I2P_Developers/i2p.www
3
0
Fork 5
Code Issues 27 Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
5486e1b46d9fe2be62d2effd8fc49b4fb6fdde6b
i2p.www/i2p2www/pages/site/comparison/tor.html
zzz 2c2923893d comparison page tweaks
2016-11-11 14:59:32 +00:00

233 lines
8.3 KiB
HTML
Raw Blame History

{% extends "global/layout.html" %}
{% block title %}{{ _('I2P Compared to Tor') }}{% endblock %}
{% block lastupdated %}{% trans %}November 2016{% endtrans %}{% endblock %}
{% block content %}
<h2>Tor / Onion Routing</h2>
<i><a href="https://www.torproject.org/">[Tor]</a>
<a href="http://www.onion-router.net">[Onion Routing]</a></i>
<p>{% trans netdb=site_url('docs/how/network-database'), peerselection=site_url('docs/how/peer-selection') -%}
Tor and Onion Routing are both anonymizing proxy networks,
allowing people to tunnel out through their low latency mix
network. The two primary differences between Tor /
Onion-Routing and I2P are again related to differences in
the threat model and the out-proxy design (though Tor
supports hidden services as well). In addition, Tor
takes the directory-based approach - providing a
centralized point to manage the overall 'view' of the
network, as well as gather and report statistics, as
opposed to I2P's distributed <a href="{{ netdb }}">network
database</a> and <a href="{{ peerselection }}">peer selection</a>.
{%- endtrans %}</p>
<p>{% trans -%}
The I2P/Tor outproxy functionality does have a few
substantial weaknesses against certain attackers -
once the communication leaves the mixnet, global passive
adversaries can more easily mount traffic analysis. In
addition, the outproxies have access to the cleartext
of the data transferred in both directions, and
outproxies are prone to abuse, along with all of the
other security issues we've come to know and love with
normal Internet traffic.
{%- endtrans %}</p>
<p>{% trans -%}
However, many people don't need to worry about those
situations, as they are outside their threat model. It
is, also, outside I2P's (formal) functional scope (if people want
to build outproxy functionality on top of an anonymous
communication layer, they can). In fact, some I2P users
currently take advantage of Tor to outproxy.
{%- endtrans %}</p>
<!--
<p>See also the
<a href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ComparisonI2P">the Tor FAQ</a>
for a Tor/I2P comparison from the Tor perspective.</p>
-->
<h3>{{ _('Comparison of Tor and I2P Terminology') }}</h3>
<p>{% trans -%}
While Tor and I2P are similar in many ways, much of the terminology is different.
{%- endtrans %}</p>
<table>
<tr><th align="left">Tor<th align="left">I2P
<tr><td>{{ _('Cell') }}<td>{{ _('Message') }}
<tr><td>{{ _('Client') }}<td>{{ _('Router or Client') }}
<tr><td>{{ _('Circuit') }}<td>{{ _('Tunnel') }}
<tr><td>{{ _('Directory') }}<td>{{ _('NetDb') }}
<tr><td>{{ _('Directory Server') }}<td>{{ _('Floodfill Router') }}
<tr><td>{{ _('Entry Guards') }}<td>{{ _('Fast Peers') }}
<tr><td>{{ _('Entry Node') }}<td>{{ _('Inproxy') }}
<tr><td>{{ _('Exit Node') }}<td>{{ _('Outproxy') }}
<tr><td>{{ _('Hidden Service') }}<td>{{ _('Hidden Service') }}, {{ _('Eepsite or Destination') }}
<tr><td>{{ _('Hidden Service Descriptor') }}<td>{{ _('LeaseSet') }}
<tr><td>{{ _('Introduction point') }}<td>{{ _('Inbound Gateway') }}
<tr><td>{{ _('Node') }}<td>{{ _('Router') }}
<tr><td>{{ _('Onion Proxy') }}<td>{{ _('I2PTunnel Client (more or less)') }}
<tr><td>{{ _('Onion Service') }}<td>{{ _('Hidden Service') }}, {{ _('Eepsite or Destination') }}
<tr><td>{{ _('Relay') }}<td>{{ _('Router') }}
<tr><td>{{ _('Rendezvous Point') }}<td>{{ _('somewhat like Inbound Gateway + Outbound Endpoint') }}
<tr><td>{{ _('Router Descriptor') }}<td>{{ _('RouterInfo') }}
<tr><td>{{ _('Server') }}<td>{{ _('Router') }}
</table>
<h3>{{ _('Benefits of Tor over I2P') }}</h3>
<ul>
<li>
{% trans -%}
Much bigger user base; much more visibility in the academic and hacker communities; benefits from
formal studies of anonymity, resistance, and performance;
has a non-anonymous, visible, university-based leader
{%- endtrans %}
</li>
<li>{% trans %}Has already solved some scaling issues I2P has yet to address{% endtrans %}</li>
<li>{% trans %}Has significant funding{% endtrans %}</li>
<li>{% trans %}Has more developers, including several that are funded{% endtrans %}</li>
<li>
{% trans -%}
More resistant to state-level blocking due to TLS transport layer and bridges
(I2P has proposals for "full restricted routes" but these are not yet implemented)
{%- endtrans %}
</li>
<li>{% trans %}Big enough that it has had to adapt to blocking and DOS attempts{% endtrans %}</li>
<li>{% trans %}Designed and optimized for exit traffic, with a large number of exit nodes{% endtrans %}</li>
<li>
{% trans -%}
Better documentation, has formal papers and specifications,
better website, many more translations
{%- endtrans %}
</li>
<li>{% trans %}More efficient with memory usage{% endtrans %}</li>
<li>{% trans %}Tor client nodes have very low bandwidth overhead{% endtrans %}</li>
<li>
{% trans -%}
Centralized control reduces the complexity at each
node and can efficiently address Sybil attacks
{%- endtrans %}
</li>
<li>
{% trans -%}
A core of high capacity nodes provides higher
throughput and lower latency
{%- endtrans %}
</li>
<li>{% trans %}C, not Java (ewww){% endtrans %}</li>
</ul>
<h3>{{ _('Benefits of I2P over Tor') }}</h3>
<ul>
<li>{% trans %}Designed and optimized for hidden services, which are much faster than in Tor{% endtrans %}</li>
<li>{% trans %}Fully distributed and self organizing{% endtrans %}</li>
<li>
{% trans -%}
Peers are selected by continuously profiling and ranking performance,
rather than trusting claimed capacity
{%- endtrans %}
</li>
<li>
{% trans -%}
Floodfill peers ("directory servers") are varying and untrusted,
rather than hardcoded
{%- endtrans %}
</li>
<li>{% trans %}Small enough that it hasn't been blocked or DOSed much, or at all{% endtrans %}</li>
<li>{% trans %}Peer-to-peer friendly{% endtrans %}</li>
<li>{% trans %}Packet switched instead of circuit switched{% endtrans %}
<ul>
<li>
{% trans -%}
implicit transparent load balancing of messages
across multiple peers, rather than a single path
{%- endtrans %}
</li>
<li>
{% trans -%}
resilience vs. failures by running multiple
tunnels in parallel, plus rotating tunnels
{%- endtrans %}
</li>
<li>
{% trans -%}
scale each client's connections at O(1) instead
of O(N) (Alice has e.g. 2 inbound tunnels that are
used by all of the peers Alice is talking with,
rather than a circuit for each)
{%- endtrans %}
</li>
</ul>
</li>
<li>
{% trans -%}
Unidirectional tunnels instead of bidirectional
circuits, doubling the number of nodes a peer has to
compromise to get the same information.
{%- endtrans %}
{% trans comp=site_url('comparison/tor') -%}
Counter-arguments and further discussion <a href="{{ netdb }}">here</a>.
{%- endtrans %}
</li>
<li>
{% trans -%}
Protection against detecting client activity, even
when an attacker is participating in the tunnel, as
tunnels are used for more than simply passing end
to end messages (e.g. netDb, tunnel management,
tunnel testing)
{%- endtrans %}
</li>
<li>
{% trans -%}
Tunnels in I2P are short lived, decreasing the number
of samples that an attacker can use to mount an
active attack with, unlike circuits in Tor, which are
typically long lived.
{%- endtrans %}
</li>
<li>
{% trans -%}
I2P APIs are designed specifically for anonymity and
security, while SOCKS is designed for functionality.
{%- endtrans %}
</li>
<li>{% trans %}Essentially all peers participate in routing for others{% endtrans %}</li>
<li>
{% trans -%}
The bandwidth overhead of being a full peer is low,
while in Tor, while client nodes don't require much
bandwidth, they don't fully participate in the mixnet.
{%- endtrans %}
</li>
<li>{% trans %}Integrated automatic update mechanism{% endtrans %}</li>
<li>{% trans %}Both TCP and UDP transports{% endtrans %}</li>
<li>{% trans %}Java, not C (ewww){% endtrans %}</li>
</ul>
<h3>{{ _('Other potential benefits of I2P but not yet implemented') }}</h3>
<p>{% trans %}...and may never be implemented, so don't count on them!{% endtrans %}</p>
<ul>
<li>
{% trans -%}
Defense vs. message count analysis by garlic wrapping
multiple messages
{%- endtrans %}
</li>
<li>
{% trans -%}
Defense vs. long term intersection by adding delays
at various hops (where the delays are not discernible
by other hops)
{%- endtrans %}
</li>
<li>
{% trans -%}
Various mixing strategies at the tunnel level (e.g.
create a tunnel that will handle 500 messages / minute,
where the endpoint will inject dummy messages if there
are insufficient messages, etc)
{%- endtrans %}
</li>
</ul>
{% endblock %}
Reference in New Issue View Git Blame Copy Permalink