A new network has quietly been built in recent months that adds better security than even Tor. It gained some publicity this weekend when a replacement for the infamous Silk Road web site was announced. “Silk Road Reloaded” launched on Sunday, and is only accessible by downloading the special I2P software, or by configuring your computer in a certain way to connect to I2P web pages, called ‘eepsites’, and which end in the suffix .i2p.
You can read more about Silk Road Reloaded at http://motherboard.vice.com/read/silk-road-reloaded-i2p. However, I am more interested in the I2P software.
I2P is an anonymous overlay network – a network within a network. It is intended to protect communication from dragnet surveillance and monitoring by third parties such as ISPs. I2P is used by many people who care about their privacy: activists, oppressed people, journalists and whistleblowers, as well as the average person.
Wikipedia at http://en.wikipedia.org/wiki/I2P says, “The Invisible Internet Project (I2P) is a computer network layer that allows applications to send messages to each other pseudonymously and securely. Uses include anonymous Web surfing, chatting, blogging and file transfers. The software that implements this layer is called an I2P router and a computer running I2P is called an I2P node.
“The software is free and open source and is published under multiple licenses. The name I2P is derived from Invisible Internet Project, which, in pseudo-mathematical notation, is represented as I²P.”
The same article also states, ” I2P is an anonymous peer-to-peer distributed communication layer designed to run any traditional internet service (e.g. Usenet, email, IRC, file sharing, Web hosting and HTTP, Telnet), as well as more traditional distributed applications (e.g. a distributed data store, a web proxy network using Squid, or DNS).”
All communication within I2P is end to end encrypted (in total there are four layers of encryption used when sending a message), and even the end points (“destinations”) are cryptographic identifiers (essentially a pair of public keys).
Anyone using I2P does not initiate a connection by specifying an I.P. address. Instead, you send a message to a cryptographic identifier so the message must be addressed to someone running I2P. Every participant in the network chooses the length of these tunnels, and in doing so, makes a tradeoff between anonymity, latency, and throughput according to their own needs. The i2P software builds a few inbound and outbound “tunnels” – a sequence of peers that pass messages in one direction (to and from the client, respectively). The result is that the number of peers relaying each end to end message is the absolute minimum necessary to meet both the sender’s and the receiver’s threat model.
You can read more about the I2P network and even download the software for Windows, Macintosh, Android, and Debian and Ubuntu Linux at https://geti2p.net/en/.