InvisibleNet has formed the Invisible Internet Project (I2P) to support the efforts of those trying to build a more free society by offering them an uncensorable, anonymous, and secure communication system. I2P is a development effort producing a variable latency, fully distributed, autonomous, scalable, anonymous, resilient, and secure network. The goal is to be able to operate successfully in arbitrarily hostile environments - even when an organization with unlimited financial and political resources attacks it. I2P is not a filesharing app. I2P is essentially an anonymizing and secure replacement IP stack, running on top of the existing network. There has already been progress made in writing applications on top of the network to enable generic TCP/IP applications to tunnel through the network transparently, as well as to enable nym lookup and management - two applications which, when paired together, would allow any web browser to point at http://www.[yournym].iip/ and communicate with your webserver anonymously and securely. There are many more ideas for what I2P could be used for, and its certain we won't think of the most interesting ones. I2P is an absurdly ambitious effort. Depending on what mailing lists you read or people you talk with, they'll either say its impossible or just insanely hard. To be perfectly frank, I2P by itself doesn't contribute anything really significant to the CS/P2P research community, but it does take the great work of other projects and research efforts - such as freenet, iip, kademlia, mnet, tarzan, the remailers, and many, many more - and attempts to apply good software engineering techniques to provide hard anonymity and security in a variable latency network. "Variable latency" is repeated so often because I2P doesn't try to operate with a one size fits all set of anonymity and security constraints, and different people will require different tradeoffs. Bin Laden will probably not be able to pull off live streaming video, but Joe and Jane Sixpack and should be able to. Is I2P ready to download and run with? No. So why bother mentioning it? Because we need more critical eyes to make sure we address the right issues the right ways. We think we've got things pegged so that it'll not only work, but also be secure and anonymous. We're moving forward on the development path towards getting an alpha network release out the door, but we need these specs reviewed for flaws that we've missed. Of course, we also need lots of other things, from coders to documenters to QA to network simulators to CS people, but it is your eyeballs that we're calling out for today. What we have ready for review: - Invisible Internet Network Protocol (I2NP) spec[1], describing how network "routers" operate and what messages they send to other routers - Common Data Structures spec[2], describing the serialization of objects described in other specs, as well as the encryption algorithms used. - Invisible Internet Client Protocol (I2CP) spec[3], describing a simple local client protocol for making use of the network. - Polling HTTP Transport spec[4], an example transport protocol for use with I2NP to allow actual communication between routers, regardless of firewall, NAT, or HTTP proxy. We also have the 0.2 release of a software development kit (I2P SDK)[5], which includes everything necessary to design, develop, and test applications to run over the network, as well as all of the above specs. It includes a Java client API implementing I2CP, a sample application (ATalk, a one to one chat app that supports file transfer), a Java router, and a Python router. There are also C and Python client API implementations of I2CP are on the way. These router are "local only" - meaning they don't talk to other routers. This can be used in the same way we can build normal networked applications - by running the server on the local machine and pointing the applications at it. We've been keeping this quiet because its too easy to hype up a vaporware product and we wanted to wait until there was something worth reading about before saying anything. So please read these specs and send in your comments - either to info@invisiblenet.net or to the iip-dev mailing list[6]. Perhaps even jump on that list if you want to discuss things (archives are linked to from the web page), browse the wiki[7], or join us on IIP for development meetings - every tuesday at 9P GMT in #iip- dev (archives[8] since meeting 48 are pretty much I2P specific). Thanks for your time, and we look forward to any responses. - The InvisibleNet team [1] http://www.invisiblenet.net/i2p/I2NP_spec.pdf [2] http://www.invisiblenet.net/i2p/datastructures.pdf [3] http://www.invisiblenet.net/i2p/I2CP_spec.pdf [4] http://www.invisiblenet.net/i2p/polling_http_transport.pdf [5] http://www.invisiblenet.net/i2p/I2P_SDK.zip [6] http://www.invisiblenet.net/iip/devMailinglist.php [7] http://wiki.invisiblenet.net/iip-wiki?I2P [8] http://wiki.invisiblenet.net/iip-wiki?Meetings --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com