.i2p

I2P
I2P logo.svg
Original author(s)I2P Team[1]
Initial release2003; 18 years ago (2003)
Stable release
1.5.0 (API 0.9.51) / 23 August 2021; 58 days ago (2021-08-23)[2]
Preview release
1.6.0 (API 0.9.52)
Repository
TypeAnonymity application, Overlay network, mix network, garlic router, peer-to-peer
LicenseFree/Open Source – different licenses for different parts[3] Public domain, BSD, GPL, MIT
Websitehttps://geti2p.net

The Invisible Internet Project (I2P) is an anonymous network layer (implemented as a mix network) that allows for censorship-resistant, peer-to-peer communication. Anonymous connections are achieved by encrypting the user's traffic (by using end-to-end encryption), and sending it through a volunteer-run network of roughly 55,000 computers distributed around the world. Given the high number of possible paths the traffic can transit, a third party watching a full connection is unlikely. The software that implements this layer is called an "I2P router", and a computer running I2P is called an "I2P node". I2P is free and open sourced, and is published under multiple licenses.[4]

Technical design[]

I2P is beta software since 2003, when it started as a fork of Freenet.[5][6] The software's developers emphasize that bugs are likey to occur in the beta version and that peer review has been insufficient to date.[7] However, they believe the code is now reasonably stable and well-developed, and more exposure can help the development of I2P.

The network is strictly message-based, like IP, but a library is available to allow reliable streaming communication on top of it (similar to TCP, although from version 0.6, a new UDP-based SSU transport is used). All communication is end-to-end encrypted (in total, four layers of encryption are used when sending a message) through garlic routing,[8] and even the end points ("destinations") are cryptographic identifiers (essentially a pair of public keys), so that neither senders nor recipients of messages need to reveal their IP address to the other side or to third-party observers.

Although many developers had been a part of the Invisible IRC Project (IIP)[9] and Freenet communities, significant differences exist between their designs and concepts. IIP was an anonymous centralized IRC server. Freenet is a censorship-resistant distributed data store. I2P is an anonymous peer-to-peer distributed communication layer designed to run any traditional internet service (e.g. Usenet, email, IRC, file sharing, Web hosting and HTTP, or Telnet), as well as more traditional distributed applications (e.g. a distributed data store, a web proxy network using Squid, or DNS).

Many developers of I2P are known only under pseudonyms. While the previous main developer, jrandom, is currently on hiatus,[10] others, such as zzz, killyourtv, and Complication have continued to lead development efforts, and are assisted by numerous contributors.[1]

I2P uses 2048bit ElGamal/AES256/SHA256+Session Tags encryption[11] and Ed25519 EdDSA/ECDSA signatures.[12]

Releases[]

I2P has had a stable release every six to eight weeks. Updates are distributed via I2P torrents and are signed by the release manager (generally zzz or str4d).

Software[]

I2P 0.9.31-0 router console

Since I2P is an anonymous network layer, it is designed so other software can use it for anonymous communication. As such, there are a variety of tools currently available for I2P or in development.

The I2P router is controlled through the router console, which is a web frontend accessed through a web browser.

General networking[]

Chat[]

File sharing[]

Bridging to Clearnet[]

Currently, Vuze is the only torrent clients that makes clearnet (connections not through I2P) torrents available on I2P and vice versa, by using a plugin that connects them to the I2P network. Depending on the client settings, torrents from the internet can be made available on I2P (via announcements to I2P's DHT network) and torrents from I2P can be made available to the internet. For this reason, torrents previously published only on I2P can be made available to the entire Internet, and users of I2P can often download popular content from the Internet while maintaining the anonymity of I2P.[61][62]

Email[]

A screenshot of the inbox of I2P-Bote.

Instant Messaging[]

I2P Chat download Windows 10: https://vituperative.github.io/i2pchat/

Publishing[]

Routers[]

The Privacy Solutions project[]

The Privacy Solutions project,[70] a new organization that develops and maintains I2P software, launched several new development efforts designed to enhance the privacy, security, and anonymity for users, based on I2P protocols and technology.

These efforts include:[71]

The code repository and download sections for the i2pd and Abscond project is available for the public to review and download.[73] Effective January, 2015 i2pd is operating under PurpleI2P.[74]

Android[]

I2P running on Android.

Cryptocurrency[]

Some cryptocurrencies that support I2P are listed below.

Terminology[]

I2P's mascot, itoopie, who is looking through a magnifying glass.[78]
Eepsite
Eepsites are websites that are hosted anonymously within the I2P network. Eepsite names end in .i2p, such as ugha.i2p or forum.i2p. EepProxy can locate these sites through the cryptographic identifier keys stored in the hosts.txt file found within the I2P program directory. Typically, I2P is required to access these eepsites.[79]
.i2p
'I2p' is a pseudo-top-level domain which is only valid within the I2P overlay network scope. .i2p names are resolved by browsers by submitting requests to EepProxy which will resolve names to an I2P peer key and will handle data transfers over the I2P network while remaining transparent to the browser.[80]
EepProxy
The EepProxy program handles all communication between the browser and any eepsite. It functions as a proxy server that can be used by any web browser.
Peers, I2P nodes
Other machines using I2P that are connected to user's machine within the network. Each machine within the network shares the routing and forwarding of encrypted packets.
Tunnels
Every ten minutes, a connection is established between the user's machine and another peer. Data to and from the user, along with the data for other peers (routed through the user's machine), pass through these tunnels and are forwarded to their final destination (may include more jumps).[81]
netDb
The distributed hash table (DHT) database based on the Kademlia algorithm that holds information on I2P nodes and I2P eepsites. This database is split up among routers known as "floodfill routers". When a user wants to know how to contact an eepsite, or where more peers are, they query the database.[82][79]

Vulnerabilities[]

Denial of service attacks are possible against websites hosted on the network, though a site operator may secure their site against certain versions of this type of attack to some extent.[83][84]

A zero-day vulnerability was discovered for I2P in 2014, and was exploited to de-anonymize at least 30,000 users. This included users of the operating system Tails.[85] This vulnerability was later patched.[86][87]

A 2017 study examining how forensic investigators might exploit vulnerabilities in I2P software to gather useful evidence indicated that a seized machine which had been running I2P router software may hold unencrypted local data that could be useful to law enforcement. Records of which eepsites a user of a later-seized machine was interested in may also be inferred. The study identified a "trusted" I2P domain registrar ("NO.i2p") which appeared to have been abandoned by its administrator, and which the study identified as a potential target for law enforcement takeover. It alternatively suggested waiting for NO.i2p's server to fail, only to social engineer the I2P community into moving to a phony replacement. Another suggestion the study proposed was to register a mirror version of a target website under an identical domain.[84]

I2PCon[]

David Dagon presenting at the first I2Pcon.

From August 15, 2015 to August 16, 2015 the first I2P convention was held in Toronto, Ontario.[88] The conference was hosted by a local hackerspace, Hacklab. The conference featured presentations from I2P developers and security researchers.

August 15, 2015 mainly had presentations on the past growth of the I2P network, a talk on what happens when companies sell people's personal information, and a round-table discussion on general privacy and security topics. The day ended with a CryptoParty, which helped to introduce new users to installing I2P, sending secure emails with I2P-Bote, and using I2P along with Vuze.

August 16, 2015 had more technical discussions than the previous day. The talks focused on how to dissuade bad-actors from using the network, how I2P has worked computer connection limits, how to do application development using I2P, and the development of the Android version. This day ended with a development meeting.

Cultural references[]

In House of Cards season 2 episode 2, I2P is referenced.[89]

See also[]

Software[]

References[]

  1. ^ a b "I2P Project Members". geti2p.net. Retrieved 22 November 2015.
  2. ^ "I2P Roadmap". geti2p.net.
  3. ^ "Licenses", Get involved, Get I2P.
  4. ^ Gallagher, Sean (2015-01-13). "Under the hood of I2P, the Tor alternative that reloaded Silk Road". Ars Technica. Archived from the original on 2019-07-12. Retrieved 2019-08-17.
  5. ^ "Anonymity Networks: VPNs, Tor, and I2P | Restore Privacy".
  6. ^ Get I2P (blog).
  7. ^ "Benefits of Tor over I2P". I2P Dev Team. Retrieved 23 December 2013.
  8. ^ "Garlic Routing - I2P". geti2p.net.
  9. ^ "IIP", Invisible IP, Source forge.
  10. ^ "Jrandom's Announcement - I2P". geti2p.net. Retrieved 2017-07-15.
  11. ^ "ElGamal/AES + SessionTag Encryption - I2P". geti2p.net.
  12. ^ "Crypto/ECDSA – I2P Bugtracker". trac.i2p2.de.
  13. ^ zzz (8 February 2014). "0.9.11 Release". geti2p.net.
  14. ^ zzz (31 March 2014). "0.9.12 Release". geti2p.net.
  15. ^ zzz (22 May 2014). "0.9.13 Release". geti2p.net.
  16. ^ zzz (26 July 2014). "0.9.14 Release". geti2p.net.
  17. ^ zzz (9 August 2014). "0.9.14.1 Release". geti2p.net.
  18. ^ zzz (20 September 2014). "0.9.15 Release". geti2p.net.
  19. ^ zzz (1 November 2014). "0.9.16 Release". geti2p.net.
  20. ^ zzz (30 November 2014). "0.9.17 Release". geti2p.net.
  21. ^ zzz (22 February 2015). "0.9.18 Release". geti2p.net.
  22. ^ zzz (12 April 2015). "0.9.19 Release". geti2p.net.
  23. ^ zzz (2 June 2015). "0.9.20 Release". geti2p.net.
  24. ^ zzz (31 July 2015). "0.9.21 Release". geti2p.net.
  25. ^ zzz (12 December 2015). "0.9.22 Release". geti2p.net.
  26. ^ str4d (19 November 2015). "0.9.23 Release". geti2p.net.
  27. ^ zzz (27 January 2016). "0.9.24 Release". geti2p.net.
  28. ^ zzz (3 March 2016). "0.9.25 Release". geti2p.net.
  29. ^ zzz (7 June 2016). "0.9.26 Release". geti2p.net.
  30. ^ zzz (17 October 2016). "0.9.27 Release". geti2p.net.
  31. ^ zzz (12 December 2016). "0.9.28 Release". geti2p.net.
  32. ^ zzz (27 February 2017). "0.9.29 Release". geti2p.net.
  33. ^ zzz (3 May 2017). "0.9.30 Release". geti2p.net.
  34. ^ zzz (7 August 2017). "0.9.31 Release". geti2p.net.
  35. ^ zzz (11 November 2017). "0.9.32 Release". geti2p.net.
  36. ^ zzz (30 January 2018). "0.9.33 Release". geti2p.net.
  37. ^ zzz (10 April 2018). "0.9.34 Release". geti2p.net.
  38. ^ zzz (26 June 2018). "0.9.35 Release". geti2p.net.
  39. ^ zzz (23 August 2018). "0.9.36 Release". geti2p.net.
  40. ^ zzz (4 October 2018). "0.9.37 Release". geti2p.net.
  41. ^ zzz (22 January 2019). "0.9.38 Release". geti2p.net.
  42. ^ zzz (21 March 2019). "0.9.39 Release". geti2p.net.
  43. ^ zzz (7 May 2019). "0.9.40 Release". geti2p.net.
  44. ^ zzz (2 July 2019). "0.9.41 Release". geti2p.net.
  45. ^ zzz (28 August 2019). "0.9.42 Release". geti2p.net.
  46. ^ zzz (22 October 2019). "0.9.43 Release". geti2p.net.
  47. ^ zzz (1 December 2019). "0.9.44 Release". geti2p.net.
  48. ^ zzz (25 February 2020). "0.9.45 Release". geti2p.net.
  49. ^ zzz (25 May 2020). "0.9.46 Release". geti2p.net.
  50. ^ zzz (24 August 2020). "0.9.47 Release". geti2p.net.
  51. ^ zzz (30 November 2020). "0.9.48 Release". geti2p.net.
  52. ^ "SAM", API, I2P.
  53. ^ "BOB", API, Get I2P.
  54. ^ "GitHub - subgraph/Orchid". 7 March 2019 – via GitHub.
  55. ^ I2P Bittorrent FAQ (forum), DE: i2p2, archived from the original on 2011-11-03.
  56. ^ The Hunting of the Snark Project – BitTorrent Application Suite, Klomp.
  57. ^ "How To for I2P Network Plugin", I2PHelper (Howto) (setup tutorial), Vuze.
  58. ^ "Rufus – BitTorrent Client". Sourceforge..
  59. ^ "GitHub - majestrate/XD: i2p bittorrent client". 22 March 2019 – via GitHub.
  60. ^ "r/i2p - Introducing MuWire - a file-sharing application for I2P". reddit. Retrieved 2019-12-17.
  61. ^ "Vuze Speeds Up Torrent Downloads Through "Swarm Merging"". TorrentFreak. 20 March 2015. Retrieved 4 June 2016.
  62. ^ "I2PHelper HowTo". VuzeWiki. Retrieved 4 June 2016.
  63. ^ Introducing I2P, Nov 10, 2015
  64. ^ "PurpleI2P/i2pd". GitHub. Retrieved 2018-08-20.
  65. ^ "Invisible Internet Protocol Daemon". i2pd.website. Retrieved 2018-08-20.
  66. ^ "Archived copy". Archived from the original on 2017-11-07. Retrieved 2017-10-30.CS1 maint: archived copy as title (link)
  67. ^ "What is the difference between i2pd and Kovri?". StackExchange. Retrieved 4 March 2017.
  68. ^ "Kovri - Moneropedia". GetMonero. Retrieved 4 March 2017.
  69. ^ "What use cases will Kovri have for Monero?". StackExchange.
  70. ^ Privacy Solutions project, archived from the original on 19 Apr 2018.
  71. ^ List of ongoing Privacy Solutions projects.
  72. ^ "Invisible Internet Protocol Daemon". i2pd.website.
  73. ^ Active development, The Privacy Solutions
  74. ^ Active development, Purple I2P
  75. ^ Android App Releases
  76. ^ Discontinued, Nightweb.
  77. ^ "Add I2P support using I2P SAM by vasild · Pull Request #20685 · bitcoin/bitcoin". GitHub. Retrieved 2021-04-03.
  78. ^ "I2P con 2015 - Growing the Network, Spreading the Word, 03:41". YouTube.
  79. ^ a b "Intro". I2P. Retrieved 4 June 2016.
  80. ^ "Naming and Addressbook - I2P". geti2p.net. Retrieved 4 June 2016.
  81. ^ "Tunnel Routing". I2P. Retrieved 4 June 2016.
  82. ^ "The Network Database". I2P. Retrieved 4 June 2016.
  83. ^ Kack, Christopher (2012-09-11). "Layer 7 DOS against I2P darknet". Kejsarmakten:Development. Archived from the original on 2012-10-14. Retrieved 2021-03-13.
  84. ^ a b Bazli, Behnam; Wilson, Maxim; Hurst, William (2017-01-01). "The dark side of I2P, a forensic analysis case study". Systems Science & Control Engineering. 5 (1): 278–286. doi:10.1080/21642583.2017.1331770.
  85. ^ Storm, Darlene (2014-07-24). "Zero-day broker exploits vulnerability in I2P to de-anonymize Tails users". Computerworld. Retrieved 2021-03-13.
  86. ^ "I2P patched against de-anonymizing 0-day, Tails integration still to follow". Help Net Security. 2014-07-29. Retrieved 2021-03-13.
  87. ^ "0.9.14 Release - Blog - I2P". geti2p.net. Retrieved 2021-03-13.
  88. ^ "I2PCon: Mission Accomplished - Blog". I2P. Retrieved 4 June 2016.
  89. ^ "Hacker-Turned-Consultant Helps 'House Of Cards'". New Orleans Public Radio. 9 April 2014. Retrieved 4 October 2017.

External links[]