What are Tor and I2P?
Tor, short for The Onion Router, is a free software created with the intention of improving privacy and anonymity of internet users. Tor protects your privacy by connecting to a random point on the world wide web through a series of encrypted relays, or nodes, that then transmit data anonymously to its destination.
The software has been widely used by journalists, law enforcement officers, and activists who need to protect their privacy.
First created by the US Navy and later adopted by the public at large, Tor is a network of servers that allow users to browse the internet anonymously. In addition to keeping people from knowing your online whereabouts, Tor also enables you to surf the web without being tracked by advertisers. All in all, it’s an excellent way for people to increase their privacy while surfing the internet [ARMSTRONG & ROSS, 2006].
I2P (The Invisible Internet Project) is an anonymizing peer-to-peer network designed for secure and anonymous file sharing among other things such as blogging,anonymous web browsing, chatting. I2P can be used in combination with Freenet for publishing purposes. I2P allows applications to send messages to each other pseudonymously and securely.
The biggest difference between Tor and I2P is that, instead of using multiple relays/nodes to transmit data, I2P uses a set of virtual tunnels.
How it Works
In a nutshell, Tor conceals a user’s location and online activities from anyone conducting network surveillance or traffic analysis. It uses a distributed network of servers that allows private and anonymous communications. Tor was developed by the U.S. Naval Research Laboratory and became an official Navy project in 1997. However, it has continued to be developed by volunteers since then, with funding for specific development projects from nonprofit organizations such as the Electronic Frontier Foundation (EFF). Tor is now maintained by The Tor Project Inc., which also supports its further development.
I2P uses a network of randomly assigned, volunteer “routers” that act as relays between networks. Messages are routed through the nodes in this way to protect against traffic analysis. In addition to concealing a user’s location and activities, I2P networks also anonymously relay user traffic through relays to other users on the same network.
In many ways, these two different forms of internet anonymity work in parallel. Tor can be thought of as a series of layers designed to obscure a user’s identity and utilize other encryption and routing technologies. Tor works by routing traffic through three different types of nodes:
- Client Nodes
- Relay Nodes
- Exit Nodes.
Each of these node types is assigned a numerical address. The combination of these addresses can be used to ascertain the path that data has traveled to reach its destination.
Client Nodes are the first nodes that traffic encounters on Tor’s network. They are also known as “Tor Entry/Exit Points” because they act as the entry point into the Tor network for end users and exit points for data leaving the Tor Network. These nodes do not store any information about their clients or their clients’ destination addresses. The last type of node in the Tor network is called Exit Nodes. These nodes are designed to look like regular internet servers. They do not store any information about traffic originating from Tor users. Instead, they forward the data to the next node in the network, a Relay Node.
Relay Nodes are Tor “middlemen” used to relay traffic between other nodes on the network. They also act as an exit point for end-users or relay end-users data via other nodes.
I2P uses a similar routing system but with another node called a “router” sending messages through various channels. A similar idea utilized in I2P involves sending traffic through “tunnels,” but these tunnels are created by routers rather than exit nodes.
When a client begins to use a router in the I2P network, they must first participate in a key ceremony. This key ceremony is used to transmit a random number from the client to the router. Both parties then use this random number to create two separate keys for further communications between them.
Differences Between Tor and I2P
|Tor is a volunteer-driven project with publicly available design documents and source code||I2P is a project created by the “Invisible Internet Project” that employs java programming language and requires users to install java before running the software.|
|Tor transmits unencrypted data between nodes||I2P encrypts all communications in both directions using AES and trading somewhat less performance for higher security.|
|Tor nodes use public key cryptography from other nodes on the network to establish encrypted channels but do not otherwise validate what data they pass||I2P routers can also be reached by their public keys signed by an open certificate authority, making them somewhat more trustworthy.|
|Tor clients are anonymous on the network||I2P routers can also be reached by their public keys signed by an open certificate authorit|
|Tor anonymizes IP addresses||I2P uses end-to-end encryption between services, anonymizing IP addresses before they reach the level of the protocol itself.|
|Tor can anonymize UDP or TCP protocols||I2P can handle arbitrary application-level protocols, including UDP and TCP.|
|Tor transmits data through a 3 hop circuit||I2P transmits data directly between two nodes over a configurable path of 30 hops.|
|Tor transmits the same data at each hop||I2P encrypts the data after the first node, meaning routers are not aware of what they are routing.|
|Tor is slower than I2P||I2P uses pre-shared keys, not public keys, for router authentication making initial connections faster.|
|Tor is written in C++||while I2P is written in Java.|
|Tor can be installed independently of other software||The i2pdaemon application may be used to install and start I2P so it can run as a system service.|
|Tor is banned in China||I2P is not blocked by any censorship regime.|
|Tor has no kill switch||I2P comes with a kill switch to exit all applications at once via the Control Panel.|
|Tor is more user friendly||I2P is for the more tech savvy|
Benefits of Tor and I2P
Tor, a network of volunteers that helps users browse the internet anonymously, has been embraced by activists and journalists alike. As a result, it has also been used for investigations by groups such as the EFF. Tor acts as a gateway between a user’s computer and other computers on the internet. This gives users persistent anonymity from network surveillance.
In addition to being secure from surveillance, Tor also improves privacy online. It does this by bouncing communications all across its various nodes. This makes it virtually impossible to track an IP address back to a single location. Furthermore, with the use of encryption, data transmitted over the network is secured against outside intruders. Tor is considered one of the most secure networks available, with all of these security features in place.
Because of how they work, Tor and I2P can bypass censorship imposed by certain governments. For example, since they allow users to browse the internet anonymously, they are ideal for activists who want to avoid government surveillance or journalists who wish to publish sensitive information without worrying about government reprisal.
Tor is also used by journalists making confidential sources, whistleblowers, and other users who want to conceal their online identities. There have even been reports of law enforcement agencies using Tor’s network to protect their own identities while conducting investigations. I2P also allows users to bypass the censorship of certain governments. However, it is generally meant for the more technical crowd.
Weaknesses of Tor and I2P
- No P2P or Peer to Peer (P2P)
- Limited access to applications
- Limited bandwidth/speed
- Ineffective against targeted traffic analysis
Despite its many benefits, both Tor and I2P do not guarantee perfect anonymity. There are several instances where this anonymity can be compromised. If a user’s identity is tied to a real-world identity, they can be personally identified through Tor. Furthermore, an attacker can identify a user by monitoring traffic coming in and out of the Tor network. This can be done by monitoring traffic patterns and comparing them with known patterns.
For example, if users access websites they usually do not access outside of Tor, their identity may leak. This would happen because using multiple computers can help create unique patterns of accessing different sites.
Tor and I2P are both dissimilar projects, that are similar in some aspects. Tor has been around since 2004, while I2P is newer. Tor’s principle goal is anonymity by concealing the IP address of the user, whereas I2Ps principle goal is anonymity by not revealing the identity of the user.
The technical design of Tor provides protection against traffic analysis which can be used to infer who or what a person is communicating with on their network at any given time, whereas I2Ps technical design does not provide this protection.
The technical differences between the two projects are the reason why each is used for different purposes, and further help to distinguish them. Tor is commonly used on internet connected computers or devices to protect identity of the user on their network by concealing their actual IP address, whereas I2P is commonly used on internet connected computers or devices to aid in anonymity by not revealing the identity of the user.
Tor provides its users with anonymity by hiding their true location during communication, where they are unable to be traced back to their real geographical location. Tor is excellent for protecting against targeted traffic analysis where your communication with others will not be known unless you want them known.
Although Tor does not provide protection against traffic analysis, it does provide confidentiality in that your data is encrypted in that it cannot be read in the middle of transmission.
I2P provides its users with anonymity by hiding their identity when communicating with other I2P users, where they are unable to be traced back to their real geographical location. I2P is good for protecting against targeted traffic analysis where your communication with others will not be known unless you want them known. Although I2P does not provide protection against traffic analysis, it does provide privacy in that your data is encrypted in that it cannot be read in the middle of transmission.
Both Tor and I2P make use of several different algorithms to encrypt their traffic (although the algorithms are different), but I2P uses stronger encryption than Tor. It is suggested that you make certain adjustments when using both Tor and I2P by using programs such as Privoxy or I2PProxy, in order to make sure that they perform at their best.
The key difference between the two projects is that I2P provides an internal networking layer, while Tor does not. I2P allows communications within the internal network to be encrypted and anonymized to prevent packet sniffing and other forms of external threats, while Tor does not provide this protection.
Tor allows you to connect through a number of different ‘entry relays’, while I2P does not allow you to do so. The entry relays in Tor serve as a means for the user’s connection to enter the network, while I2P requires users to manually select which servers they want their traffic to go through.
Finally, both Tor and I2P are known for having major performance issues at times. Tor users need to run many different programs to browse the internet anonymously. Furthermore, a significant amount of data needs to be transferred in and out of Tor’s network. This poses a lot of performance issues with I2P, which uses a similar concept. It has been said that these performance issues can affect anonymity.
Tor is an effective tool that can be used by people in oppressive countries such as China and Iran to maintain internet anonymity. This tool also offers some level of anonymity when browsing the internet.
I2P, which is similar to Tor, offers users an anonymous way to browse the internet. However, some security features are present on I2P that are not present on Tor. This makes I2P more suitable for the more technically-savvy users who do not mind dealing with some of its technical issues.