I have always found it more interesting than Tor. After learning some Java, I read through the code, even compiled seminole Monotone DVCS(ironically difficult, because of the recently mentioned legacy version of the Botan C++ crypto library), but it is all a little beyond me.
Perhaps one of the coolest projects I'd seen in a while was Nightweb, a I2P-layered distributed social network, written in Clojure, flashing all the hipster programming bling as it be.
I have always wondered if it gets the same level of scrutiny or interest from researchers or nation states, as it was largely self-contained and not meant to onion route to public Internet like Tor (judging from my reading of the design).
Please, HNers, school me and impress me with your I2P trivia and knowledge.
I2P interest and development has grown with the direct monetization path of more anonymous cryptocurrencies that have attempted to partner with I2P over the years, such as Monero
There have been other cryptocurrencies that had the ethos of being anonymous, such as "anoncoin" but functioned exactly like bitcoin and never was able to develop their obfuscation layer
None of the cryptocurrency communities have successfully integrated with I2P.
The primary goal being to include a native I2P routing client within all of the respective cryptocurrency's daemon's and client software.
(Most cryptocurrencies broadcast a lot of information about you to the nodes, and when you really dive into it, the result is a little unsettling. In this regard it is kind of like bittorrent where other peers in the network can see information about you.)
As far as formal partnerships go, Anoncoin was the closest, where they got some public mention from the I2P stewards, and had icons on the I2P dashboard when you logged into that darknet. Anoncoin's steward disappeared with an unsuccessful zerocoin implementation and exit scam.
This was 2014.
Monero is an opaque blockchain that has worked out of the box as a private cryptocurrency since early 2014. My cryptocurrency market capitalization, it has remained around #10 for two years.
It is one of the more actively developed cryptocurrencies, and I2P integration is still on their roadmap.
There's nothing else to really say about I2P. There hasn't been much public research into how it works or vulnerabilities, as with the TOR network. I understand it works quite a bit differently, and what I do know is appealing.
But it is currently "meh". Some sites that are super annoying to TOR users, work extremely well under I2P and don't detect that you are not a clearnet user.
>> I have always wondered if it gets the same level of scrutiny or interest from researchers or nation states
My guess is the I2P gets more scrutiny from the US government, because it's much harder to break versus TOR(for which there we're always probably some attacks). It might even be that TOR is a government response for the demand for anonymizing networks - funded specifically in order for the anonymity community to do something else than I2P and anonymous remailers, and seems that the community mostly went with it.
(I can't get the I2P explanation/comparison on their official site right now; not sure it's me or them, haha.)
Again, I read a while back. I am pleased to know it is more secure.
Personally, I liked they had easily accessible Android builds directly from them at the time. But the Tor devs do so much good development, tech writing on the blog, and research publication it is hard to love or hate either group as they save the Internet from itself.
>> My guess is the I2P gets more scrutiny from the US government, because it's much harder to break versus TOR
> How so? Is this what is alluded to by "onion vs garlic" routing design?
For one, it is a closed overlay network. There are no "exit nodes" (well, not unless someone explicitly setup a proxy to provide "exit" functionality). So everything that happens anywhere within I2P remains inside I2P.
So any attacks on TOR that require control of one or more exit nodes in the TOR network to function will not directly function against I2P (no exit nodes).
Now, that has no bearing upon whether there are other, different, exploits in I2P that would break its hidden aspects, but you can at least know you are immune when using I2P to any TOR exploit that requires exit nodes.
(Again, I am having trouble with the geti2p.net site, which I believe is an public Internet<->I2P HTTP service bridge, which was originally the only outside view in.)
Are they similar? Not sure. To agree with you, I believe the culture and philsophy of Tor is looking out, with exit nodes. I2P was designed to only look in, and the out proxies and bridges are run by select volunteers as a convenience and not the priority.
My favorite part of I2P was there POP3 mailer service, but testing it with friends never seemed to work great.
It's been a long time since i read about those subjects, but from what i remember - TOR is a low-latency network, which is required for regular web sites to work. This means the network can do little to randomize/mess with packet timing, and thus leaks packet timing which theoretically(and practically) can expose them to timing attacks.
The onion network, on the other hand, does support high-latency connections.
> Please, HNers, school me and impress me with your I2P trivia and knowledge.
even if you didn't ask this, this is what many HN users would feel they read. Be prepared for a flood of replies telling you precisely how you are not quite perfectly right, or, are blatantly wrong and moronic, because they themselves are perfect and all-knowing, and you yourself must be lacking in the department of subtlely and nuance. ;-)
I read through some of the high level docs, but can someone simply explain how a user discovers other nodes in the network? I started reading the netDB docs [0] but it was pretty dense.
From the Bootstrapping section of the link you provided..
>volunteers publish their netDb directories (or a subset) on the regular (non-i2p) network, and the URLs of these directories are hardcoded in I2P. When the router starts up for the first time, it automatically fetches from one of these URLs, selected at random.
OK, so you put your IP address into several centralized DB's on the regular internet, then when I2P starts it randomly fetches from one of those repositories.
It would be really cool to have an I2P transport in ZeroMQ, and could be quite simple as I2P's messaging maps directly to the datagram model ZeroMQ uses. Or vice-versa.
zzz is our BDFL. If you really would like to know, come meet the I2P folks at 33C3 or potentially HOPE if you live in NA. CCC is better since I2P typically has a table there.
Do you have any thoughts on HORNET? Could I2P benefit from a more stateless routing mechanism as opposed to tunnels in the far future?
Are any of the devs going to defcon this year? I tried to get a small meetup going last year in the privacy village but no turnout, would love to make something official.
I'm working on Go implementation here: https://github.com/hkparker/go-i2p. Haven't made to irc2p to introduce myself yet but I will. Are there any devs who might be interested in contributing?
Privacy of developers seems a priority. Without any detail of course, can you comment on how necessary this has been. Is it irresponsible of me to work on an implementation in the clear?
;) My contributions are relatively minor and I2P (as well as other crypto systems) is something I really believe in.
> Do you have any thoughts on HORNET? Could I2P benefit from a more stateless routing mechanism as opposed to tunnels in the far future?
It's been a while since I read the HORNET paper, but as I remember it, HORNET relied heavily on ISP level cooperation which is just not realistic.
However, the idea of reducing state is a very good one. Going forward I hope to see more cryptographic systems that aspire to reduce overall state.
> I'm working on Go implementation here: https://github.com/hkparker/go-i2p. Haven't made to irc2p to introduce myself yet but I will. Are there any devs who might be interested in contributing?
Currently there are 3 implementations of I2P apart from yours. The original java one, i2pd[1] and kovri[2]. We all cooperate and discuss specifications to maintain interoperability. However the alternative implementations are not maintained under the I2P project as the developers of them desire to be separate.
I was previously unaware of your Go implementation, but you should definitely head over to #i2p-dev and say hi. You can find me under the nick hottuna there.
> Privacy of developers seems a priority. Without any detail of course, can you comment on how necessary this has been. Is it irresponsible of me to work on an implementation in the clear?
About privacy, people have taken various stances. Some a truly anonymous, some are semi anonymous, and some like me are not anonymous. Maintaining privacy for a while might be a good idea. You can always get less anonymous, but going the other way is harder.
Some of the Monero Kovri developers are known, public people, there's no problem with that at all if you choose to be public. There's really no longer as much of a stigma for people who are working on privacy projects:)
I am quite interested in go-i2p myself. How usable is it?
As for HORNET, I saw a minor Go impl of the ideas [0] along w/ a tiny mailing list post [1]. While it does appear to be made for backbone network devices, I believe the concept of onion routing w/ basically multi-hop TLS can be done in layer 7. I think the one thing missing is an implementation people can use and depend on (definitely outside of my present abilities).
I don't think it's much of an issue to work on i2p in the clear. It may be that is a main component why tor was able to thrive so well, their developers weren't shadowy internet nyms so people felt more comfortable giving money to fund them. The dev channel is also on freenode via #i2p-dev if anyone wants to join and contribute.
Pardon my naivete concerning I2P. Every node is a "router" right and therefore any node can be part of any "tunnel", correct? Does anything incentivize them to equitably share bandwidth, or is it like bittorrent where many rely on people's fairness?
Tor and I2P critically rely on donations. Incentive design has been an unsolved problem for decades. Bittorrent advanced the field with a very simple and effective T4T. There is a famous blogpost from 2014 giving the state-of-the-art in privacy-enhancing technology incentives:
https://blog.torproject.org/blog/tor-incentives-research-rou...
I'm leading a research group at a university who has worked on this since 2007, see our initial collaborative work with Harvard University "Bandwidth as a Currency": https://www.google.com/webhp?q=bandwidth+as+a+currency
We need "privacy credits/coins" if we want Tor/I2P/Tribler to scale to numerous millions of users.
The incentive works in a kind of round about way, where the more nodes you talk to the more nodes you know and therefore the more fast/high capacity you know and can choose from.
So sharing more bandwidth leads to you knowing more nodes, which means you'll have better tunnels. So there is an incentive for you to share more.
What are the best ways to obscure I2P use from ISPs and other network observers? Is it workable to use commercial VPNs with port forwarding?
Also, how workable is nesting I2P in Tor, and vice versa? For example, can I2P nodes be Tor onion services? At one point, the JonDo client had a Tor SOCKS5 proxy option. Is that possible with I2P?
> What are the best ways to obscure I2P use from ISPs and other network observers? Is it workable to use commercial VPNs with port forwarding?
I can't tell you a lot about obscuring I2P usage, personally I typically get a cheap VPS somewhere and do ssh/autossh port forwarding to it, but not for privacy reasons.
> Also, how workable is nesting I2P in Tor, and vice versa? For example, can I2P nodes be Tor onion services? At one point, the JonDo client had a Tor SOCKS5 proxy option. Is that possible with I2P?
Running I2P inside Tor or vice versa is common idea. I can't tell you if it is practically possible, but technically it is.
However a setup like that does suffer from diminishing returns in terms of security and performance.
There is an I2P plugin called Orchid[1] that adds Tor outproxying to the regular internet to I2P.
* Anonymity network similar to TOR in some ways, but rather than focusing on getting someone out to the internet anonymously, I2P is a low-latency mix network with no out proxies. See: https://ritter.vg/blog-mix_and_onion_networks.html
* Virtually every I2P router relays traffic, unlike TOR the network is very "flat". Directory servers are replaced with a DHT called the netDB.
Recently I've been working on a Go implementation of the I2P router: https://github.com/hkparker/go-i2p. It isn't on the network yet, would be really interested in working with anyone who wants to contribute.
To clarify, since modernity has stripped us of patience: "low latency" here means on the order of 1500ms, not tens of ms, as most people expect. As opposed to tens of seconds or minutes in mix message protocols.
I ran a i2p router for year, mostly because I didn't mind. This is a kind of a hen-egg-problem, I guess. There is not any content in i2p I'm aware off besides a torrent site. And I probably don't want to know what the content is I'm not aware of.
While I think this is in theory much cooler than tor, it's a way less practical, i guess.
I2P vs Tor is common topic, but the reality is that the projects are quite different while aiming to serve many of the same goals.
I2P is decentralized and Tor offers exit nodes for example.
But both projects serve to maintain the option of free speech on the internet, no matter how digitally repressive the country you happen to live in might be (US/China/Iran/Syria).
58 comments
[ 2.9 ms ] story [ 113 ms ] threadPerhaps one of the coolest projects I'd seen in a while was Nightweb, a I2P-layered distributed social network, written in Clojure, flashing all the hipster programming bling as it be.
https://github.com/oakes/Nightweb
I have always wondered if it gets the same level of scrutiny or interest from researchers or nation states, as it was largely self-contained and not meant to onion route to public Internet like Tor (judging from my reading of the design).
Please, HNers, school me and impress me with your I2P trivia and knowledge.
There have been other cryptocurrencies that had the ethos of being anonymous, such as "anoncoin" but functioned exactly like bitcoin and never was able to develop their obfuscation layer
It is all still in its infancy
You got stuff I can read? I am curious about the I2P culture, if you are in the know.
The primary goal being to include a native I2P routing client within all of the respective cryptocurrency's daemon's and client software.
(Most cryptocurrencies broadcast a lot of information about you to the nodes, and when you really dive into it, the result is a little unsettling. In this regard it is kind of like bittorrent where other peers in the network can see information about you.)
As far as formal partnerships go, Anoncoin was the closest, where they got some public mention from the I2P stewards, and had icons on the I2P dashboard when you logged into that darknet. Anoncoin's steward disappeared with an unsuccessful zerocoin implementation and exit scam.
This was 2014.
Monero is an opaque blockchain that has worked out of the box as a private cryptocurrency since early 2014. My cryptocurrency market capitalization, it has remained around #10 for two years.
It is one of the more actively developed cryptocurrencies, and I2P integration is still on their roadmap.
There's nothing else to really say about I2P. There hasn't been much public research into how it works or vulnerabilities, as with the TOR network. I understand it works quite a bit differently, and what I do know is appealing.
But it is currently "meh". Some sites that are super annoying to TOR users, work extremely well under I2P and don't detect that you are not a clearnet user.
If you want some general information on Monero then this is a good talk on Bitcoin privacy and on what Monero is and does: https://www.youtube.com/watch?v=YVlQE-ObEXk
My guess is the I2P gets more scrutiny from the US government, because it's much harder to break versus TOR(for which there we're always probably some attacks). It might even be that TOR is a government response for the demand for anonymizing networks - funded specifically in order for the anonymity community to do something else than I2P and anonymous remailers, and seems that the community mostly went with it.
How so? Is this what is alluded to by "onion vs garlic" routing design?
http://resources.infosecinstitute.com/anonymizing-networks-t...
(I can't get the I2P explanation/comparison on their official site right now; not sure it's me or them, haha.)
Again, I read a while back. I am pleased to know it is more secure.
Personally, I liked they had easily accessible Android builds directly from them at the time. But the Tor devs do so much good development, tech writing on the blog, and research publication it is hard to love or hate either group as they save the Internet from itself.
> How so? Is this what is alluded to by "onion vs garlic" routing design?
For one, it is a closed overlay network. There are no "exit nodes" (well, not unless someone explicitly setup a proxy to provide "exit" functionality). So everything that happens anywhere within I2P remains inside I2P.
So any attacks on TOR that require control of one or more exit nodes in the TOR network to function will not directly function against I2P (no exit nodes).
Now, that has no bearing upon whether there are other, different, exploits in I2P that would break its hidden aspects, but you can at least know you are immune when using I2P to any TOR exploit that requires exit nodes.
https://www.reddit.com/r/i2p/comments/46yan0/are_i2p_outprox...
(Again, I am having trouble with the geti2p.net site, which I believe is an public Internet<->I2P HTTP service bridge, which was originally the only outside view in.)
Are they similar? Not sure. To agree with you, I believe the culture and philsophy of Tor is looking out, with exit nodes. I2P was designed to only look in, and the out proxies and bridges are run by select volunteers as a convenience and not the priority.
My favorite part of I2P was there POP3 mailer service, but testing it with friends never seemed to work great.
https://zwadderneel.wordpress.com/2011/05/04/thunderbird-as-...
You should try it out with I2P-Bote instead, it also has inbuilt hooks so you can use it through your favourite mail client.
It's been a long time since i read about those subjects, but from what i remember - TOR is a low-latency network, which is required for regular web sites to work. This means the network can do little to randomize/mess with packet timing, and thus leaks packet timing which theoretically(and practically) can expose them to timing attacks.
The onion network, on the other hand, does support high-latency connections.
even if you didn't ask this, this is what many HN users would feel they read. Be prepared for a flood of replies telling you precisely how you are not quite perfectly right, or, are blatantly wrong and moronic, because they themselves are perfect and all-knowing, and you yourself must be lacking in the department of subtlely and nuance. ;-)
[0] https://geti2p.net/en/docs/how/network-database
>volunteers publish their netDb directories (or a subset) on the regular (non-i2p) network, and the URLs of these directories are hardcoded in I2P. When the router starts up for the first time, it automatically fetches from one of these URLs, selected at random.
Do you have any thoughts on HORNET? Could I2P benefit from a more stateless routing mechanism as opposed to tunnels in the far future?
Are any of the devs going to defcon this year? I tried to get a small meetup going last year in the privacy village but no turnout, would love to make something official.
I'm working on Go implementation here: https://github.com/hkparker/go-i2p. Haven't made to irc2p to introduce myself yet but I will. Are there any devs who might be interested in contributing?
Privacy of developers seems a priority. Without any detail of course, can you comment on how necessary this has been. Is it irresponsible of me to work on an implementation in the clear?
;) My contributions are relatively minor and I2P (as well as other crypto systems) is something I really believe in.
> Do you have any thoughts on HORNET? Could I2P benefit from a more stateless routing mechanism as opposed to tunnels in the far future?
It's been a while since I read the HORNET paper, but as I remember it, HORNET relied heavily on ISP level cooperation which is just not realistic. However, the idea of reducing state is a very good one. Going forward I hope to see more cryptographic systems that aspire to reduce overall state.
> I'm working on Go implementation here: https://github.com/hkparker/go-i2p. Haven't made to irc2p to introduce myself yet but I will. Are there any devs who might be interested in contributing?
Currently there are 3 implementations of I2P apart from yours. The original java one, i2pd[1] and kovri[2]. We all cooperate and discuss specifications to maintain interoperability. However the alternative implementations are not maintained under the I2P project as the developers of them desire to be separate. I was previously unaware of your Go implementation, but you should definitely head over to #i2p-dev and say hi. You can find me under the nick hottuna there.
> Privacy of developers seems a priority. Without any detail of course, can you comment on how necessary this has been. Is it irresponsible of me to work on an implementation in the clear?
About privacy, people have taken various stances. Some a truly anonymous, some are semi anonymous, and some like me are not anonymous. Maintaining privacy for a while might be a good idea. You can always get less anonymous, but going the other way is harder.
[1] https://github.com/PurpleI2P/i2pd
[2] https://github.com/monero-project/kovri
As for HORNET, I saw a minor Go impl of the ideas [0] along w/ a tiny mailing list post [1]. While it does appear to be made for backbone network devices, I believe the concept of onion routing w/ basically multi-hop TLS can be done in layer 7. I think the one thing missing is an implementation people can use and depend on (definitely outside of my present abilities).
0 - https://github.com/LightningNetwork/lightning-onion 1 - https://lists.linuxfoundation.org/pipermail/lightning-dev/20...
Tor and I2P critically rely on donations. Incentive design has been an unsolved problem for decades. Bittorrent advanced the field with a very simple and effective T4T. There is a famous blogpost from 2014 giving the state-of-the-art in privacy-enhancing technology incentives: https://blog.torproject.org/blog/tor-incentives-research-rou...
I'm leading a research group at a university who has worked on this since 2007, see our initial collaborative work with Harvard University "Bandwidth as a Currency": https://www.google.com/webhp?q=bandwidth+as+a+currency
We need "privacy credits/coins" if we want Tor/I2P/Tribler to scale to numerous millions of users.
So sharing more bandwidth leads to you knowing more nodes, which means you'll have better tunnels. So there is an incentive for you to share more.
Also, how workable is nesting I2P in Tor, and vice versa? For example, can I2P nodes be Tor onion services? At one point, the JonDo client had a Tor SOCKS5 proxy option. Is that possible with I2P?
I can't tell you a lot about obscuring I2P usage, personally I typically get a cheap VPS somewhere and do ssh/autossh port forwarding to it, but not for privacy reasons.
> Also, how workable is nesting I2P in Tor, and vice versa? For example, can I2P nodes be Tor onion services? At one point, the JonDo client had a Tor SOCKS5 proxy option. Is that possible with I2P?
Running I2P inside Tor or vice versa is common idea. I can't tell you if it is practically possible, but technically it is. However a setup like that does suffer from diminishing returns in terms of security and performance.
There is an I2P plugin called Orchid[1] that adds Tor outproxying to the regular internet to I2P.
[1] http://plugins.i2p/plugins/orchid/
For those who don't know about I2P:
* Anonymity network similar to TOR in some ways, but rather than focusing on getting someone out to the internet anonymously, I2P is a low-latency mix network with no out proxies. See: https://ritter.vg/blog-mix_and_onion_networks.html
* Virtually every I2P router relays traffic, unlike TOR the network is very "flat". Directory servers are replaced with a DHT called the netDB.
Recently I've been working on a Go implementation of the I2P router: https://github.com/hkparker/go-i2p. It isn't on the network yet, would be really interested in working with anyone who wants to contribute.
While I think this is in theory much cooler than tor, it's a way less practical, i guess.
Anecdotally, I've seen a lot of document management and ERP servers running on I2P. Bandwidth is decent, and you can't beat the security.
I2P is decentralized and Tor offers exit nodes for example.
But both projects serve to maintain the option of free speech on the internet, no matter how digitally repressive the country you happen to live in might be (US/China/Iran/Syria).