Jump to: navigation, search

I2P

This page contains changes which are not marked for translation.



I2Pmainlogo.svg.png

Introduction[edit]

Network[edit]

The Invisible Internet Project (I2P) is an anonymous network, exposing a simple layer that applications can use to anonymously and securely send messages to each other through "tunnels". The network itself is strictly message based (IP), but there is a library available to allow reliable streaming communication on top of it (TCP). All communication is end to end encrypted (in total there are four layers of encryption used when sending a message), and even the end points ("destinations") are cryptographic identifiers (essentially a pair of public keys).[1] This is known as Garlic routing which is a variant of Onion routing and benefits from the research on the latter but makes some different tradeoffs.[2] Each client application has their I2P "router" that finds other clients by querying against the fully distributed "network database" - a custom structured distributed hash table (DHT) based off the Kademlia algorithm. Every router transports traffic for its peers which it uses as cover traffic for its own.

Read more about I2P's technical details here.

I2P is focused on creating a community around P2P darknet services rather than providing "outproxies"(exits) to the clearnet.

The I2P development team is an open group, welcome to all who are interested in getting involved, and all of the code is open source. The core I2P SDK and the current router implementation is done in Java (currently working with both sun and kaffe, gcj support planned for later), and there is a simple socket based API for accessing the network from other languages (with a C library available, and both Python and Perl in development). The network is actively being developed and has not yet reached the 1.0 release, but the current roadmap describes their schedule.

Overview on ways to use I2P with Whonix[edit]

  • You can either use inproxies inside Whonix-Workstation to browse Eepsites or install I2P inside Whonix-Workstation.
    • The inproxy method is more suited for a causal use of I2P, where you just want to anonymously view an Eepsite and don't care about eavesdroppers as long you are anonymous.
  • Using the I2P client inside Whonix-Workstation (Preferred) is safer, all I2P traffic gets tunneled through Tor, fully featured but a tiny bit more difficult than installing I2P the ordinary way, i.e. using I2P in the clear, not over Tor.

Concepts[edit]

Much of Tor's concepts carry over to I2P despite the terminology being somewhat different.

Other interesting concepts of note:

  • Tor HS "stealth mode" == I2P client whitelist[3] or using Encrypted LeaseSets[4] (I2P documentation is lacking but there are plans to improve)
  • Tor "Single Onion Service" == I2P 0-hop tunnels[5]

Searching I2P[edit]

The hidden service search engine https://ahmia.fi now supports I2P eepsites and Tor2Web plans on adding I2P support.[6]

Eepsite directories:

http://identiguy.i2p - lists all known and alive I2P websites.


Inproxies inside Whonix-Workstation[edit]

There are several I2P inproxies, those are similar to tor2web[7]. Simply use Tor Browser, which comes with Whonix by default.

Note that you will lose the end-to-end encryption to the eepsites, which I2P would provide, if you would install it directly inside Whonix-Workstation, or if you would use it the ordinary way. Depending on if the inproxy uses http (unencrypted), https (or is reachable through a hidden service), also Exit Nodes Eavesdropping applies. In any case, the I2P inproxy admin can also see all of your traffic in the I2P network and there is no way to prevent that.

List of I2P inproxy domains (bolded):


Use I2P client inside Whonix-Workstation (Preferred)[edit]

Connecting to Tor before I2P[edit]

It is possible to run I2P inside the Whonix-Workstation.
user -> Tor -> I2P -> Internet

In case you want to do that, it is recommended to read the following two related wiki articles:


Advantages:

  • Anonymity is provided by Tor.
  • I2P router console works normal inside Tor Browser. No need to install a graphical user interface on the Whonix-Gateway.
  • Eepsites (.i2p) can be reached directly from Tor Browser.
  • I2P's end-to-end encryption will be used like usual.

Warnings:

  • No Stream-Isolation Support
    • I2P does not have stream isolation support meaning that visits to Eepsites are linkable and fingerprintable; each request includes the same X-I2P-Dest* headers, which are unique only to yourself. This might be true for outproxy requests as well.
    • If you access site1.i2p and then site2.i2p, site3.i2p … and so on, each one of those operators will see the exact same X-I2P-Dest* values. Meaning if they are colluding, they will know that they were all accessed by the same person.
    • The longer you leave I2P running, the better profile those operators can build on you. The X-I2P-Dest* values only change on restart of the I2P instance or on stop/start of the HTTP Proxy tunnel. I2P has no fix for this at the moment[11][12], however someone is writing an experimental plugin to provide a stream-isolating mechanism for http-over-I2P. The si-i2p-plugin is an I2P SAM application which presents an http proxy(on port 4443 by default) that acts as an intermediate between your browser and the I2P network. It uses the SAM library to create a unique destination for each I2P site that you visit. This way, your base32 destination couldn't be used to track you with a network of colluding sites.[13]

Disadvantages:

  • Adds load to Tor.
  • Adds load to I2P.
  • It is slower than I2P directly on Whonix-Gateway or the ordinary usage.
  • No contribution to the I2P network (leeching). [14]

Installation and Setup:


Currently supported architectures include amd64, i386, armel, armhf (for Raspbian), and powerpc.

1. Before adding the repo[15], fetch the key and verify[16] fingerprints. Always check the fingerprint for yourself. The output at the moment is:

TO-DO: Update signing key info when migration from KYTV infrastructure happens.

pub  4096R/0x67ECE5605BCF1346 2013-10-10 I2P Debian Package Repository <killyourtv@i2pmail.org>
      Key fingerprint = 7840 E761 0F28 B904 7535  49D7 67EC E560 5BCF 1346

Download key with scurl to home folder.

scurl -o i2p-pubkey.asc https://geti2p.net/_static/i2p-debian-repo.key.asc

Check fingerprints/owners without importing anything.

gpg --keyid-format long --with-fingerprint i2p-pubkey.asc

If it looks good import into trusted.gpg.d.[17]

gpg --no-default-keyring --keyring ./i2p-pubkey.gpg --import i2p-pubkey.asc
sudo cp i2p-pubkey.gpg /etc/apt/trusted.gpg.d/i2p-pubkey.gpg

For default Whonix using Debian stable:

sudo su -c "echo -e 'deb http://deb.i2p2.no/ jessie main\ndeb-src http://deb.i2p2.no/ jessie main' > /etc/apt/sources.list.d/i2p-release.list"

For Whonix build using Debian Testing or Unstable (Sid):

sudo su -c "echo -e 'deb http://deb.i2p2.no/ unstable main\ndeb-src http://deb.i2p2.no/ unstable main' > /etc/apt/sources.list.d/i2p-release.list"

Update the package lists.

sudo apt-get update

Install I2P and dependencies.

sudo apt-get install i2p i2p-keyring
[18]


2. Configure I2P as a service that automatically runs when your system boots, set the amount of Ram to your needs and leave the User as i2psvc

sudo dpkg-reconfigure i2p


3. Add FoxyProxy to Tor Browser in Whonix.

Warning: Installing FoxyProxy worsens the user's browser fingerprint and adversely affects anonymity since it is not a default Tor Browser add-on. The Tor Project's anonymity warning is explicit: [19]

Can I install other Firefox extensions?

Tor Browser is free software, so there is nothing preventing you from modifying it any way you like. However, we do not recommend installing any additional Firefox add-ons with Tor Browser. Add-ons can break your anonymity in a number of ways, including browser fingerprinting and bypassing proxy settings.

When using a browser and FoxyProxy in combination, a user's web fingerprint becomes more unique. The potential fingerprinting harm to user anonymity depends on how many others are running Tor Browser in conjunction with FoxyProxy.

This configuration is so specialized that probably very few are doing it, reducing the user pool to a small subset. Due to the risk, this approach is generally recommended against. If a user decides to proceed anyhow, the tunnel configuration should not be combined with any browser other than Tor Browser (like Firefox or Chrome), due to an even greater browser fingerprinting risk.

This warning equally applies to configurations such as Tor Browser and I2P, or Tor Browser and remote (http(s)/socks4/5) proxies.

To install FoxyProxy, follow these steps in the Whonix-Workstation (Qubes-Whonix: Whonix-Workstation AppVM). [20] [21]

Make the tbb-foxyproxy config file available to Tor Browser. [22] [23]

cp /usr/share/usability-misc/tbb-foxyproxy/foxyproxy.xml /home/user/.tb/tor-browser/Browser/TorBrowser/Data/Browser/profile.default/

Navigate to addons.mozilla.org.

Tor Browser Menu -> Tools -> Add-ons

Download and install the FoxyProxy add-on. [24]

Search: "foxyproxy" -> Install: FoxyProxy Standard

Restart Tor Browser.

When prompted, select Restart now.

After restart, the FoxyProxy icon should appear in the Tor Browser toolbar and be enabled. Check you can interact with it and change proxy settings as required.

After FoxyProxy is installed, you may see an app-armory warning you about the denied creation of dconf/user. The current Debian profile for Firefox does not yet include the modern temporary file location /run/user. However, this can be safely ignored since FoxyProxy never needs access to this dconf/user. However, if you'd like give the Tor Browser permission to use tempory file directory /run/user/ and not receive the warning, edit the file

kdesudo kwrite /etc/apparmor.d/home.tor-browser.firefox

And uncomment line

# owner /run/user/[0-9]*/** rwkl,
by removing the #.

To reverse this procedure and restore the default Tor Browser fingerprint:

  • Non-Qubes-Whonix: It is best to use a VM snapshot taken before installing the add-on.
  • Qubes-Whonix: FoxyProxy should be installed to a specific Whonix-Workstation AppVM set up for proxy purposes. The AppVM can be discarded at leisure.

If Non-Qubes-Whonix users did not take a snapshot prior to these changes, Tor Browser can be downloaded again. Alternatively, FoxyProxy can be removed via the about:addons -> Extensions menu.

For further technical discussion of FoxyProxy, see the Whonix forum.


4. Start/Stop the I2P service:

Start the I2P service

sudo systemctl start i2p

Stop the I2P service

sudo systemctl stop i2p

Status of the I2P service

sudo systemctl status i2p

OPTIONAL

To run I2P manually as User:

  • Note: The config folder changes to /home/user/.i2p/

i2prouter start


Please review and adjust the bandwidth settings on the configuration page, as the default settings of 300 KB/s down / 60 KB/s up are fairly conservative.


Services[edit]

Many interesting features and functionality are implemented for I2P in the form of stand-alone packages or plugins that can be optionally installed from their official plugin eepsite. The instructions are simple to follow. The signing keys for these plugins is already built into the official I2P package and so are already white-listed. This is not a complete list.

See this page for documentation about default port numbers of I2P plugins.

I2P-Bote[edit]

I2P-Bote is a serverless, encrypted email plugin that uses I2P for anonymity. Messages are stored in the distributed hash table (DHT) for 100 days, during which the recipient is able to download them.

To back up I2P-Bote data, copy the i2pbote folder inside the I2P config directory (~/.i2p/i2pbote on Unix systems or /var/lib/i2p/i2p-config when running as a daemon).

Compartmentalize activities and only use the I2P-Bote/Susimail VM snapshot for this purpose. Generally, applications that run with a browser interface are vulnerable to a whole class of bugs, including cross-site request forgery (CSRF).[25][26]

Features:

  • A webmail interface.
  • A user interface translated into 15 languages.
  • One-click creation of email accounts (called email identities).
  • Emails can be sent either under a sender identity or anonymously.
  • 2048-bit ElGamal, 256/521-bit Elliptic Curve and NTRU-1087 encryption.
  • Transparent, automatic encryption and signing without relying on third-party software such as PGP/GnuPG.
  • Sending and receiving via relays with delay periods set by the user, similar to Mixmaster.
  • Theme support.
  • POP3 / IMAP / SMTP.
  • Cc and Bcc support.
  • Delivery confirmation.
  • Attachments.
  • Basic support for short recipient names.
  • Android support (via I2P's Android client).


Planned Features:

  • An outproxy to interoperate with clearnet mail servers.
  • Custom folders.
  • Multi-device identity syncing.
  • Support for short email addresses like myname@bote.i2p
  • HashCash as an anti-spam solution should it become a problem.
  • Lots of other small improvements.

Syndie[edit]

Syndie[27] is I2P's distributed forum software, allowing asynchronous conversations between anonymous participants. It was the focus of I2P's creator shortly before he ceased public activity. It supports single and multiple author modes, adjustable visibility of posts and post moderation. Syndie features its own minimalist and secure reader to protect against browser exploitation.

On the whole, Syndie works at the *content layer* - individual posts are contained in encrypted zip files, and participating in the forum means simply sharing these files. There are no dependencies upon how the files are transferred (over I2P, Tor, Freenet, gnutella, bittorrent, RSS, usenet, email), but simple aggregation and distribution tools are bundled with the standard Syndie release.[28]

Download Syndie from the official I2P plugin site (echelon.i2p). Its more secure than fetching from HTTPS sites on the clearnet.

After downloading, run it with:

java -jar syndie-installer-*.jar

RetroShare[edit]

RetroShare is an alternative to Syndie which can be tunneled through I2P for enhanced anonymity.

Follow the steps in this guide to connect to others over I2P.

Syncthing[edit]

Syncthing is a popular libre software for file syncing based on the bittorrent protocol. Its possible to tunnel its traffic over I2P as shown in this guide.

ZeroNet[edit]

As part of a summer coding project (as of 2016), ZeroNet is being modified to natively support tunneling over I2P.

Coming soon.


Installing I2P on Whonix-Gateway (I2P and Tor simultaneously)[edit]

both simultaneously:
user -> Tor -> Internet
user -> I2P -> Internet

development discussion:
https://forums.whonix.org/t/i2p-running-on-whonix-gateway


Footnotes[edit]

Whonix I2P documentation thread:
https://forums.whonix.org/t/whonix-i2p-documentation/1729

  1. https://geti2p.net/en/about/intro
  2. https://geti2p.net/en/research
  3. https://twitter.com/i2p/status/756952247662239744
  4. https://geti2p.net/sv/docs/how/network-database
  5. https://twitter.com/i2p/status/756948810790821888
  6. https://lists.torproject.org/pipermail/tor-talk/2016-January/039814.html
  7. https://trac.torproject.org/projects/tor/wiki/doc/tor2web
  8. * http://i2p.rocks/
  9. http://i2p2piszzzndhfvr.onion - simply append the Onion Service name after the short eepsite name, omitting the .i2p TLD as shown.
  10. http://i2p2piszzzndhfvr.onion/doku.php/start
  11. https://www.reddit.com/r/i2p/comments/579idi/warning_i2p_is_linkablefingerprintable/
  12. https://github.com/cmotc/si-i2p-plugin
  13. Sounds worse than it is. Only very few people are expected to use I2P over Tor. I2P offers those options itself. It is not like a leeching mod.
  14. https://geti2p.net/en/download/debian
  15. https://geti2p.net/_static/i2p-debian-repo.key.asc
  16. To import asc key files into trusted.gpg.d they must be converted into a .gpg keychain file first.
  17. I2P .deb Packages installation instructions from I2P's third party repository
  18. https://www.torproject.org/docs/faq.html.en
  19. The following instructions have been tested as functional in Tor Browser versions 6.5, 7.0a1 and 7.0a2 "hardened". https://lists.torproject.org/pipermail/tbb-dev/2017-February/000471.html
  20. Some users report xpinstall.signatures.required needs to be disabled in Tor Browser about:config settings to enable FoxyProxy, when it is installed from the Debian repository. This workaround is not required when installing FoxyProxy from addons.mozilla.org. https://forums.whonix.org/t/new-version-of-tbb-no-longer-accepts-foxyproxy-plugin
  21. https://github.com/Whonix/usability-misc
  22. https://github.com/Whonix/usability-misc/blob/master/usr/share/usability-misc/tbb-foxyproxy/foxyproxy.xml
  23. This procedure is safe. Since Firefox 43, all add-ons on Mozilla's servers are signed and verified. https://wiki.mozilla.org/Add-ons/Extension_Signing
  24. https://chaoswebs.net/blog/2016/12/01/Exploiting-I2P-Bote/
  25. https://chaoswebs.net/blog/2016/10/15/Stealing-Your-I2P-Email/
  26. https://www.syndie.de/
  27. https://www.syndie.de/features.html

Random News:

Want to help create awesome, up-to-date screenshots for the Whonix wiki? Help is most welcome!


Impressum | Datenschutz | Haftungsausschluss

https | (forcing) onion
Share: Twitter | Facebook | Google+

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! See Conditions for Contributions to Whonix, then Edit! IP addresses are scrubbed, but editing over Tor is recommended. Edits are held for moderation.

Whonix (g+) is a licensee of the Open Invention Network. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Libre Software license as Whonix itself. (Why?)