I2P

I2P ( Abbreviation for: Invisible Internet Project; German: Invisible Internet Project) is a free software project with the aim of creating an anonymous and pseudonymes network, which is a simple transfer layer with the benefit of anonymity and security for application software provides. The network itself is message-based ( such as IP ), but also provides a library that data transmission and streaming of data and allows TCP similar. The communication is encrypted multiple times at both ends, for a total of three layers to encrypt each data packet can be used. Also, the receiving points of the data packets are in turn protected by encryption method. For the most part, these consist of a pair of public keys.

Although most of the software developers previously part of the "Invisible IRC Project" - were and Freenet community, significant differences between the concept and the design of I2P are already recognizable at first glance. Invisible IRC is an anonymous, centralized IRC server and Freenet is a censorship- resistant, distributed over several clients data storage. I2P, however, is an anonymous, peer-to -peer distributed communication layer that was designed for any conventional protocol such as Usenet, email, IRC, HTTP, HTTPS, Telnet, XMPP, IPv4 and IPv6, as well as the traditional distributed applications support (eg Squid or DNS). There are various I2P services in development such as Syndie ( authenticatable and anonymous blog), I2PSnark ( anonymous and integrated BitTorrent client), eepsites ( anonymous websites ), an anonymous e -mail program as well as an anonymous Internet Relay Chat.

• 4.1 I2PSnark
• 4.2 I2PRufus
• 4.3 Robert
• 4.4 i2p -bt
• 4.5 Transmission for I2P
• 4.6 I2Phex
• 4.7 iMule
• 4.8 Vuze
• 4.9 Susimail
• 4:10 I2P - Bote
• 4:11 I2P - Messenger
• 4:12 Syndiemedia
• 4:13 IRC

Realization

The core of the I2P application is written in Java. A Java runtime environment must therefore be installed.

Some of the services is integrated in the form of Web applications and accessible through the browser. The central role played in this respect the " router console " as the home page.

Other services are partially realized by the I2P service ( eg HTTP, IRC, Email, CVS ) works as a proxy, where it partially acts towards each client like a normal server. In this way, then, the normal client programs, such as Firefox, are used that need to be reconfigured to your own I2P-Server/Proxy only. These are usually different 4-digit port numbers are used.

There are also specially adapted supplementary programs: I2PSnark for BitTorrent in I2P and I2Phex, a I2P Gnutella Servent. The networks I2P Bittorrent and Gnutella are I2P, so here content must be provided separately with no connection to their non-anonymous father networks.

Version planning

I2P is a beta version on the classification of the developers and not yet offer the desired level of anonymity. This should be achieved in a version 1.0.

Interfaces

I2PTunnel

I2PTunnel in I2P is an embedded application that allows you to make any TCP / IP services over I2P available.

SAM

SAM is a protocol that allows to develop I2P -based programs in a wider range of programming languages.

BOB

BOB is another interface that allows to develop I2P -based programs in a wider range of programming languages.

Applications

I2PSnark

I2PSnark is an anonymous, in I2P as a web application integrated BitTorrent client. Thus, special I2P BitTorrent can be downloaded using the I2P - layer or generate.

I2PSnark also supports magnet links. Thus, it is possible to publish files only through the exchange of magnet links in the torrent network.

I2PRufus

I2PRufus is an anonymous, based on Rufus BitTorrent Client. Thus, special I2P BitTorrent can be downloaded using the I2P - layer or even generate, it must be installed separately.

Robert

Robert is a further development of I2PRufus. Instead he uses SAM BOB. Robert must be installed additionally.

I2p -bt

I2p -bt is a command line bittorrent client for I2P.

Transmission for I2P

Transmission for I2P is a port of the bittorrent client Transmission on the I2P network.

I2Phex

I2Phex is a work based on the open source program Phex P2P program. This is an anonymous Gnutella network within the I2P network. It must be installed separately. The discussion and coordination to I2Phex takes place in the forums of the project.

IMule

IMule is a work based on aMule program for anonymous file sharing over I2P.

Vuze

The open source program Vuze also has a I2P function; However, the suitability of previously could not be reproducibly traced, so the developers do not recommend the use.

Susimail

I2P has a free, pseudonymous e -mail service, which is hosted by " Postman ". Susimail was developed to avoid vulnerabilities of traditional e- mail clients. These clients will tell us about the real identity of the user and thus jeopardize the anonymity.

I2P - Bote

I2P - Bote is an end -to-end encrypted, network- internal and completely decentralized, serverless email system. It supports the creation and use of different identities and filters the mail headers so that only the really necessary, non- identifying Head release items are used (these are but then also encrypted ). This application is still in alpha stage, but is in active development. Currently, you can use it via the web interface, but for the future is POP3 support planned so that it can be used with any standard e -mail program. I2P - Bote additionally offers a high-latency transport similar to mixmaster or Mixminion that is to offer an even stronger anonymity. I2P - Bote is therefore also be called a remailer. The original author or sender of the messenger -mail can be offline long ago back when the messenger -mail when it arrives on the caching node. But for those who prefer a fast sending their messenger -mails is the swift do not have many computers relayed remain ( except of course on I2P ) and delayed method of shipping continues. Each user can decide how much anonymity and how much speed he wants.

Since all messenger - mail messages are automatically encrypted end-to- end, the content of the email is readable as plain text at any point, except for the sender and the receiver itself, eliminating the need for regular e -mail systems (and thus also at Susimail ) still exists, having to take care of the encryption and authentication of e- mails separately if you do not want, for example, that the operator of the e -mail server can read the contents of the emails.

Given that I2P - Bote is fully decentralized, there is of course no such mail server of different anonymous identities to each other could bring in compound ( keyword: Profiling): Even the forwarding and storing computer know neither the real sender nor its pseudonymous e- mail address, and only the last node of the ' high-latency ' mail routes and storing computer will ever know the anonymous recipient address. And even they remain subject, date, etc. secluded.

I2P - Messenger

Since early 2008, there is a program for instant messaging. It was initially based on the. NET technology, but was then completely rewritten and is now available as a subscription based on Qt I2P - Messenger. The I2P - Messenger connects directly (ie without using a central server ) via the local I2P router to the other party. Both communication partners can therefore be completely anonymous to each other. However, you can use the I2P - Messenger also to bypass the retention and bug-proof, untraceable communication with friends, acquaintances, colleagues or business partners. Since all communication over I2P goes, even the Internet Service Provider not determine with whom you actually communicated. The content is encrypted from end to end, and there is also, as mentioned above, a server would all handled via the communication could then collect statistical data. The development is currently still in the beta phase, but it is already quite suitable for everyday use, but there is no offline messages. From the upcoming version supports I2P - Messenger also search by user name or interests.

Syndiemedia

Syndiemedia, short Syndie, is the attempt to create a user-friendly and safe blogging tool, which uses the techniques of anonymous and secure systems, such as I2P, Tor, Freenet, MNet and others. The Content Distribution page is thereby detached from the system used; Syndie can be used over the web with all popular anonymizers. Syndie allows users to form network cross communities, rather than focusing on a specific network, and is therefore less dependent trends.

Syndies approach is to merge the security, anonymity and Kryptografiewelten with the ease and the user focus the blogging world. From the user standpoint, one can see Syndie as a secure distributed LiveJournal, while it is technically constructed much simpler. In March 2007 Syndie was issued as a separate project under the umbrella of I2P with the version 1.005a. Currently is currently (June 2013) version 1.103b.

IRC

There are also several IRC servers in I2P. This can at the address localhost: 6668 can be achieved ( localhost/6668 or in some IRC programs ), provided that I2P running on the same computer. Otherwise, the IP of the computer is to be used, on which the I2P router is running. Channels are # i2p -de, # i2p -help, # i2p -chat and # i2p. If you do not want to join anonymously and I2P these spaces or can, there is still the possibility of access via Freenode. The room name there are the same and there is Chan Gates.

Outproxy

The I2P community operates a outproxy. Such outproxy allows users to access shared Web sites outside of the I2P network.

Unlike Tor

While Tor mainly provides anonymous proxy server for various Internet services such as IRC, email or HTTP, I2P primarily occurs at all within the network. The advantage of this is that while the payload is end - to-end encrypted. This is even when the gate is hidden services of the case, but not if one uses Tor to use normal, publicly accessible Web services.

The same goes for e- mails that go through a I2P - internal server ( Susimail ): These are only from sender to server and from the server is encrypted to the recipient - I2P - Bote is not affected since it is serverless.

I2P is in contrast to gate from without central node database ( directory server ) and is thus fully decentralized. The node list is in I2P instead by the most powerful nodes (called floodfill peers ) using the Kademlia algorithm maintained as a distributed database. Because there is no central instance with the node list, so at least the address of another I2P participant must be known in order to participate in the I2P network can at the start of I2P. From this station you can then get the information to other I2P nodes. To bypass this startup problem, some I2P participants regularly publish the list of nodes on different websites. The I2P client tries to automatically retrieve these sites at the start to get over to addresses of I2P nodes.

Also I2P uses only one-way tunnel, which is helpful in the defense against timing attacks, since a request and the response, do not take the same path. However, this also doubles the number of constructed tunnel, which in turn increases the probability to establish a tunnel with nodes that are under the control of an attacker. This could be possible for this attacker may deanonymization the traffic relationship between sender and receiver.

Furthermore, in I2P come in addition to onion routing and garlic messages used. These realize the end-to -end encryption within the I2P network and combine one or more messages that are decoded jointly at the receiver. The individual messages need not necessarily all be for the recipient determines, but can sometimes also forwarding and delay instructions included. This would be especially interesting for non-time- critical services, as realized by the delay temporal decoupling of message forwarding can strengthen anonymity. However, this delay function is currently only planned and not implemented. In principle I2P would be so even without a tunnel is established that is solely through the use of forwarding within the garlic messages anonymously usable by the message to be forwarded even a garlic message to the next node in the route is again, etc. By default, this type of message forwarding but not used.

In 2011, an invasive procedure on the I2P network was documented and shown that an attacker with modest resources, the identity of a HTTP service ( a " eepsite " ) can find out. This attack is, according to the I2P developers through further optimization of the security ( inter alia, the tunnels are now over 3 Router directed ) is no longer possible, since in the meantime the I2P network has grown rapidly to users.

Sources

Related Projects

• Freenet
• Tor ( network)
• Retroshare
• GNUnet