to do my due diligences first.
It would be nice to implement some mutual authentication mechanisms.
The easiest I can think of would be to use a pre shared key: derivate an encryption key from a shared password and encrypt all data in transit with it.
A more ellaborate system with certificates would be awesome.