Torrent Encryption is a critical component of safe torrent setup. It is possible to encrypt both your torrent downloads and tracker communications, and making BitTorrent much more secure.
Benefits of Torrent Encryption:
- Stop your Internet Provider from snooping on your Torrent Traffic
- Prevent throttling or blocking of your torrents
- Make torrent activity harder to trace (if you use a VPN).
Best of all, there are multiple ways to encrypt your torrents. You can even add some lightweight encryption for free in compatible clients like uTorrent, Vuze, QBitTorrent & Deluge.
But the best option (as you’ll see) is to use zero-log VPN to encrypt your torrents.
What Is Encryption?
You use encryption on the web every day, though you may not realize it. Every time you visit your bank or credit card company’s website, or make a purchase on amazon; your web browser is using encryption.
Encryption prevents 3rd-parties or intermediaries from reading your transferred data.
This prevents identity theft when sending sensitive data over the internet like credit card numbers, addresses, and passwords.
Without encryption, anyone sharing the same network as you can potentially read your full data stream (think public wifi networks). Also, your ISP (internet provider) can use deep packet inspection to read all your transferred data, monitor your downloads, and record your web history.
Encryption scrambles/protects the data you’re sending so only the website/server your communicating with is able to read it.
Encryption is powerful. And if you use it correctly, your ISP will have no idea you’re using BitTorrent at all!
Why Encrypt Your Torrents
It takes only two words to explain why you should encrypt your torrent traffic:
Speed: This quarterly global internet report found that bittorrent was the #1 user of upstream bandwidth in North America in 2014, ahead of major companies like Youtube, Netflix, and Skype. So it should be no surprise that many major ISP’s choose to throttle (slow) torrent uploads/downloads.
In order to throttle a specific software/service, your ISP must be able to read your traffic and separate it from other unthrottled uses. Encryption prevents your ISP from doing so. Read our full guide to torrent throttling.
Privacy: By default, your torrent downloads are completely unencrypted. This means your ISP can see exactly what files you’re seeding/downloading and how much data you’re transferring via bittorrent. Proper use of encryption will prevent your ISP from monitoring your downloads and web-browsing history
Two Encryption Options: VPN vs. In-Client Encryption
All desktop torrent clients now feature optional built-in encryption, but this method has it’s limitations and will dramatically reduce peer availability (and speeds). A better alternative is to use a tool called a VPN (Virtual Private Network). A VPN provides even stronger encryption, won’t reduce your # of available peers, and has the added benefit of hiding your IP address in torrent swarms.
Built-In Encryption Option
- Completely Free
- May prevent throttling
- Easy to set up
- Weak encryption
- Doesn’t disguise traffic
- May reduce peers (and speed)
- Doesn’t hide your IP address
This is a completely free encryption method that will allow you to encrypt data transfer between other peers, as long as they also have encryption enabled.
If the peer doesn’t have encryption enabled, then depending on your settings:
- Your data will be downloaded Unencrypted
- Or you won’t be able to connect to that peer (if using forced encryption mode)
In order to guarantee full-time encryption using the built-in method, the encryption mode must be set to ‘Forced’ (or the equivalent your own torrent software, which we’ll discuss in the step-by-step settings later). The downside of this is you can only then connect to peers who also have encryption enabled. This can reduce your available peers by as much as 95% (resulting in poor speeds if the torrent doesn’t have many seeds).
Important Note: Using this method will only encrypt your torrent downloads. It will not encrypt your web-browsing, or hide the fact that you’re visiting torrent websites. It will also not encrypt the download of the initial .torrent file from the web, just the transfer of the underlying files. This method also does not hide your torrent IP address.
VPN Encryption Option
Using a VPN to hide your torrent activity is extremely simple. It requires 4 steps:
- subscribe to a torrent-friendly vpn service
- download the VPN software
- Connect to a torrent-safe server location (as simple as 1 mouse click)
- Download torrents anonymously.
Why a VPN is the BEST option
Using a VPN has 3 distinct advantages vs using your torrent client’s built-in encryption.
- VPN encryption is much MUCH stronger (effectively unbreakable)
- Using a VPN will not reduce your # of available peers
- A VPN will also hide your real ip address in torrents (making your downloads anonymous/hard to trace)
The built-in encryption option is generally using around 64-bit encryption strength. The best torrent VPNs by contrast use 256-bit OpenVPN encryption.
This may not seem like much of a difference (it only looks like 4x) but because of the way the mathematics of encryption works, 256-bit encryption is actually 2192 times as strong (that’s 2 to the power of 192. That’s a really big number).
That’s the difference between encryption that can be easily broken via brute force attacks, and using 256-bit encryption which is the same strength used by the U.S. military for top secret communications. (For comparison, the US government only uses 128-bit encryption for general communication). In other words, 256-bit encryption is extremely strong.
100% Peer Availability means faster download speeds
In order for your torrent client’s encryption to work, the peers you’re connecting to must also have encryption enabled.
A VPN is able to fully encrypt your torrents without your peers having encryption enabled.
Because the VPN server encrypts your entire data stream (regardless of your peers encryption settings) you get 100% peer availability (and faster speeds) without ever risking an unencrypted connection.
Anonymous IP address makes your torrenting WAY harder to track
Make no mistake, an anonymous IP address is the biggest benefit of using a VPN.
When you download a torrent, your IP address (which can identify your unique internet connection) is publicly visible to every other peer in that torrent swarm.
Many people don’t realize that most torrent monitoring is done by logging IP addresses in torrent swarms, not your ISP monitoring your traffic. Sites like IKnowWhatYouDownload keep a database torrents downloaded by each IP address they’ve monitored.
If you use a non-logging VPN, the IP address that appears in your torrent swarms will be one that belongs to your VPN service. If the VPN company keeps no logs (like this one), your torrent IP address cannot be traced back to your true IP.
3 Great Non-logging VPN’s
- IPVanish (Fastest VPN we’ve tested)
- NordVPN (includes VPN and SOCKS proxy service. 30-day, 100% refund policy
- Torguard (One of the oldest non-logging VPNs catering to torrent users)
Free encryption (using your torrent client)
Alright, now we’ll show you step by step how to enable encryption in your favorite torrent client. This is a feature built into every major torrent client.
Just remember that using encryption inside your torrent client has the following limitations:
You can either have 100% encrypted connection, or 100% peer availability. You can’t have both. Using forced (full time) encryption will reduce your number of available peers.
Each torrent client uses it’s own terminology/settings when it comes to activating encryption. No matter what words they use however, there are really only 3 primary encryption modes:
- Encryption Disabled (no encryption)
- Optional Encryption (Will use encryption with peers that have it enabled, but also connect to unencrypted peers)
- Forced Encryption (only connect to encryption-enabled peers. 100% encrypted downloads)
Alright, let’s get encrypted. The torrent clients are in alphabetical order.
Deluge Encryption Settings
Recommended Reading: Our complete guide to torrenting anonymously with Deluge
Step #1: Open the preferences menu by going to Edit > Preferences (or hit ‘Ctrl+P)
Step #2: Select ‘Network’ from the categories tab on the left of the preferences menu
You’ll see a window that looks something like this:
Note the ‘Encryption’ section at the bottom of the window. The settings we’ll choose will depend on your preferences and risk tolerance.
Here are the settings for each mode:
1. Encryption Disabled (not recommended)
- Inbound Encryption: Disabled
- Outbound Encryption: Disabled
2. Optional Encryption (uses encryption when available)
This mode will use the strongest available encryption option. You will have access to all peers, but not all connections will be encrypted.
- Inbound: Enabled
- Outbound: Enabled
- Level: Either
- Encrypt Entire Stream: Yes
3. Forced Encryption (only use 100% encrypted connections)
This is the safest mode (and will help prevent torrent throttling) but you will only be able to download from a small % of total peers.
As long as you download well-seeded torrents, speeds should be good.
- Inbound: Forced
- Outbound: Forced
- Level: Full Stream
- Encrypt Entire Stream: Yes
Utorrent Encryption Settings
Step #1: From the uTorrent menu go to Options > Preferences (Or hit ‘Ctrl+P’)
Step #3: Go to the ‘Bittorrent’ tab on the left side menu
You should see something like this:
We’ll be changing the settings under the ‘Protocol Encryption’ section at the bottom. Here are the settings for each of the 3 encryption modes:
Set Outgoing to Disabled as shown in the image above.
You’re settings should look exactly like this:
Forced Encryption (100% encryption)
This mode will only connect to peers with encryption enabled. Settings should be:
Related: Make sure to read our complete guide to using uTorrent anonymously.
Vuze Encryption Settings
In order to adjust the Encryption settings in Vuze, you have to be in ‘Advanced’ user mode. So to do this, go to:
Tools > Options > Mode
Then change the user proficiency mode to: ‘Advanced’
Next, still in the Options screen, we’re going hit the TOGGLE to the left of ‘Connection’ to expose the ‘Transport Encryption’ settings…
Here are the optimal settings for each of the 3 modes:
Uncheck the ‘Require encrypted transport’ box. All options below should be grayed out (as in the image above)
To enable optional (not forced) encryption in vuze you essentially turn on required encryption but designate fallback options in case the peer doesn’t allow encrypted connections.
Your settings should be:
- Require encrypted transport: yes
- Minimum encryption level: RC4
- Allow non-encrypted outgoing connections: yes
- Allowing non-encrypted incoming connections: yes
Forced Encryption (100% encrypted transfer)
This is the safest mode and will be the best defense against ISP torrent throttling. You will have fewer available peers (which is why you’re better off using a torrent-friendly VPN instead)
Your settings should be:
- Require encrypted transport: Yes
- Minimum encryption level: RC4
- Allow non-encrypted outgoing: no
- Allow non-encrypted incoming: no
You should also read: Our guide to Anonymous Torrents with Vuze
Summary & additional reading
Encryption is a critical privacy layer in your quest for safe torrents. Whether you use a standalone tool (VPN) or opt for the weaker in-client protocol encryption, you’ll still be better of than you would without it.
Not only will you prevent monitoring technology like packet inspection, but you’ll likely be able to circumvent throttling as well.
Other guides you should read: