kytv/I2P_Website
1
0
Fork 0
forked from I2P_Developers/i2p.www
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3159f948f6bbfa6060a4659845c4b656a82005d1
I2P_Website/pages/how_networkcomparisons.html
ugha 863078e045 Replaced the network comparsions image with a HTML table. 
(ugha)
2004-07-24 00:32:48 +00:00

205 lines
8.0 KiB
HTML
Raw Blame History

<p>There are a great many other applications and projects working on anonymous
communication and I2P has been inspired by much of their efforts. This is not
a comprehensive list of anonymity resources - both freehaven's
<a href="http://freehaven.net/anonbib/topic.html">Anonymity Bibliography</a>
and GNUnet's <a href="http://www.ovmj.org/GNUnet/links.php3">related projects</a>
serve that purpose well. That said, a few systems stand out for further
comparison:</p>
<ul>
<li>Morphmix and Tarzan</li>
<li>TOR / Onion Routing</li>
<li>Mixminion / Mixmaster</li>
<li>Freenet</li>
<li>JAP</li>
</ul>
<h2>Morphmix and Tarzan</h2>
<i><a href="http://www.tik.ee.ethz.ch/~morphmix/">[Morphmix]</a>
<a href="http://www.pdos.lcs.mit.edu/tarzan/">[Tarzan]</a></i>
<p>Morphmix and Tarzan are both fully distributed, peer to peer networks of
anonymizing proxies, allowing people to tunnel out through the low latency
mix network. Morphmix includes some very interesting collusion detection
algorithms and Sybil defenses, while Tarzan makes use of the scarcity of IP
addresses to accomplishs the same. The two primary differences between
these systems and I2P are related to I2P's <a href="how_threatmodel">threat model</a>
and their out-proxy design (as opposed to providing both sender and receiver
anonymity). There is source code available to both systems, but we are not aware
of their use outside of academic environments.</p>
<p>Stealing quite directly from the Tarzan paper, the following includes a quick
comparison of Tarzan, Crowds, Onion Routing (OR), and I2P:</p>
<table>
<tr>
<td style="width: 19%;"></td>
<td style="width: 27%;" colspan="4">Bad first relay/router</td>
<td style="width: 27%;" colspan="4">Bad intermediate relay/router</td>
<td style="width: 27%;" colspan="4">Bad last relay/router</td>
</tr>
<tr>
<td>Information exposed</td>
<td><b>OR</b></td>
<td><b>Crowds</b></td>
<td><b>Tarzan</b></td>
<td><b>I2P</b></td>
<td><b>OR</b></td>
<td><b>Crowds</b></td>
<td><b>Tarzan</b></td>
<td><b>I2P</b></td>
<td><b>OR</b></td>
<td><b>Crowds</b></td>
<td><b>Tarzan</b></td>
<td><b>I2P</b></td>
</tr>
<tr>
<td>Sender activity</td>
<td>Yes</td>
<td>Maybe</td>
<td>Maybe</td>
<td><b>No</b></td>
<td>No</td>
<td>No</td>
<td>Maybe</td>
<td><b>No</b></td>
<td>No</td>
<td>No</td>
<td>No</td>
<td><b>No</b></td>
</tr>
<tr>
<td>Recipient activity</td>
<td>No</td>
<td>Yes</td>
<td>No</td>
<td><b>No</b></td>
<td>No</td>
<td>Yes</td>
<td>No</td>
<td><b>No</b></td>
<td>Yes</td>
<td>Yes</td>
<td>Yes</td>
<td><b>No</b></td>
</tr>
<tr>
<td>Sender content</td>
<td>No</td>
<td>Maybe</td>
<td>No</td>
<td><b>No</b></td>
<td>No</td>
<td>No</td>
<td>No</td>
<td><b>No</b></td>
<td>No</td>
<td>No</td>
<td>No</td>
<td><b>No</b></td>
</tr>
<tr>
<td>Recipient content</td>
<td>No</td>
<td>Yes</td>
<td>No</td>
<td><b>No</b></td>
<td>No</td>
<td>Yes</td>
<td>No</td>
<td><b>No</b></td>
<td>Yes</td>
<td>Yes</td>
<td>Yes</td>
<td><b>No</b></td>
</tr>
</table>
<p>(Original image at <a href="http://dev.i2p.net/~jrandom/wiki/comparison.png">
http://dev.i2p.net/~jrandom/wiki/comparison.png</a>)</p>
<h2>TOR / Onion Routing</h2>
<i><a href="http://freehaven.net/tor/">[TOR]</a>
<a href="http://www.onion-router.net">[Onion Routing]</a></i>
<p>TOR and Onion Routing are both anonymizing proxy networks, allowing people
to tunnel out through their low latency mix network. The two primary
differences between TOR / OnionRouting and I2P are again related to differences
in the threat model and the out-proxy design (though TOR is working to provide
redevous points within the mix network, which will provide recipient anonymity).
In addition, these networks take the directory based approach - providing a
centralized point to manage the overall 'view' of the network, as well as gather
and report statistics, as opposed to I2P's distributed <a href="how_networkdatabase">network
database</a> and <a href="how_peerselection">peer selection</a>.</p>
<p>On the technical side, there are 5 main differences between TOR and I2P:</p>
<ul>
<li>TOR is centrally managed (trusted directories, only some people fully participate
in the network with cover traffic) while I2P is fully distributed. This has serious
anonymity implications for people using TOR that are not one of the TOR nodes,
since a powerful attacker could determine your identity, or coerce the maintainer
of TOR's directory server to include untrustworthy nodes.</li>
<li>TOR is circuit based (with reliable, ordered, bidirectional tunnels), while I2P
is packet based (with unreliable, unordered, unidirectional tunnels). As with the
TCP/IP separation, I2P optionally adds TCL-like functionality on top of the packet
based network by means of mihi's ministreaming library.</li>
<li>TOR is low latency, while I2P is variable latency (both ASAP and stop+go). This will
allow I2P to provide a higher level of anonymity by blending the anonymity set of
different user bases together - for example, filesharing users and militants look
the same, though make use of different techniques to balance their own anonymity
and security needs)</li>
<li>TOR is IP addressed, relying on the security of the IP layer for authenticating
and securing the message delivery, while I2P is cryptographically addressed.</li>
<li>TOR is written in C while I2P is written in Java</li>
</ul>
<h2>Mixminion / Mixmaster</h2>
<i><a href="http://mixminion.net/">[Mixminion]</a>
<a href="http://mixmaster.sourceforge.net/">[Mixmaster]</a></i>
<p>Mixminion and Mixmaster are networks to support anonymous email against a very
powerful adversary. I2P aims to provide an adequate means to meet their threat
model as we reach I2P 3.0 along side the needs of low latency users, providing
a significantly larger anonymity set. As with TOR and Onion Routing above,
both Mixminion and Mixmaster take the directory based approach as well.</p>
<h2>Freenet</h2>
<i><a href="http://freenetproject.org/">[Freenet]</a></i>
<p>Freenet is a fully distributed, peer to peer anonymous publishing network.
As such, generic anonymous communication over it requires the use of the global
blackboard model - storing data somewhere that the recipient will then check
for a message. Freenet also does not support the concept of user defined delays -
it stores and fetches data as quickly as it can, rather than queueing up, pooling,
delaying, and mixing the data, leaving a hole with regards to long term intersection
attacks. In addition, there seem to be some performance issues that can arguably
be attributed to the global blackboard model which will likely rule out interactive
low latency communication.</p>
<h2>JAP</h2>
<i><a href="http://anon.inf.tu-dresden.de/index_en.html">[JAP]</a></i>
<p>JAP (Java Anonymous Proxy) is a network of mix cascades for anonymizing web requests,
and as such it has a few centralized nodes (participants in the cascade) that blend
and mix requests from clients through the sequence of nodes (the cascade) before
proxying out onto the web. The scope, threat model, and security is substantially
different from I2P, but for those who don't require significant anonymity but still
are not satisfied with an Anonymizer-like service, JAP is worth reviewing. One
caution to note is that anyone under the jurisdiction of the German courts may want
to take care, as the German Federal Bureau of Criminal Investigation (FBCI) has has
successfully mounted an
<a href="http://www.datenschutzzentrum.de/material/themen/presse/anonip3_e.htm">attack</a>
on the network. Even though the method of this attack was later found to be illegal
in the German courts, the fact that the data was successfully collected is the
concern. Courts change their minds based upon circumstance, and this is evidence that
if a government body or intelligence agency wanted to, they could gather the data, even
if it may be found inadmissible in some courts later)</p>
Reference in New Issue View Git Blame Copy Permalink