I2P_Developers/i2p.www
3
0
Fork 5
Code Issues 27 Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
3e8bd6eba396cffaa7bca6d74f2cd2242c01011c
i2p.www/i2p2www/pages/site/about/comparison/other-networks.html

231 lines
8.4 KiB
HTML
Raw Blame History

{% extends "global/layout.html" %}
{% block title %}I2P Compared to Other Anonymous Networks{% endblock %}
{% block content %}
<p>The following networks are discussed on this page.
</p>
<ul>
<li>Morphmix and Tarzan</li>
<li>Mixminion / Mixmaster</li>
<li>JAP</li>
<li>MUTE / AntsP2P</li>
<li>Haystack</li>
</ul>
<p>Most of the following sections are fairly old, and may not be accurate.
For an overview of available comparisons, see the
<a href="{{ site_url('about/comparison') }}">main network comparisons page</a>.
You may contribute an analysis by entering a
<a href="http://{{ i2pconv('trac.i2p2.i2p') }}/report/1">new ticket on trac.i2p2.de</a>.
</p>
<h2>Morphmix and Tarzan</h2>
<i><a href="http://www.tik.ee.ethz.ch/~morphmix/">[Morphmix]</a>
<a href="http://www.pdos.lcs.mit.edu/tarzan/">[Tarzan]</a></i>
<p>Morphmix and Tarzan are both fully distributed, peer to peer networks of
anonymizing proxies, allowing people to tunnel out through the low latency
mix network. Morphmix includes some very interesting collusion detection
algorithms and Sybil defenses, while Tarzan makes use of the scarcity of IP
addresses to accomplish the same. The two primary differences between
these systems and I2P are related to I2P's <a href="{{ site_url('docs/how/threatmodel') }}">threat model</a>
and their out-proxy design (as opposed to providing both sender and receiver
anonymity). There is source code available to both systems, but we are not aware
of their use outside of academic environments.</p>
<!--
Table needs correction, disabled for now.
Comments from arma on 2010-09-14 in #nottor:
You say "maybe" under the tarzan column, because tarzan says "we hope to get this level of protection, but it is an open research question how one would get it"
then i2p says "no, all solved, we solve that one" in its column. which either means you've got a brilliant new design but have failed to articulate it or publish about it, or you are misleading people.
this table has been around, and misleading people and frustrating me, for something like 8 or 10 years now.
the fundamental problem is that for the projects that exist, you put down their current levels of protection in the table (fine), but for i2p you put down your desired level of protection (not fine)
End of comments
<p>Stealing quite directly from the Tarzan paper, the following includes a quick
comparison of Tarzan, Crowds, Onion Routing (OR), and I2P:</p>
<table>
<tr>
<td style="width: 19%;"></td>
<td style="width: 27%;" colspan="4">Bad first relay/router</td>
<td style="width: 27%;" colspan="4">Bad intermediate relay/router</td>
<td style="width: 27%;" colspan="4">Bad last relay/router</td>
</tr>
<tr>
<td>Information exposed</td>
<td><b>OR</b></td>
<td><b>Crowds</b></td>
<td><b>Tarzan</b></td>
<td><b>I2P</b></td>
<td><b>OR</b></td>
<td><b>Crowds</b></td>
<td><b>Tarzan</b></td>
<td><b>I2P</b></td>
<td><b>OR</b></td>
<td><b>Crowds</b></td>
<td><b>Tarzan</b></td>
<td><b>I2P</b></td>
</tr>
<tr>
<td>Sender activity</td>
<td>Yes</td>
<td>Maybe</td>
<td>Maybe</td>
<td><b>No</b></td>
<td>No</td>
<td>No</td>
<td>Maybe</td>
<td><b>No</b></td>
<td>No</td>
<td>No</td>
<td>No</td>
<td><b>No</b></td>
</tr>
<tr>
<td>Recipient activity</td>
<td>No</td>
<td>Yes</td>
<td>No</td>
<td><b>No</b></td>
<td>No</td>
<td>Yes</td>
<td>No</td>
<td><b>No</b></td>
<td>Yes</td>
<td>Yes</td>
<td>Yes</td>
<td><b>No</b></td>
</tr>
<tr>
<td>Sender content</td>
<td>No</td>
<td>Maybe</td>
<td>No</td>
<td><b>No</b></td>
<td>No</td>
<td>No</td>
<td>No</td>
<td><b>No</b></td>
<td>No</td>
<td>No</td>
<td>No</td>
<td><b>No</b></td>
</tr>
<tr>
<td>Recipient content</td>
<td>No</td>
<td>Yes</td>
<td>No</td>
<td><b>No</b></td>
<td>No</td>
<td>Yes</td>
<td>No</td>
<td><b>No</b></td>
<td>Yes</td>
<td>Yes</td>
<td>Yes</td>
<td><b>No</b></td>
</tr>
</table>
-->
<h2>Mixminion / Mixmaster</h2>
<i><a href="http://mixminion.net/">[Mixminion]</a>
<a href="http://mixmaster.sourceforge.net/">[Mixmaster]</a></i>
<p>Mixminion and Mixmaster are networks to support anonymous email against a very
powerful adversary.
High-latency messaging applications running on top of I2P
(for example
<a href="http://syndie.i2p2.de/">Syndie</a> or
I2PBote)
may perhaps prove adequate to meet the threat
model of those adversaries, while running in parallel along side the needs of low latency users, to provide
a significantly larger anonymity set.
High-latency support within the I2P router itself may or may not be added in a distant future release.
It is too early to say if I2P will meet the needs of users requiring extreme protection for email.
</p>
As with Tor and Onion Routing,
both Mixminion and Mixmaster take the directory based approach as well.</p>
<h2>JAP</h2>
<i><a href="http://anon.inf.tu-dresden.de/index_en.html">[JAP]</a></i>
<p>JAP (Java Anonymous Proxy) is a network of mix cascades for anonymizing web requests,
and as such it has a few centralized nodes (participants in the cascade) that blend
and mix requests from clients through the sequence of nodes (the cascade) before
proxying out onto the web. The scope, threat model, and security is substantially
different from I2P, but for those who don't require significant anonymity but still
are not satisfied with an Anonymizer-like service, JAP is worth reviewing. One
caution to note is that anyone under the jurisdiction of the German courts may want
to take care, as the German Federal Bureau of Criminal Investigation (FBCI) has
successfully mounted an
<a href="http://www.datenschutzzentrum.de/material/themen/presse/anonip3_e.htm">attack</a>
on the network. Even though the method of this attack was later found to be illegal
in the German courts, the fact that the data was successfully collected is the
concern. Courts change their minds based upon circumstance, and this is evidence that
if a government body or intelligence agency wanted to, they could gather the data, even
if it may be found inadmissible in some courts later)</p>
<h2>MUTE / AntsP2P</h2>
<i><a href="http://mute-net.sourceforge.net/">[MUTE]</a>
<a href="http://www.myjavaserver.com/~gwren/home.jsp?page=custom&xmlName=ants">[AntsP2P]</a></i>
<p>Both of these systems work through the same basic
<a href="http://citeseer.ist.psu.edu/57701.html">antnet</a> routing, providing some degree of
anonymity based on the threat model of providing plausible deniability against a simple
non-colluding adversary. With the antnet routing, they first either do a random walk or a
broadcast search to find some peer with the data or identity desired, and then use a feedback
algorithm to optimize that found path. This works well for applications that merely want to know
what other people around them have to offer - "How are y'all doing" vs. "Hey Alice, how are you" -
you basically get a local cluster of nodes that can share files with and maintain some degree of
anonymity (though you don't have much control over who is in that group of peers).</p>
<p>However, the algorithm does not scale well at all - if the application wants to speak with a
particular peer it ends up doing a broadcast search or random walk (though if they are lucky enough
for that to succeed, the antnet routing should optimize that found connection). This means that
while these networks can work great at small scales, they are not suitable for large networks where
someone wants to get in touch with another specific peer. That does not mean that there is no
value in these systems, just that their applicability is limited to situations where their
particular issues can be addressed.</p>
<h2>Haystack</h2>
<p>
This was a closed-source network targeted at Iranian users.
Tor did a
<a href="http://blog.torproject.org/blog/ten-things-look-circumvention-tool">good writeup on what to look for in a circumvention tool</a>.
Suffice it to say that being closed source and publicly targeting a specific country are not good ideas.
I2P is, of course, open source. However, that source, and our
<a href="{{ site_url('docs') }}">technical documentation</a>, need much more review.
</p>
<h2>Paid VPN Services</h2>
<p>
You may contribute an analysis by entering a
<a href="http://{{ i2pconv('trac.i2p2.i2p') }}/report/1">new ticket on trac.i2p2.de</a>.
</p>
<h2>Others</h2>
<p>
You may contribute an analysis by entering a
<a href="http://{{ i2pconv('trac.i2p2.de') }}/report/1">new ticket on trac.i2p2.de</a>.
</p>
{% endblock %}
Reference in New Issue View Git Blame Copy Permalink