{% extends "_layout.html" %} {% block title %}NTCP{% endblock %} {% block content %} Updated August 2010 for release 0.8

NTCP (NIO-based TCP)

NTCP is one of two transports currently implemented in I2P. The other is SSU. NTCP is a Java NIO-based transport introduced in I2P release 0.6.1.22. Java NIO (new I/O) does not suffer from the 1 thread per connection issues of the old TCP transport.

By default, NTCP uses the IP/Port auto-detected by SSU. When enabled on config.jsp, SSU will notify/restart NTCP when the external address changes or when the firewall status changes. Now you can enable inbound TCP without a static IP or dyndns service.

The NTCP code within I2P is relatively lightweight (1/4 the size of the SSU code) because it uses the underlying Java TCP transport.

NTCP Protocol Specification

Standard Message Format

The NTCP transport sends individual I2NP messages AES/256/CBC encrypted with a simple checksum. The unencrypted message is encoded as follows: 

 *  +-------+-------+--//--+---//----+-------+-------+-------+-------+
 *  | sizeof(data)  | data | padding | Adler checksum of sz+data+pad |
 *  +-------+-------+--//--+---//----+-------+-------+-------+-------+
That message is then encrypted with the DH/2048 negotiated session key (station to station authenticated per the EstablishState class) using the last 16 bytes of the previous encrypted message as the IV.

0-15 bytes of padding are required to bring the total message length (including the six size and checksum bytes) to a multiple of 16. The maximum message size is currently 16 KB. Therefore the maximum data size is currently 16 KB - 6, or 16378 bytes. The minimum data size is 1.

Time Sync Message Format

One special case is a metadata message where the sizeof(data) is 0. In that case, the unencrypted message is encoded as: 

 *  +-------+-------+-------+-------+-------+-------+-------+-------+
 *  |       0       |      timestamp in seconds     | uninterpreted             
 *  +-------+-------+-------+-------+-------+-------+-------+-------+
 *          uninterpreted           | Adler checksum of bytes 0-11  |
 *  +-------+-------+-------+-------+-------+-------+-------+-------+
Total length: 16 bytes. The time sync message is sent at approximately 15 minute intervals.

Establishment Sequence

In the establish state, the following communication happens. There is a 2048-bit Diffie Hellman exchange. For more information see the cryptography page. 
 * Alice                   contacts                      Bob
 * =========================================================
 *  X+(H(X) xor Bob.identHash)----------------------------->
 *  <----------------------------------------Y+E(H(X+Y)+tsB, sk, Y[239:255])
 *  E(#+Alice.identity+tsA+padding+S(X+Y+Bob.identHash+tsA+tsB+padding), sk, hX_xor_Bob.identHash[16:31])--->
 *  <----------------------E(S(X+Y+Alice.identHash+tsA+tsB)+padding, sk, prev)
Todo: Explain this in words.

Check Connection Message

Alternately, when Bob receives a connection, it could be a check connection (perhaps prompted by Bob asking for someone to verify his listener). Check Connection is not currently used. However, for the record, check connections are formatted as follows. A check info connection will receive 256 bytes containing:

Discussion

Now on the NTCP Discussion Page.

Future Work

The maximum message size should be increased to approximately 32 KB.

{% endblock %}