A comparative study between Tor and I2P anonymous communication protocols
Tor is inarguably the most popular anonymous communication protocol, providing hundreds of thousands of users around the world with privacy protection and the ability to browse the internet anonymously. On the other hand, the invisible internet project (I2P) enables applications to send messages anonymously in a secure manner via means of onion routing. Both Tor and I2P have been highly appreciated by the industry and the academic community and are also extremely welcomed by internet users. The most important difference in the design of the two protocols is that I2P attempts to shift the current internet services to I2P’s network, especially that implementation of services is possible via its frameworks, whereas Tor facilitates anonymous access in order to deploy and operate external online services separately.
A recently published paper presents a comparison between Tor and I2P in terms of design, anonymous services, key technologies, project development, and threat types. The paper highlights the essential and inherent differences between the two anonymous communication protocols. Throughout this article, we will overview the comparison presented via this paper.
Tor is a circuit based low latency overlay network. It is the most deployed protocol by hidden services across the dark web in the modern era. It has hundreds of thousands of users across more than 75 countries including military personnel, intelligence agents, journalists, human right activists, cyber criminals, and internet users concerned about their online privacy. The Tor network with its over 6,000 relay nodes provides online anonymity and privacy protection.
I2P is a packet based, high latency, anonymous overlay network. It establishes a virtual network between communicating parties, obfuscating communications from potential observers such as internet service providers, and state sponsored internet surveillance groups. I2P users include journalists, human right activists, informants, and regular users. No network can be “fully anonymous,” and I2P is designed to render deanonymization attacks more and more difficult to launch. As the network grows in size, its anonymity level will become even more powerful. I2P users can control the trade-off between anonymity and latency.
I2P is drawing on many development concepts and network technologies of Tor. The key difference between the two protocols is that I2P attempts to transfer existing internet services to the I2P network and provide service implementation within its framework, while Tor facilitates anonymous online access in order to implement and operate external internet services separately.
The key technical differences between the Tor and I2P networks include:
– The message stream in I2P replaces the cell in Tor
– The unidirectional tunnel in I2P replaces the bidirectional circuit of Tor
– I2P is packet switched rather than Tor’s circuit switched network
– Peer selection is performance based in I2P rather than Tor’s bandwidth based peer selection
Difference between Tor’s and I2P’s terminologies:
On the technical side, I2P is somewhat similar to Tor, yet its developers often use slightly different terms to point out almost the same functions. Table (1) highlights a comparison between Tor’s and I2P’s terminologies.
Table (1): Comparison between Tor’s and I2P’s terminologies
The differences between Tor’s and I2P’s technologies:
1- SOCKS/I2P API:
Tor uses Socket Secure (SOCKS) interface, so SOCKS is aware of the application order accessed via the Tor software. On the other hand, I2P serves as a middleware that provides applications with the APIs that communicate over the network, which means that the applications have to make complex adjustments via SOCKS.
2- Available applications:
Both I2P and Tor have a wide range of applications. Most I2P applications are dedicated to conferencing services within the I2P network, except Susimail/2IpMail which enables users to send and receive mail anonymously from the public internet. Moreover, via using SOCKS interface for Tor, Tor can use SOCKS with any application configured via the Tor proxy through the Tor browser bundle.
3- Message security and anonymity:
Both networks have various encryption layers, from OR (onion routers) of the Tor network to Transport layer encryption provided by the TLS connection in I2P. In the beginning of the secret, I2P also has an additional tunnel encryption. The message sent over the network is onion encrypted, which means that the connection between the user and the tunnel or circuit is always encrypted in addition to the “Secret”, i.e. as long as you interact within the I2P network, data is also end-to-end encrypted. However, in the Tor network, end-to-end encryption is not guaranteed, depending on the pass used via the transport layer agreement.
When using I2P or Tor to access the public internet, delay and bandwidth can be used as evaluation indicators. Research has shown that I2P latency is higher when issuing a simple HTTP-GET request. However, Tor provides higher bandwidth with better access to entire web pages and downloaded files.
In 50% of cases, Tor can retrieve a whole page in less than 16.99 seconds, while 50% of I2P requests take 103.19 seconds. In terms of download speed, Tor is capable of providing an average speed of 51.62 kB/s, while the average speed of I2P is 12.91 kB/s.
Increasing the number of clients participating in the anonymous network directly affects the efficiency of both Tor and I2P. Increased network traffic can cause problems such as congestion, increasing latency and reducing available bandwidth. Increasing the number of onion routers can improve latency and bandwidth.
A new peer joining the network can provide more capacity in terms of latency and bandwidth. In I2P, extra peers can be used to build tunnels, which promote anonymity. Also, extra peers can render congestion unlikely.
I2P provides a variety of applications designed for communication within the I2P network, so it has few external agents. On the other hand, Tor is designed for routing traffic outside the network, so when compared to I2P, it has more exit nodes.
Difference between Tor and I2P hidden services:
Both Tor and I2P enable the building of anonymous services, as shown in table (2) and table (3). I2P’s existing applications include most typical uses such as anonymous web browsing, anonymous web hosting, anonymous blogging, anonymous chat services, anonymous file transfers, anonymous file sharing, anonymous e-mail services, anonymous newsgroups, and others.
Hidden services provided by Tor are external services, while the hidden services provided by I2P are hosted on the built-in server. Although Tor has hidden services and I2P has exit nodes, Tor’s design aims at accessing external services, while I2P’s design aims at accessing internal services.
|Deep Web Radio||Culture, world music radio|
|TorPages||File storage, static HTML/text hosting service|
|All You’re Wiki||Anonymous service information|
|TorChat||Mail and instant messaging|
|DeepDotWeb||The best source of news and information about the dark web, and darknet marketplaces|
|Cruel Onion Wiki||Anonymous wiki|
|Onion Link||Search engine, straight through its own Tor2 web service
Access to .onion access
|Tor Book||Social media and forums, social networks|
Table (2): Examples of Tor hidden services (the study ignored all hidden services associated with illegal activities)
|Eepsites||HTTP server provided by Jetty2-based I2P peers|
|susidns||Map address book from Eepsites to target identifier|
|BOB||API to connect any app to the I2P network|
|I2PSnark||Bittorrent client as web application integration|
|Robert||I2P bittorrent client with BOB|
|I2P-bt||Command line based on the bittorrent client|
|Transmission for I2P||Bittorrent client port, spread to I2P|
|I2Phex||Gnutella client P2P I2P port, gnutella client port|
|iMule||eMule-based file sharing program|
|Susumail||Kana E-mail service, accessed by ordinary E-mail client via I2PTunnel|
|I2P-Bote||Distributed email communication system|
|I2P-Messenger||I2P instant messaging system|
|Syndiemedia (Syndie)||Blog tool|
Table (3): Examples of I2P anonymous services
Summarizing the differences between Tor and I2P:
Table (4) summarizes the main differences between the Tor and I2P protocols.
|Three-hop circuit||users can randomly configure the number of tunnels|
|Two-way circuit||One way tunnel|
|Bandwidth-based peer selection||Performance-based peer selection|
|full data directory servers||Distributed DHT (NetDB)|
|Link and layered encryption, but not end-to-end encryption||End-to-end, link and layered encryption|
|Hidden services on external TCP servers||Many hidden services are in the built-in server|
|Circuit switching||Packet switching|
|Implemented in C||Implemented in Java|
|Many exit nodes, fewer hidden services||one exit node, and many hidden services integrated|
|Transport over TCP and UDP||over TCP only|
Table (4): Summary of the difference between Tor’s and I2P’s technologies