network comparisons
(duck)
This commit is contained in:
@@ -61,7 +61,7 @@ echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
|
||||
* <a href="how_peerselection">Peer selection[ ]</a><br/>
|
||||
* <a href="how_cryptography">Cryptography[ ]</a><br/>
|
||||
> <a href="how_elgamalaes">ElGamal /<br/>AES+SessionTag[x]</a><br/>
|
||||
* <a href="how_networkcomparisons">Network comparisons[ ]</a><br/>
|
||||
* <a href="how_networkcomparisons">Network comparisons[x]</a><br/>
|
||||
<br/>
|
||||
-->
|
||||
<b><a href="faq">FAQ[x]</a></b><br/>
|
||||
|
@@ -8,5 +8,5 @@
|
||||
<li><a href="how_peerselection">Peer selection[ ]</a></li>
|
||||
<li><a href="how_cryptography">Cryptography[ ]</a><br/>
|
||||
> <a href="how_elgamalaes">ElGamal / AES+SessionTag[x]</a></li>
|
||||
<li><a href="how_networkcomparisons">Network comparisons[ ]</a></li>
|
||||
<li><a href="how_networkcomparisons">Network comparisons[x]</a></li>
|
||||
</ul>
|
||||
|
125
pages/how_networkcomparisons.html
Normal file
125
pages/how_networkcomparisons.html
Normal file
@@ -0,0 +1,125 @@
|
||||
<h1>Network comparisons</h1>
|
||||
<p>
|
||||
There are a great many other applications and projects working on anonymous
|
||||
communication and I2P has been inspired by much of their efforts. This is not
|
||||
a comprehensive list of anonymity resources - both freehaven's
|
||||
<a href="http://freehaven.net/anonbib/topic.html">Anonymity Bibliography</a>
|
||||
and GNUnet's <a href="http://www.ovmj.org/GNUnet/links.php3">related projects</a> serve
|
||||
that purpose well. That said, a few systems stand out for further comparison:</p>
|
||||
|
||||
<UL>
|
||||
<li> Morphmix and Tarzan
|
||||
<li> TOR / Onion Routing
|
||||
<li> Mixminion / Mixmaster
|
||||
<li> Freenet
|
||||
<li> JAP
|
||||
</UL>
|
||||
|
||||
<H2>Morphmix and Tarzan</H2>
|
||||
|
||||
<i><a href="http://www.tik.ee.ethz.ch/~morphmix/">[Morphmix]</a>
|
||||
<a href="http://www.pdos.lcs.mit.edu/tarzan/">[Tarzan]</a></i>
|
||||
|
||||
<p>
|
||||
Morphmix and Tarzan are both fully distributed, peer to peer networks of
|
||||
anonymizing proxies, allowing people to tunnel out through the low latency
|
||||
mix network. Morphmix includes some very interesting collusion detection
|
||||
algorithms and Sybil defenses, while Tarzan makes use of the scarcity of IP
|
||||
addresses to accomplishs the same. The two primary differences between
|
||||
these systems and I2P are related to I2P's <a href="/book/view/41?PHPSESSID=42d2b0545f243f2537476db228ce1636">threat </B>model</B></a>
|
||||
and their out-proxy design (as opposed to providing both sender and receiver
|
||||
anonymity). There is source code available to both systems, but we are not aware
|
||||
of their use outside of academic environments.</p>
|
||||
<p>
|
||||
Stealing quite directly from the Tarzan paper, the following includes a quick
|
||||
comparison of Tarzan, Crowds, Onion Routing (OR), and I2P</B>:</p>
|
||||
|
||||
<img src="http://i2p.net/~jrandom/wiki/comparison.png">
|
||||
|
||||
<H2>TOR / Onion Routing</H2>
|
||||
|
||||
<i><a href="http://freehaven.net/tor/">[TOR]</a>
|
||||
<a href="http://www.onion-router.net">[Onion Routing]</a></i>
|
||||
<p>
|
||||
TOR and Onion Routing are both anonymizing proxy networks, allowing people
|
||||
to tunnel out through their low latency mix network. The two primary
|
||||
differences between TOR / OnionRouting and I2P</B> are again related to differences
|
||||
in the threat </B>model</B> and the out-proxy design (though TOR is working to provide
|
||||
redevous points within the mix network, which will provide recipient anonymity).
|
||||
In addition, these networks take the directory based approach - providing a
|
||||
centralized point to manage the overall 'view' of the network, as well as gather
|
||||
and report statistics, as opposed to I2P's</B> distributed
|
||||
|
||||
<a href="/book/view/44?PHPSESSID=42d2b0545f243f2537476db228ce1636">network database</a> and <a href="/book/view/135?PHPSESSID=42d2b0545f243f2537476db228ce1636">peer selection</a>.</p>
|
||||
|
||||
<p>On the technical side, there are 5 main differences between TOR and I2P</B>:</p>
|
||||
<ul>
|
||||
<li>TOR is centrally managed (trusted directories, only some people fully participate
|
||||
in the network with cover traffic) while I2P</B> is fully distributed. This has serious
|
||||
anonymity implications for people using TOR that are not one of the TOR nodes,
|
||||
since a powerful attacker could determine your identity, or coerce the maintainer
|
||||
of TOR's directory server to include untrustworthy nodes.</li>
|
||||
|
||||
<li>TOR is circuit based (with reliable, ordered, bidirectional tunnels), while I2P</B>
|
||||
is packet based (with unreliable, unordered, unidirectional tunnels). As with the
|
||||
TCP/IP separation, I2P</B> optionally adds TCL-like functionality on top of the packet
|
||||
based network by means of mihi's ministreaming library.</li>
|
||||
<li>TOR is low latency, while I2P</B> is variable latency (both ASAP and stop+go). This will
|
||||
allow I2P</B> to provide a higher level of anonymity by blending the anonymity set of
|
||||
different user bases together - for example, filesharing users and militants look
|
||||
the same, though make use of different techniques to balance their own anonymity
|
||||
and security needs)</li>
|
||||
|
||||
<li>TOR is IP addressed, relying on the security of the IP layer for authenticating
|
||||
and securing the message delivery, while I2P</B> is cryptographically addressed.</li>
|
||||
<li>TOR is written in C on *nix (windows port w/ cygwin?), while I2P</B> is written in
|
||||
Java and tested on *nix, windows, and macs</li>
|
||||
</ul>
|
||||
|
||||
<H2>Mixminion / Mixmaster</H2>
|
||||
|
||||
<i><a href="http://mixminion.net/">[Mixminion]</a>
|
||||
<a href="http://mixmaster.sourceforge.net/">[Mixmaster]</a></i>
|
||||
|
||||
<p>
|
||||
Mixminion and Mixmaster are networks to support anonymous email against a very
|
||||
powerful adversary. I2P</B> aims to provide an adequate means to meet their threat
|
||||
</B>model</B> as we reach I2P</B> 3.0 along side the needs of low latency users, providing
|
||||
a significantly larger anonymity set. As with TOR and Onion Routing above,
|
||||
both Mixminion and Mixmaster take the directory based approach as well.</p>
|
||||
|
||||
<H2>Freenet</H2>
|
||||
|
||||
<i><a href="http://freenetproject.org/">[Freenet]</a></i>
|
||||
<p>
|
||||
Freenet is a fully distributed, peer to peer anonymous publishing network.
|
||||
As such, generic anonymous communication over it requires the use of the global
|
||||
blackboard model</B> - storing data somewhere that the recipient will then check
|
||||
for a message. Freenet also does not support the concept of user defined delays -
|
||||
it stores and fetches data as quickly as it can, rather than queueing up, pooling,
|
||||
delaying, and mixing the data, leaving a hole with regards to long term intersection
|
||||
attacks. In addition, there seem to be some performance issues that can arguably
|
||||
be attributed to the global blackboard model</B> which will likely rule out interactive
|
||||
low latency communication.</p>
|
||||
|
||||
<H2>JAP</H2>
|
||||
|
||||
<i><a href="http://anon.inf.tu-dresden.de/index_en.html">[JAP]</a></i>
|
||||
|
||||
<p>
|
||||
JAP (Java Anonymous Proxy) is a network of mix cascades for anonymizing web requests,
|
||||
and as such it has a few centralized nodes (participants in the cascade) that blend
|
||||
and mix requests from clients through the sequence of nodes (the cascade) before
|
||||
proxying out onto the web. The scope, threat </B>model</B>, and security is substantially
|
||||
different from I2P</B>, but for those who don't require significant anonymity but still
|
||||
are not satisfied with an Anonymizer-like service, JAP is worth reviewing. One
|
||||
caution to note is that anyone under the jurisdiction of the German courts may want
|
||||
to take care, as the German Federal Bureau of Criminal Investigation (FBCI) has has
|
||||
successfully mounted an
|
||||
<a href="http://www.datenschutzzentrum.de/material/themen/presse/anonip3_e.htm">[attack]</a>
|
||||
on the network. Even though the method of this attack was later found to be illegal
|
||||
in the German courts, the fact that the data was successfully collected is the
|
||||
concern. Courts change their minds based upon circumstance, and this is evidence that
|
||||
if a government body or intelligence agency wanted to, they could gather the data, even
|
||||
if it may be found inadmissible in some courts later)
|
||||
</p>
|
Reference in New Issue
Block a user