Invisible Internet Project

See also: Internet | Security | Privacy | VPN

Home Page:

Acronym: I2P

What is I2P?

A generic anonymous and secure peer to peer communication layer. It is a network that sits atop another network (in this case, the Internet). It is responsible for delivering a message anonymously and securely to another location.

What does that mean?

I2P means that you can do things anonymously and host things anonymously from your computer. You will need to use programs that are designed to work with I2P. In some cases you can use regular internet programs with I2P by creating something called an I2PTunnel (explained later). A brief summary of how I2PRouting works is available.

What is the difference between I2P and the internet?

Data transferred via I2P is anonymous and encrypted. Regular internet traffic is not (although it can be encrypted). If you set up a web page using I2P, nobody will know who you are. If you browse a web page using I2P, nobody will know who you are. If you transfer files using I2P, nobody will know who you are.

What things can I do with I2P?

Everything you do with I2P is anonymous and encrypted with regard to the network. You can use I2P in several ways. Not all of the items on this list are implemented yet. You can plug internet-styled services directly into I2P such as:

You can also use I2P to anonymously do things on the regular internet via proxies such as:

  • Browsing and Hosting web pages
  • E-mail
  • Transferring and sharing files

To explain further I2P can be used in several ways. First, I2P is its own little world with I2P-web pages, I2P-instant messaging and I2P-file sharing that can only be done inside the anonymous and encrypted world of I2P.

Second, I2P can act as an anonymous proxy so that you can do things on the regular internet without compromising your identity. You can browse web sites, receive E-mail, and transfer files anonymously with standard internet sites. For this to work, some people on I2P have to offer to serve as a gateway/proxy/bridge between the world of I2P and the internet.

How anonymous is I2P anyway?

I2P is working to support militant grade anonymity but we’re not there yet. If you’d like, you can look at the source code yourself. One important thing to remember when using I2P is that it only covers anonymity at the NETWORK level. Many programs used with the internet give out information about your identity that you will need to watch out for. A short list of these include:

  • Cookies used by web browsers and servers
  • HTTP header information exchanged by web browsers and servers
  • Traditional Internet IM applications sometimes use direct connections that expose your real IP address

If you are using a program specifically designed for I2P, it will minimize the risk of your program releasing information that can identify you. You will need to be careful and check into what information your program gives out should you choose to run a standard internet application with I2PTunnel or if you choose to connect to sites on the regular internet through I2P for anonymity.


While I2P aims to be a provider of hard anonymity, as we are still early on in the I2PRoadmap, it is NOT recommended that people conduct activities that can put them at risk. There most certainly are bugs, features not yet implemented, and attacks not yet defended against. Using I2P at the moment should be for development purposes only!

Can I share files with I2P?

Not yet, but soon. Applications are being developed to support many of the popular features found on the internet for I2P including HTML/web browsing, file sharing, instant messaging and more.

As I understand it, IPv6 has support for packet-level encryption. What advantages/disadvantages does I2P have over IPv6

There are three answers to this:

  • IPv6 can provide encryption, giving data privacy, but no level of anonymity. The source of a communication is traceable, so, for example, if a health related site is compromised, the attackers can tell the IPv6 addresses that requested information about (insert disease/condition here).
  • IPv6 requires connected addresses. One can additionally build IPv6 gateways to run over email, HTTP, UUCP, etc, but the base IPv6 requires the deployment and upgrade of network infrastructure.
  • IPv6 does not natively support mobile agents – end points that move and can even be in more than one place at a time (for redundancy and efficieny purposes)

I2P provides encryption, anonymity, support for disconnected addresses, and both native and redundant agents over existing network infrastructure.

How does I2P protect itself from denial of service attacks?

For this too, there are several answers. Short summary is “the best it can”. Briefly, I2P attempts to defend against several forms of denial of service attack, all without centralized coordination. For applications using I2P, the computer they are located on is not exposed to the public, so the standard denial of service attack cannot be directly mounted against them (ala ping floods, etc). Instead, attackers are forced to go after the gateways to that application’s inbound tunnels – of which there can be many at any given time. Each gateway also has its own limits for how many messages and/or bytes it agrees to send down the tunnel. The application itself periodically tests these tunnels to make sure they’re still reachable and usable, so if one of them is taken out by an IP level attack of any kind, it will know and rebuild its leases, specifying new gateways.

To prevent individual users from consuming excessive resources (registering too many tunnels, sending too many messages, looking up too many entries in the network database, and creating too many router and destination identities), various messages and identities have a certificate attached to them. Currently these certificates are blank, but down the line they will be filled with HashCash – a computationally expensive collision based on the contents of the message or identity. They can also be filled with other certificates as deemed necessary (e.g. a blinded certificate from an anonymous certificate authority, a receipt for real currency payments, etc). It is also believed that through this certificate attachment system I2P will be able to overcome the sybil attack (

Other denial of service attacks include creating a few thousand high quality I2P routers, running them for a week, and then taking them all offline. This indeed may force the creation of islands within the network, but the underlying NetworkDb is built off of a modified Kademlia (, which should allow the network to recover with minimal overhead (though, of course, if a router has literally no other peers left after the bad ones leave, that router will need to ‘reseed‘ – fetch a reference to another router through some other mechanism).

There are many other forms of denial of service attacks, and a series of them are listed (but not yet fully described) on the I2PSecurity page – please feel free to add attacks (both DoS and other attacks) to that list!

What kind of robustness, throughput, latency etc can I currently expect from I2P?

The key word in that question is currently. Currently (Dec 22, 2003) there are significant debugging efforts going on to improve the reliability of message delivery. Sometimes the latency is as good as 1 second roundtrip for an application layer ping from a bot on a jabber server run over I2P. Sometimes we run into some of the bugs currently being tracked down and messages get lost or take 10-30s.

If you drop the ‘currently’ from the question, the reliability, throughput, and latency of the system will most certainly improve, as well as its robustness in the face of various attacks. We are still at release 0.2.3, so the software is not ready for prime time and its use should generally be considered as a way to help develop the system while we move towards the 1.0 release in a few months, as well as a time to explore and develop applications or systems to run on top of I2P.

Why does I2P require the time be correct?

See I2PTiming (

What license is I2P released under?

From the readme.txt:

All code included here is released under an open-source license. Specifically, mihi’s I2PTunnel software is released under the GPL, TheCrypto’s encryption routines (DSA, ElGamal?, SHA256) are released under the modified BSD license, Cryptix’s AES implementation is released under the Cryptix license, the Jetty servlet code (used only for compiling the phttprelay application) is under an artistic-esque license, and the rest is in the public domain. If there is any confusion, please see the source code or contact the developers on the I2P list.

This means the router and the SDK can be used and built upon for any purpose whatsoever, and the seperate I2PTunnel application can be used and built upon according to the GPL. Of course, see the licenses themselves for the details.

TakeDown.NET -> “Invisible-Internet-Project