I2P

I2P — The Anonymous Network

Stable release	0.8.11 / November 8, 2011; 3 months ago (2011-11-08)
Operating system	Cross-platform
Type	Overlay network
License	Free/Open Source - Multiple licenses Public domain, BSD, GPL, MIT, Artistic license
Website	http://www.i2p2.de/

I2P (originally from pseudomathematical notation I²P, short for Invisible Internet Project,^[1] although it is not commonly referred to by this name anymore) is a mixed-license, free and open source project building an anonymous network (or, more accurately, a pseudonymous overlay network).

The network is a simple layer that applications can use to anonymously and securely send messages to each other. Possible uses include anonymous surfing, chatting, blogging and file transfers.

The application itself is called an I2P router and a computer running I2P is called an I2P node - whereas those, too, are often referred to as routers.

Contents 1 Technical design 2 Software 2.1 General networking 2.2 File sharing 2.3 E-mail 2.4 Instant messaging 2.5 Blogging 3 Terminology 4 See also 5 References 6 External links

Technical design

I2P is beta software. Developers emphasize that there are likely to be bugs in the software and that there has been insufficient peer review to date. However, they believe the code is now reasonably stable and well-developed, and more exposure can help development of I2P.

The network itself is strictly message-based (like IP), but there is a library available to allow reliable streaming communication on top of it (similar to TCP, although from version 0.6 there is a new UDP-based SSU transport). All communication is end-to-end encrypted (in total there are four layers of encryption used when sending a message), and even the end points ("destinations") are cryptographic identifiers (essentially a pair of public keys), so that neither sender nor recipient of a message need to reveal their IP address to the other side or to third-party observers.

Although many of the developers had been a part of the IIP and Freenet communities, there are significant differences between their designs and concepts. IIP was an anonymous centralized IRC server. Freenet is a censorship-resistant distributed data store. I2P is an anonymous peer-to-peer distributed communication layer designed to run any traditional internet service (e.g. Usenet, E-mail, IRC, file sharing, Web hosting and HTTP, Telnet), as well as more traditional distributed applications (e.g. a distributed data store, a web proxy network using Squid, or DNS).

Many developers of I2P are known only under pseudonyms. While the previous main developer, jrandom, is currently on hiatus, others, such as zzz and Complication have continued to lead development efforts, and are assisted by numerous contributors.^[2]

Software

Since I2P is an anonymous network layer, it is designed so other software can use it for anonymous communication. As such there are a variety of tools currently available for I2P or in development.

The I2P router is controlled through the router console which is a web frontend accessed through a web browser.

General networking

• I2PTunnel is an application embedded into I2P that allows arbitrary TCP/IP applications to communicate over I2P by setting up "tunnels" which can be accessed by connecting to pre-determined ports on localhost.
• SAM is a protocol which allows a client application written in any language to communicate over I2P, by using a socket-based interface to the I2P router.^[3]

File sharing

• Several programs provide BitTorrent functionality for use within the I2P network. Each relies on the user being able to access the I2P network with a web browser to download the .torrent files. Users cannot connect to non-I2P torrents or peers from within I2P, nor can they connect to I2P torrents or peers from outside I2P.^[4] I2PSnark, included in the I2P install package, is a port of the BitTorrent client named Snark.^[5] Vuze, formerly known as Azureus, is a BitTorrent client that includes a plugin for I2P, allowing anonymous swarming through this network.^[6][7] This plugin is still in an early stage of development, however it is already fairly stable. I2P-BT is a BitTorrent client for I2P that allows anonymous swarming for file sharing. This client is a modified version of the original BitTorrent 3.4.2 program which runs on Windows and most dialects of Unix in a GUI and command-line environment. It was developed by the individual known as 'duck' on I2P in cooperation with 'smeghead'. It is no longer being actively developed; however, there is a small effort to upgrade the I2P-BT client up to par with the BitTorrent 4.0 release. I2PRufus is an I2P port of the Rufus BitTorrent client.^[8] Robert is the most actively maintened I2PRufus fork. (i2p-internal link) And there is "I2P-Transmission".
• iMule (invisible Mule) ^[9] is a port of the 'All-Platform' client aMule for I2P network. iMule is made for anonymous file sharing. In contrast to other eDonkey clients, iMule only uses the Kademlia for proceeding to connect through I2P network, so no servers are needed.
• I2Phex is a port of the popular Gnutella client Phex to I2P. It is stable and fairly functional.

E-mail

• I2P has a free pseudonymous e-mail service run by an individual called Postman. The mail transfer servers are pop.mail.i2p (POP3) and smtp.mail.i2p (SMTP). Susimail was created to address privacy concerns in using these servers directly using traditional email clients, such as leaking the user's hostname while communicating with the SMTP server. Susimail is a web-based e-mail client intended primarily for use with Postman's mail servers, and is designed with security and anonymity in mind. It is currently included in the default I2P distribution, and can be accessed through the I2P router console web interface. (Note that this is only used to read and send e-mail, not to create or manage your mail.i2p account; the latter must be done at hq.postman.i2p.)
• I2P-Bote is an end-to-end encrypted, network-internal, fully decentralized (serverless) e-mail system. It supports different identities and does not expose e-mail headers. Currently, it is still alpha software and can only be accessed via its web interface, but it will soon have pop3 support. All bote-mails are automatically end-to-end encrypted and optionally signed and thus authenticated, so that there's no need to set up e-mail encryption apart (though you can do that). I2P-Bote offers additional anonymity by providing a high-latency transport option. As it is decentralized, there is no e-mail server that could link different e-mail identities as communicating with each other (profiling): Even the nodes relaying the mails do not know the sender, and apart from sender and receiver, only the end of the high-latency mail route and the storing nodes will know to whom (which anonymous identity, yet of course not the real world identity) the mail is destined. The original sender can have gone offline long before the mail becomes available on the other side. This adds on the degree of anonymity that can be reached with I2P. For those who do not want high delays: All these settings are user-adjustable, so each user decides on how much anonymity he wants.

Instant messaging

• I2P-Messenger is a simple Qt-based, serverless, end-to-end-encrypted instant messenger for I2P. No servers can log your conversations, no ISP can log with whom you chat, when, or for how long. As it is serverless, it can make use of I2P's end-to-end encryption, preventing any node between you and your contacts from having access to the plain text. I2P-Messenger can be used for fully anonymous instant communication with persons you don't even know, or, alternatively, to communicate securely and untraceably with friends, family members, or colleagues. Thus, it is also a useful tool against data retention in a surveillance society. In addition to messaging, file transfer is also supported.

Blogging

• Syndie is a blogging application for I2P which is also usable through the Tor network; it is currently at an alpha release.

Terminology

Eepsite

Eepsites are websites that are hosted anonymously within the I2P network. Eepsite names end in .i2p, such as ugha.i2p or forum.i2p. EepProxy can locate these sites through the cryptographic identifier keys stored in the hosts.txt file found within the I2P program directory. Typically, I2P is required to access these eepsites.

EepProxy

The EepProxy program handles all communication between the browser and any eepsite. It functions as a proxy server that can be used by any web browser.

.i2p is a pseudo-top-level domain which is only valid within the I2P overlay network scope. .i2p names are resolved by browsers by submitting requests to EepProxy which will resolve names to an I2P peer key and will handle data transfers over the I2P network while remaining transparent to the browser.

Peers

Other machines using I2P that are connected to your machine within the network. Each machine within the network shares the routing and forwarding of encrypted packets.

Tunnels

Every ten minutes, a connection is established between your machine and another peer. Data to and from your machine, along with data for other users, passes through these tunnels, and are forwarded such that the packets eventually reach their final destination.

See also

• Anonymous P2P
• Crypto-anarchism
• Garlic routing
• OneSwarm
• Tor – another anonymous communication system, primarily used as a network of outproxies to the existing Internet
• Tahoe Least-Authority Filesystem – I2P version, giving similar functionality to Freenet

References

External links

• Official website
• I2P-Bote website access from the internet
• How to use Azureus with I2P
• Getting started with the I2P Darknet video tutorial
• Anonymous Browsing with I2P, Privoxy, and Tor
• i2p: Got Root
• I2P - Community Ubuntu Documentation
• I2P - Anonymity for the Masses
• Anonymous hosting through I2P | LetsByteCode
• Linux Today - I2P - Anonymity for the Masses
• Andre' M. DiMino -SemperSecurus: I2P...The *other* Anonymous Network
• Why Tor Has Failed But I2P Will Not | Wilfred Hughes