I2P (Invisible Internet Project) is an encrypted, anonymous, pseudonymous and decentralized serverless computer network distributed worldwide.
I2P is based on free software and aims to provide a simple transfer layer with the benefit of anonymity and privacy, security from attacks, and resistance to censorship for various application software. I2P enables an anonymous, encrypted, and decentralized, peer-to-peer distributed communication layer designed to support any traditional protocol such as BitTorrent, HTTPS, SSH, XMPP, email, IRC, IPv4, and IPv6, as well as traditional distributed applications (e.g., Squid or DNS).
The I2P network itself is message-based (like IP), but it also offers a library that allows data transmission as well as streaming of information and is similar to TCP. In I2P, every data transmission is encrypted multiple times, and a total of four layers of encryption are used for each data packet. The receiving points (downloaders/receivers) of the data packets are also protected by the encryption method, most of which consist of a pair of public keys.
Data traffic is also routed in parallel through several different and constantly changing tunnels (network chains). Your own I2P router (I2P user) is thus also constantly involved in the simultaneous and alternating forwarding of several different and encrypted data packets for other I2P users. Given the high number of possible dynamic transport paths (the different and ever-changing network chains) that traffic can traverse, it is very unlikely that a third party will be able to observe a complete connection and monitor the data content.
For forwarding, the respective program running under I2P sends its data to the designated I2P router. The I2P router first ensures that the data is encrypted and anonymized for sharing. Subsequently, a route is determined via several third-party I2P routers to a currently valid transfer point of the target router. From there, the data is passed on via several I2P routers to the actual destination. The forwarding routers used in this process are called hops. For safety reasons, however, only your own hops are counted to the transfer point; The sender has no control over the number of hops determined by the target router.
To ensure that no data is lost along the way, which can happen in the event of an I2P router failure in a chain of routers, it is sent again via a different route at the same time. Each of these routes corresponds to a tunnel. If the data was able to reach its destination in this way, this tunnel was successfully constructed.
The acknowledgment of receipt, in turn, is sent by the destination router via a new series of hops through new tunnels in the aforementioned manner. To determine the respective transfer points and announce the tunnel occupancy, a request is made to the distributed I2P network database, which maintains a structured distributed hash table (DHT) based on the Kademlia algorithm. After every eleven minutes, the tunnels are discarded and replaced by new ones. I2P uses 2048bit AES256/SHA256+ session tags encryption and Ed25519 EdDSA/ECDSA signatures.
Realization of Invisible Internet Project (I2P)
The core of the I2P application is written in Java. A Java runtime environment must therefore be installed. Furthermore, there is a complete implementation in C++ as well as other projects, some of which are in an early stage of development. Some of the services are integrated in the form of web applications and can be accessed via the browser. The central role here is played by the “router console” as the entry page.
Other services are partly realized by the fact that the I2P service works as a proxy for e.g. HTTP, IRC, Mail or Concurrent Versions Systems, whereby it sometimes behaves like a normal server towards the respective client. In this way, the normal client programs, such as Firefox, can be used, which only have to be reconfigured to your own I2P server/proxy. In most cases, different 4-digit port numbers are used. In addition, there are special add-on programs in the I2P network, which are listed in the Applications section.
I2PTunnel is an application embedded in I2P that allows arbitrary TCP/IP services to be provided via I2P.
SAM is a protocol that allows the development of I2P-based programs in a wider range of programming languages.
BOB is another interface that allows the development of I2P-based programs in a wider range of programming languages.
- An outproxy makes it possible to reach other servers outside the I2P network via a server in the I2P network.
- Such requests are forwarded to the outproxy, which then contacts the target and sends the response back.
- Often, Outproxies do not route the requests directly to the server, but via the Tor network, which also allows you to reach Tor Hidden Services. Advanced outproxies offer additional features such as ad-blocking and caching (caching of page data) to increase speed.
There are no official outproxies on the I2P network. All outproxies are operated on a voluntary basis.
I2P has received a stable version every six to eight weeks. Updates are distributed via I2P torrents and signed by the release manager (usually zzz or str4d).