I2P_Developers/i2p.www
3
0
Fork 5
Code Issues 27 Pull Requests Actions 1 Packages Projects Releases Wiki Activity

how_intro, jbigi, links

Browse Source
This commit is contained in:
zzz
2010-10-04 23:49:51 +00:00
parent 5176b9654b
commit ba6151d090
8 changed files with 87 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
www.i2p2/pages/how_intro.html
View File

@ -1,13 +1,10 @@
{% extends "_layout.html" %}
{% block title %}Introduction to How I2P Works{% endblock %}
{% block content %}<i>Note: the "how" documents have not been fully updated to include several changes
including the new
<a href="tunnel-alt.html">tunnel
routing and encryption</a> algorithms, addressing <a href="todo#tunnelId">several</a>
<a href="todo#tunnelLength">issues</a> (with the groundwork for addressing
<a href="todo#ordering">others</a>), and other changes.</i>
{% block title %}A Gentle Introduction{% endblock %}
{% block content %}
<p>I2P is an effort to build, deploy, and maintain a network to support secure and anonymous
<h2>A Gentle Introduction to How I2P Works</h2>
<p>I2P is a project to build, deploy, and maintain a network supporting secure and anonymous
communication. People using I2P are in control of the tradeoffs between anonymity, reliability,
bandwidth usage, and latency. There is no central point in the network on which pressure can be
exerted to compromise the integrity, security, or anonymity of the system. The network supports
@ -27,8 +24,8 @@ or even taken over to attempt more malicious attacks.</p>
<p>The network itself is message oriented - it is essentially a secure and anonymous IP layer,
where messages are addressed to cryptographic keys (Destinations) and can be significantly larger
than IP packets. Some example uses of the network include "eepsites" (webservers hosting normal web
applications within I2P), a <a href="http://bitconjurer.org/BitTorrent/">BitTorrent</a> port ("I2PSnark"),
or a distributed data store. With the help of mihi's <a href="i2ptunnel">I2PTunnel</a> application,
applications within I2P), a BitTorrent client ("I2PSnark"),
or a distributed data store. With the help of the <a href="i2ptunnel">I2PTunnel</a> application,
we are able to stream traditional TCP/IP applications over I2P, such as SSH, IRC, a squid proxy, and
even streaming audio. Most people will not use I2P directly, or even need to know they're using it.
Instead their view will be of one of the I2P enabled applications, or perhaps as a little controller
@ -60,7 +57,7 @@ messages. Client applications have their own cryptographic identifier ("Destina
to send and receive messages. These clients can connect to any router and authorize the temporary
allocation ("lease") of some tunnels that will be used for sending and receiving messages through the
network. I2P has its own internal <a href="how_networkdatabase">network database</a> (using a modification of
the Kademlia algorithm) for scalable distributing routing and contact information securely.</p>
the Kademlia algorithm) for distributing routing and contact information securely.</p>
<center><div class="box"><img src="_static/images/net.png" alt="Network topology example" title="Network topology example" /></div></center><br/>
@ -69,7 +66,7 @@ the Kademlia algorithm) for scalable distributing routing and contact informatio
local router. They each have a pair of 2-hop inbound tunnels per destination (labeled 1,2,3,4,5 and 6),
and a small subset of each of those router's outbound tunnel pool is shown with 2-hop outbound tunnels.
For simplicity, Charlie's inbound tunnels and Dave's outbound tunnels are not shown, nor are the rest of
each router's outbound tunnel pool (typically stocked with 5-10 tunnels at a time). When Alice and Bob
each router's outbound tunnel pool (typically stocked with a few tunnels at a time). When Alice and Bob
talk to each other, Alice sends a message out one of her (pink) outbound tunnels targeting one of Bob's
(green) inbound tunnels (tunnel 3 or 4). She knows to send to those tunnels on the correct router by querying the
network database, which is constantly updated as new leases are authorized and old ones expire.</p>
@ -123,10 +120,8 @@ The size of the network (N) bears no impact.</p>
<p>I2P initially began in Feb 2003 as a proposed modification to
<a href="http://freenetproject.org">Freenet</a> to allow it to use alternate transports, such as
<a href="http://java.sun.com/products/jms/index.jsp">JMS</a>, then grew into its own as an
'anonCommFramework' in April 2003, turning into I2P in July, with code being cut in earnest in August '03,
reaching the 0.2 release in September, 0.3 in March '04, and 0.4 in September '04.
Release 0.5 followed in early '05 and 0.6 in mid-'05.
I2P is currently moving forward according to
'anonCommFramework' in April 2003, turning into I2P in July, with code being written in earnest starting in August '03.
I2P is currently under development, folllowing
the <a href="roadmap">roadmap</a>.</p>
<h2>Who?</h2>
@ -136,8 +131,8 @@ who would like to contribute in other ways, such as critiques, peer review, test
applications, or documentation. The entire system is open source - the router and most of the SDK are
outright public domain with some BSD and Cryptix licensed code, while some applications like I2PTunnel
and I2PSnark are GPL. Almost everything is written in Java (1.5+), though some third party applications
are being written in Python. The code works on <a href="http://java.com/en/">Sun Java SE</a>, on the current <a href="http://www.kaffe.org/">Kaffe</a>, and
we are hoping to get it working on <a href="http://gcc.gnu.org/java/">GCJ</a> sooner rather than later.</p>
are being written in Python and other languages. The code works on <a href="http://java.com/en/">Sun Java SE</a> and other Java Virtual Machines.
</p>
<h2>Where?</h2>
<p>Anyone interested should
@ -146,4 +141,10 @@ There are currently no scheduled development meetings, however
<a href="meetings">archives are available</a>.</p>
<p>The current source is available in <a href="monotone.html">monotone</a>.</p>
<h2>Additional Information</h2>
<p>
See <a href="how.html">the Index to Technical Documentation</a>
</p>
{% endblock %}

7
www.i2p2/pages/how_intro_de.html
View File

@ -1,11 +1,6 @@
{% extends "_layout_de.html" %}
{% block title %}Einf&uuml;hrung in die Arbeitsweise von I2P{% endblock %}
{% block content %}<i>Hinweis: Dieses "How" Dokument ist noch nicht vollst&auml;ndig aktualisiert
und enth&auml;lt noch nicht die diversen &Auml;nderungen wie di neuen <a href="tunnel-alt.html">Tunnel
Routing und Verschl&uuml;sselungs </a>Algorhytmen, die <a href="todo#tunnelId">verschiedene</a>
<a href="todo#tunnelLength">Probleme</a> (inclusive ben&ouml;tigten Grundlagen, die
<a href="todo#ordering">andere</a>Probleme behoben) behoben haben,
und weitere &Auml;nderungen.</i>
{% block content %}
<p>I2P ist ein Projekt, welches ein Netzwerk zum sicheren und anonymen Kommunizieren planen, aufbauen
und betreuen wird. Nutzer von I2P haben die Kontrolle &uuml;ber die Verteilung zwischen Anonymit&auml;t,

15
www.i2p2/pages/how_threatmodel.html
View File

@ -132,14 +132,15 @@ defeat this attack exist, but may be prohibitively expensive (see:
<a href="http://citeseer.ist.psu.edu/freedman02tarzan.html">Tarzan</a>'s mimics
or constant rate traffic). Most users are not concerned with this attack, as
the cost of mounting it are extreme (and often require illegal activity).
However, the attack is still possible, and those who want to defend against it
would want to make appropriate countermeasures, such as not communicating with
unknown destinations, not publishing one's current leaseSet in the network
database, actively rerouting the associated tunnels 'mid stream', throttling the
inbound tunnels themselves, and/or using restricted routes with trusted links
to secure the local connection.
However, the attack is still possible, for example by an observer at
a large ISP or an Internet exchange point.
Those who want to defend against it
would want to take appropriate countermeasures, such as
setting low bandwidth limits, and using unpublished or encrypted leasesets for eepsites.
Other countermeasures, such as nontrivial delays and restricted routes, are
not currently implemented.
</p><p>
As a partial defense against routers trying to route all the network's traffic,
As a partial defense against a single router or group of routers trying to route all the network's traffic,
routers contain limits as to how many tunnels can be routed through a single peer.
As the network grows, these limits are subject to further adjustment.
Other mechanisms for peer rating, selection and avoidance

65
www.i2p2/pages/jbigi.html
View File

@ -1,10 +1,41 @@
{% extends "_layout.html" %}
{% block title %}jbigi{% endblock %}
{% block content %}<p>Using JNI (Java Native Interface), a bit of C code (thanks ugha!), a little
manual work and a piece of chewing gum it is possible to make the public key
cryptography quite a bit faster.</p>
{% block content %}
<h2>Requirements</h2>
Updated October 2010, current as of router version 0.8
<h2>Overview</h2>
<p>Using JNI (Java Native Interface), a bit of C code (thanks ugha!), a little
manual work and a piece of chewing gum we have made several
cryptography operations quite a bit faster.</p>
<p>
The speedup comes from the super-fast
<a href="http://gmplib.org/">GNU MP Bignum library (libgmp)</a>.
We use a single function from libgmp -
<a href="http://gmplib.org/manual-4.3.2/Integer-Exponentiation.html#Integer-Exponentiation">mpz_powm()</a>
as a replacement for the
<a href="http://download.oracle.com/javase/1.5.0/docs/api/java/math/BigInteger.html#modPow%28java.math.BigInteger,%20java.math.BigInteger%29">Java Math library's BigInteger modPow()</a>.
As modPow() is a significant computational portion of many crypto operations, this is of significant benefit.
</p>
<p>
The standard I2P installation includes about 20 versions of the library for different platforms,
each about 50KB, inside the jbigi.jar file.
The initialization of the JBigI library, including CPU identification, selection, and extraction
of the correct loadable module, is handled by the
<a href="http://docs.i2p2.de/javadoc/net/i2p/util/NativeBigInteger.html">NativeBigInteger class</a>.
If no module is available for the current platform, the standard
<a href="http://download.oracle.com/javase/1.5.0/docs/api/java/math/BigInteger.html#modPow%28java.math.BigInteger,%20java.math.BigInteger%29">Java Math library's BigInteger modPow()</a>
is used.
</p>
<h2>Rebuilding and Testing JBigI</h2>
Following are the instructions to build a new jbigi library for your own platform
and testing its performance.
<h3>Requirements</h3>
<p>This works on Linux, and with a few changes in build.sh probably also on
other platforms. FreeBSD has also been reported to work too. On Kaffee the
speedup is very small, because it already uses native BitInteger internally.
@ -20,16 +51,16 @@ your processor. The latest GMP may also
be used instead of GMP 4.2.2, but it hasn't been tested by us.
</p>
<h2>Step-by-step instructions</h2>
<h3>Step-by-step instructions</h3>
<ol>
<li>Look at <a href="http://localhost:7657/logs.jsp">your wrapper logs</a>,
at the point where I2P first starts. There should be one of two messages - either
<li>Look at <a href="http://localhost:7657/logs.jsp">your running environment on the logs.jsp page</a>.
There should be one of two status messages for JBigI - either
<tt>
INFO: Locally optimized native BigInteger loaded from the library path
Locally optimized native BigInteger loaded from the library path
</tt>
or
<tt>
INFO: Native BigInteger library jbigi not loaded - using pure java</tt>.
Native BigInteger library jbigi not loaded - using pure java</tt>.
If the native BitInteger library was NOT loaded, you definitely need to
compile your own.
Certain platforms, such as OS X, OpenSolaris, and 64-bit systems,
@ -37,7 +68,7 @@ may require you to compile your own library.
If the BigInteger library was loaded, do at least the next step to see
what your performance is.
</li>
<li>Look on <a href="http://localhost:7657/oldstats.jsp">http://localhost:7657/oldstats.jsp</a>
<li>Look on <a href="http://localhost:7657/stats.jsp">http://localhost:7657/stats.jsp</a>
to see what the lifetime average values for <code>crypto.elGamal.decrypt</code> and
<code>crypto.elGamal.encrypt</code> are. The numbers are times in milliseconds. Copy these somewhere so you can compare
them later on.
@ -82,10 +113,20 @@ report.</li>
<li>Copy <code>libjbigi.so</code> to your i2p directory</li>
<li>Restart your I2P programs.</li>
<li>On
<a href="http://localhost:7657/oldstats.jsp">http://localhost:7657/oldstats.jsp</a>
<a href="http://localhost:7657/stats.jsp">http://localhost:7657/stats.jsp</a>
the <code>crypto.elGamal.decrypt</code> and <code>crypto.elGamal.encrypt</code>
should be a lot faster.</li>
</ol>
<p>Feedback is appreciated</p>
<h2>To Do</h2>
In the official packages,
the CPUID and JBigI code has not been updated or rebuilt in several years.
The packages include builds for windows, freebsd, and linux x86, and OSX PPC.
We currently have no support for Intel Macs, 64 bit, or a number of new processors.
The bundled GMP mpz_powm() is from libgmp 4.1.4 which is several years old.
This is primarily a compiling and testing effort.
A detailed TODO list is on <a href="http://zzz.i2p/topics/306">zzz.i2p (internal link)</a>.
{% endblock %}

4
www.i2p2/pages/jbigi_de.html
View File

@ -41,7 +41,7 @@ generell, das du die Bibliothek selber kompilierst.
Falls die BigInteger Bibliothek geladen wurde, schaue zumindest mit dem
letzten Schritt nach, wie deine Performance ist.
</li>
<li>Schaue auf <a href="http://localhost:7657/oldstats.jsp">http://localhost:7657/oldstats.jsp</a>
<li>Schaue auf <a href="http://localhost:7657/stats.jsp">http://localhost:7657/stats.jsp</a>
um deine Durchschnittszeiten seit dem Start von I2P f&uuml;r <code>crypto.elGamal.decrypt</code>
und <code>crypto.elGamal.encrypt</code> abzulesen. Diese Zahlen sind Zeiten in Millisekunden.
Notiere dir diese Werte zum sp&auml;teren Vergleich.
@ -82,7 +82,7 @@ gebe uns das bitte bekannt.</li>
<li>Kopiere die <code>libjbigi.so</code> in dein i2p Verzeichnis</li>
<li>Restarte deinen I2P Router.</li>
<li>Auf
<a href="http://localhost:7657/oldstats.jsp">http://localhost:7657/oldstats.jsp</a>
<a href="http://localhost:7657/stats.jsp">http://localhost:7657/stats.jsp</a>
sollten <code>crypto.elGamal.decrypt</code> und <code>crypto.elGamal.encrypt</code>
erheblich schneller sein.</li>
</ol>

1
www.i2p2/pages/links.html
View File

@ -6,6 +6,7 @@
<ul>
<h4>Friends of I2P</h4>
<li><a href="http://anomos.info/">Anomos Pseudonymous Encrypted Bittorrent</a></li>
<li><a href="http://www.eff.org/">EFF</a></li>
<li><a href="http://www.abenteuerland.at/onioncat/">Onioncat</a></li>
<li><a href="http://www.pegasusnk.org/">The Pegasus Project</a></li>
<li><a href="http://telecomix.org/">Telecomix</a></li>

1
www.i2p2/pages/links_de.html
View File

@ -6,6 +6,7 @@
<ul>
<h4>Friends of I2P</h4>
<li><a href="http://anomos.info/">Anomos Pseudonymous Encrypted Bittorrent</a></li>
<li><a href="http://www.eff.org/">EFF</a></li>
<li><a href="http://www.abenteuerland.at/onioncat/">Onioncat</a></li>
<li><a href="http://www.pegasusnk.org/">The Pegasus Project</a></li>
<li><a href="http://telecomix.org/">Telecomix</a></li>

1
www.i2p2/pages/links_zh.html
View File

@ -8,6 +8,7 @@
<ul>
<h4> I2P 友好项目</h4>
<li><a href="http://anomos.info/">Anomos Pseudonymous Encrypted Bittorrent</a></li>
<li><a href="http://www.eff.org/">EFF</a></li>
<li><a href="http://www.abenteuerland.at/onioncat/">Onioncat</a></li>
<li><a href="http://www.pegasusnk.org/">The Pegasus Project</a></li>
<li><a href="http://telecomix.org/">Telecomix</a></li>