In order to support these claims, BitTorrent also published a letter from iSEC Partners, a security firm that was contracted earlier this year to audit BitTorrent Sync's cryptographic implementation. According to the letter, iSEC's review covered the program's implementation and usage of cryptographic primites like hashing, encryption and randomness generation; the key exchange mechanism; the invite and approval process; folder discovery by remote peers and possible cryptographic attacks on Sync infrastructure.
"BitTorrent Sync applied generally accepted cryptographic practices in the design and implementation of Sync 1.4 as of July 2014," the iSEC letter reads.
ISEC Partners was also contracted by the Open Crypto Audit Project to perform an audit of TrueCrypt source code earlier this year.
Sign up for Computerworld eNewsletters.