Introduction To I2P
Performance Objective
At the conclusion of the course the student will be able to:
-
Identify what I2P is.
-
Identify one reason why we should block javascript.
-
Explain how I2P works.
-
Explain how I2P is different than Tor.
Introduction
I recommend watching the I2P Con 2015 Playlist. There were plans for a 2016 I2P Con but it does not appear to have come to fruition. There are no other I2P-centric conventions as far as I know.
I did speak to users on the IRC chat room for #i2p-dev and was provided some excellent information from the developers. This talk was reviwed by the I2P staff and a request to confirm facts was made. No changes in content were solicited or made due to reputation or any other concerns.
│09:53:57 i2pr | [Irc2P/psi] some important notes to add, i2p is a network layer, it provides an anonymous layer 3 │
│ | (on the osi stack) │
│09:54:10 i2pr | [Irc2P/psi] no one else does that as far as i have seen │
│09:54:48 i2pr | [Irc2P/psi] i2p can do anonymous anycast too, like 1 destination in multiple servers │
│09:54:58 Retro64XYZ | psi: That network layer is what simplifys connection of so many tools into the i2p network; am I │
│ | correct in saying that? │
│09:55:01 i2pr | [Irc2P/psi] which again, no one else can do as far as i have seen :^) │
│09:55:15 i2pr | [Irc2P/psi] not quite │
│09:55:26 i2pr | [Irc2P/psi] it makes the network harder to optimize │
│09:55:39 i2pr | [Irc2P/psi] but it gives a LOT of flexibility to app developers │
│09:56:12 i2pr | [Irc2P/psi] idk if it makes it simpler, it's just different │
│09:58:56 i2pr | [Irc2P/psi] also due to lack of regular funding our product is a bit lack luster compared to tor │
│09:59:13 i2pr | [Irc2P/psi] we don't have money to pay devs to maintain a browser │
│09:59:27 i2pr | [Irc2P/psi] it's mostly randos in their spare time │
│09:59:41 i2pr | [Irc2P/psi] (more randos desired) │
│09:59:49 i2pr | [Irc2P/psi] we need more of everything (tm)
How does I2P Work
I2P functions with several essential concepts. The first is the strict separation between software (router) and endpoint (destination). The act of running I2P is not a secret usually. The activity being participated in and the destination of that activity is the hidden information that is being protected by I2P. The second important concept is the tunnel. The tunnel is the connection being made from one computer to another within the I2P network. All tunneling is performed in a unidirectional manner. You have outbound tunnels and inbound tunnels. The first computer, client or server, is usually referred to as the gateway.
The concept of the network database is also important to I2P. The netDb is used to transfer metadata about the network. The information being shared is the routerInfo and the leaseSets. The routerInfo will give routers the data necessary for reaching a particular router. This data includes transport addresses, public keys, and additional but unmentioned data about the network. The leaseSet will provide the information necessary for contacting a particular destination. The leases(plural!) within the leaseSet will specify tunnel gateways and works as a map for reaching a destination.
- Inbound gateway for a tunnel that allows reaching a specific destination.
- Time when a tunnel expires.
- Pair of public keys to be able to encrypt messages (to send through the tunnel and reach the destination).
A router will send routerInfo to the netDb directly while the leaseSets are sent through outbound tunnels. This is done because a leaseSet must be sent anonymously or it will correlate the router with the leaseSet.
Further information on I2P function is found within the excellent documentation provided by the I2P project.
How To Install
-
Review the code on the GitHub platform! You don’t have an excuse. You need to stop and look at the tool, how it is made, and who is making it.
-
Acquire hosting on an external platform. You have a lot of options. I prefer scaleway as a platform because they are off shore. Pick your favorite country, pick a provider, and get a VPS. A $3.00 ‘starter cloud’ is a sufficient package for hosting a I2P install.
-
Get the installer and get it onto your VPS. The process will look like the following.
$ wget 'https://download.i2p2.de/releases/0.9.33/i2pinstall_0.9.33.jar' -O new_installer_offline.jar; $ java -jar new_installer_offline.jar;
-
We will want to run the software locally. This can be done with a tunnel. Run this command on your local machine.
$ ssh -L 7657:127.0.0.1:7657 YOURSERVERIPHERE
- We will also want to gain access to I2P sites locally. These are also known
as eepsites. This requires access to port 4444.
$ ssh -L 4444:127.0.0.1:4444 YOURSERVERIPHERE
-
We then open a browser on our local machine and surf over to http://localhost:7657
- You will then want to surf over to Configuration->Network and get your port. You can then open this UDP port in your firewall.
How To Setup
Setting up I2P can be remarkably simple. You will install the application and then connect to it as you would with some thing like Freenet. Configuration is also fairly simple to start with. Properly opening the port for your connection in your firewall is one of the more difficult tasks. Your main goal is to make the ‘Network:’ icon to the left of the screen state ‘OK’ as well as to gain green stars next to your local tunnels. I found I2P to be very verbose in recommendations as well as in identifying issues or problems. I believe I2P to have excellent documentation and very good levels of hand holding for new users.
Who Made I2P
I2P is made up of many anonymous users who contribute time and effort to better the tool. The vast majority of these users appear to be taking their privacy very serious and many of them work under pseudonym. The original creator was known as ‘jrandom’ which is a generic term used in many books to denote the user. Development began in 2003 and started around the same time that Tor development began. At some point, jrandom vanished, see jrandom’s AWOL Announcement and the entire project very nearly came to a crashing halt. Over time, it was salvaged and the I2P project was able to continue development.
What does I2P do
The initial purpose of the Invisible Internet Project was to provide a secure and anonymous method to communicate with users over IRC. I2P evolved from the Invisible Internet Project and is now intended to provide anonymous peer-to-peer communication for Usenet, email, IRC, file sharing, web hosting (http) and telnet. The real purpose of I2P is to provide an anonymous network layer so that other software can interact through the I2P protocol.
Garlic Versus Onion
I2P has used the term ‘garlic’ to represent one of three things. Layered encryption, bundling messages together, or ElGamal/AES encryption. In order to understand garlic routing, we must first understand that onion routing consists of building tunnels, through a series of peers, and then using the tunnel. Each hop decrypts a piece of the message before passing the rest on, therefore it works a bit like ‘peeling an onion’ as the different layers are stripped until the data ends up at a destination.
In the sense that messages are encrypted for each hop on the journey, onion routing and garlic routing are the same in concept. The first difference is that multiple messages are bundled together in I2P. Any number of messages can be contained in an I2P clove. I2P is unidirectional as mentioned earlier, meaning the tunnels can only travel in a single direction.
I2P uses garlic routing, bundling, and encryption in three places -
- For building and routing through tunnels (layered encryption)
- For determining the success or failure of end to end message delivery (bundling)
- For publishing some network database entries (dampening the probability of a successful traffic analysis attack) (ElGamal/AES)
You can read more in the excellent garlic documentation.
Attack Vectors
Exodus Intelligence was able to locate flaws in I2P and use those flaws to unmask users of Tails.
Some of the threats that I2P are vulnerable to include -
- Brute Force Attacks
- Timing Attacks
- Intersection Attacks
- Denial Of Service Attacks
- Tagging Attacks
- Partitioning Attacks
- Predecessor Attacks
- Harvesting Attacks
- Traffic Identification
- Analysis
- Sybil Attacks
- Buddy Exhausting Attacks
- Cryptography Attacks
- Floodfill Attacks
- Attacks on the Network Database
- Attacks on centralized resources
- Development Attacks
- Implementation Attacks
Of note is that I2P has identified all of these attacks and provides opinions as well as factual data on how likely you are to experience them, high level discussion on how they work, and an opinion on the effectiveness of the attack. I rate them highly for their transparency in monitoring for attacks and vulnerabilities.
Operating Systems Suck
All operating systems are should be considered compromised and no amount of anonymous software will protect you from the vulnerabilities that have been baked into the hardware and the software. I stand by my statement that if ‘they’ want you ‘they’ have you.
Linux should be considered compromised.
Due to my training and experience, I do not believe that it is possible for Linus Torvalds to have refused the American Government if they did seriously proposition him for a back door into the kernel. I also am a strong believer that no one person has complete understanding of the kernel and all intricacies involved. Therefore it is impossible at this point to claim that there are absolutely no flaws being exploited in the wild.
If Linus Torvalds was ‘joking’ when he decided to admit to being propositioned for a backdoor, I feel it was in bad taste and not conducive to building confidence in the Linux product.
Windows should be considered compromised.
Microsoft has a long and storied history of extremely good relationships with the NSA and are suspected of providing them access to systems.
Your hardware sucks too by the way
Suspicion over the level of assistance that hardware makers provide different governments is high. We know that China installs spying tools into their products on a relatively regular basis. We can also expect others to do the same for the US.
Chip Proof Of Concept - Analog Attacks.
Intel Management Engine Flaws.
Privacy Threats
There are seven companies that provide the backbone to the internet. Intergovernmental agreements would simplify the act of being able to spy on different products. In addition, almost 40% of all web hosting is performed within the United States with Germany being a close second in market share at 18%. A negligible 7% of hosting is done in China. I urge you to learn about PRISM and how the US Government has stated under oath that all parties involved were, contrary to their claims, complicit in spying.
Please also view info on PRISM on Wikipedia.
Content
I2P uses .i2p sites or ‘eepsites’ in a manner similar to how you may find a .onion site on the Tor network. This TLD denotes that the website is available only from the I2P network. These are also known as hidden sites. The I2P project chose the Eclipse Jetty webserver as their default method of communication. It supports PHP, MYSQL, and can serve Javascript. You can learn more about Jetty at the project home for Jetty. You should minimize your vulnerability footprint by using a browser that does not include support for javascript or flash. You should not download PDF files or any other external file format.
Answers
-
I2P is a peer-to-peer platform that appears to regularly tout a strong connection to cyptocurrency and dark markets.
-
An example of a Javcascript exploit is found here with more information provided by the NIST.
-
I2P functions by allowing users to anonymously share files, browse, chat, and more through the use of the I2P protocol.
-
Tor uses onion routing while I2P uses garlic routing. Tor is more focused on accessing servers outside the Tor network while I2P attempts to minimize connections to the clear net.
Conclusion
I2P is designed as a primarily internal network with the intention to make minimal bridging to the clear net possible. I2P is an anonymous network layer and is designed to facilitate the use of supporting software. This means that you must use I2P in conjunction with other tools in order to attain anonymous communication. You will rely on a web browser, tunnels, IRC Client, or any number of file sharing applications in order to make use of the I2P protocol. This also means that your vulnerability foot print will be different depending on what tools you employ to support your I2P use. Every application you use increases the possibility that you are vulnerable.
I believe that the I2P project has many positive aspects and while no project is perfect, their documentation is second to none. I feel that their decision to allow javascript, php, and other tools increases their ability to garner favor with the web 2.0 crowd but detracts from the security of the tool due to the increased vulnerability foot print inherent in those technologies.
I2P is extremely popular with the alternative currency crowd and it is easy to see that I2P provides an excellent set of tools for interacting with that technology. While there are vulnerabilities within the technology and a host of peoples who are toiling away in an attempt to disrupt or harm the network, they have worked diligently to provide an acceptable product that I feel is worth using for any one who does not need to rely on the tool for their life.
Final Recommendations
-
Register a PGP key.
-
Use Linux.
-
Contribute to a privacy enhancing project. I recommend Freenet. Pick one.
-
Develop relationships and build your own ‘Darknet’. Network in the real world.
-
Contribute to Open Source Projects.