3. Introduction
Network
defines addressing, routing, and service model for communication between hosts
Overlay network
A network built on top of one or more existing networks
adds an additional layer of indirection/virtualization
changes properties in one or more areas of underlying network
Alternative
change an existing network layer
3
4. Definition
An overlay network is a virtual network of nodes and logical links that is
built on top of an existing network with the purpose to implement a network
service that is not available in the existing network.
4
5. Internet as an Overlay
The Internet is an overlay network
goal: connect local area networks
built on local area networks (e.g., Ethernet), phone lines
add an Internet Protocol header to all packets
5
7. Deficiencies of the Internet
The major shortcomings of Internet that make it unsuitable for directly
supporting the stringent requirements of Internet-based services without a overlay.
Outages :
Partial network outages are common on the Internet caused by misconfigured core
routers, DDoS attacks, cable cuts, power disruptions, natural calamities, and de-peering
due to a business conflict.
7
8. Deficiencies of the Internet
Congestion :
When the capacity of routers and links on the Internet are insufficient to meet the traffic
demand, congestion occurs resulting in packet loss.
Lack of scalability :
Online services require provisioning server and network resources to meet the demand
of users at all times, even during un-expected periods of peak demand and flash crowds.
Without the existence of overlays, an enterprise may deploy their online services in a
centralized fashion within a single data center and expect to serve their users from that
centralized origin infrastructure.
8
9. Deficiencies of the Internet
Slow adaptability :
Online services and their requirements evolve rapidly. However, the fundamental
architecture and protocols of the Internet are slow to change or accommodate new
primitives.
Lack of security :
Modern online services require protection from catastrophic events such as
distributed denial of service (DDoS) attacks.
9
10. Types of Overlay
caching overlay :
The ubiquitous caching overlay that aims to deliver web sites, on-demand videos, music
downloads, software downloads, and other forms of online content. Such overlays are
applicable for content that does not change over extended periods of time and is hence
cacheable. The key benefits that a caching overlay provides are greater availability,
performance, origin offload, and scalability
10
11. Types of Overlay
routing overlay :
The routing overlay that provides wide-area communication with more reliability, lesser
latency, and greater throughput than the public Internet can. Such overlays could be
used to deliver dynamic web content or live stream content that normally cannot be
cache.
security overlay:
The security overlay that increases the security and mitigates distributed denial of service
(DDoS) attacks on web sites and other online services.
11
12. Anonymous Communication Networks
Motivation
Censorship at the local, organizational, or national level
Personal privacy preferences such as preventing tracking or data mining activities
The material or its distribution is considered illegal or incriminating by
possible eavesdroppers.
Material is legal but socially deplored, embarrassing or problematic in the
individual's social world.
Fear of retribution (against whistleblowers, unofficial leaks, and activists who do not
believe in restrictions on information nor knowledge)
12
13. I2P Introduction
I2P is an anonymous network, exposing a simple layer that applications can use to
anonymously and securely send messages to each other.
The network itself is strictly message based (IP), but there is a library available to
allow reliable streaming communication on top of it.
All communication is end to end encrypted (in total there are four layers of
encryption used when sending a message), and even the end points
("destinations") are cryptographic identifiers (essentially a pair of public keys).
13
14. How does it work?
I2P makes a strict separation between the software participating in the
network (a "router") and the anonymous endpoints ("destinations")
associated with individual applications.
What is hidden is information on what the user is doing, if anything at all,
as well as what router a particular destination is connected to.
End users will typically have several local destinations on their router - for
instance, one proxying in to IRC servers, another supporting the user's
anonymous webserver ("eepsite"), another for an I2Phex instance, another
for torrents, ete.
14
15. How does it work?
Another critical concept to understand is the "tunnel". A tunnel is a directed
path through an explicitly selected list of routers.
Layered encryption is used, so each of the routers can only decrypt a
single layer.
The decrypted information contains the IP of the next router, along with the
encrypted information to be forwarded.
Messages can be sent only in one way. To send messages back, another
tunnel is required.
15
17. How does it work?
Types of tunnels :
1. Inbound : bring messages to the tunnel creator.
2. Outbound :send messages away from the tunnel creator
The gateway of an inbound tunnel can receive messages from any other
user and will send them on until the endpoint ("Bob").
The endpoint of the outbound tunnel will need to send the message on to
the gateway of the inbound tunnel.
To do this, the sender ("Alice") adds instructions to her encrypted
message.
17
18. How does it work?
Several tunnels for a particular purpose may be grouped into a "tunnel
pool“.
The pools used by the router itself are called "exploratory tunnels“.
The pools used by applications are called "client tunnels".
Tunnel lengths are specified by clients via I2CP options.
The maximum number of hops in a tunnel is 7.
To reduce the susceptibility to some attacks, 3 or more hops are
recommended for the highest level of protection.
18
19. Garlic Routing
Derived from Onion Routing.
Generally, when referring to I2P, the term "garlic" may mean one of three
things:
1. Layered Encryption
2. Bundling multiple messages together
3. ElGamal/AES Encryption
19
20. Garlic Routing
Layered Encryption
Onion routing is a technique for building paths, or tunnels, through a series of
peers, and then using that tunnel. Messages are repeatedly encrypted by the
originator, and then decrypted by each hop.
Bundling Multiple Messages
in onion multiple messages are bundled together. He called each message a
"bulb“.
Our term for garlic "bulbs" is "cloves“.
Any number of messages can be contained, instead of just a single message.
20
21. Tunnel Building and Routing
Now that we've defined various "garlic" terms, we can say that I2P uses
garlic routing, bundling and encryption in three places:
1. For building and routing through tunnels (layered encryption)
2. For determining the success or failure of end to end message delivery
(bundling)
3. For publishing some network database entries (dampening the probability of a
successful traffic analysis attack) (ElGamal/AES).
21
22. Garlic Routing
In I2P, tunnels are unidirectional. Each party builds two tunnels, one for
outbound and one for inbound traffic. Therefore, four tunnels are required
for a single round-trip message and reply.
Tunnels are built, and then used, with layered encryption.
Tunnels are a general-purpose mechanism to transport all I2NP
messages, and Garlic Messages are not used to build tunnels.
We do not bundle multiple I2NP messages into a single Garlic Message for
unwrapping at the outbound tunnel endpoint.
22
23. End-to-End Message Bundling
At the layer above tunnels, I2P delivers end-to-end messages
between Destinations.
Each client message as delivered to the router through the I2CP
interface becomes a single Garlic Clove with its own Delivery Instructions,
inside a Garlic Message.
Delivery Instructions may specify a Destination, Router, or Tunnel.
Generally, a Garlic Message will contain only one clove. However, the
router will periodically bundle two additional cloves in the Garlic Message.
23
25. End-to-End Message Bundling
A Delivery Status Message, with Delivery Instructions specifying that it be
sent back to the originating router as an acknowledgment.
A Database Store Message, containing a LeaseSet for the originating
Destination, with Delivery Instructions specifying the far-end destination's
router. By periodically bundling a LeaseSet, the router ensures that the far-
end will be able to maintain communications. Otherwise the far-end would
have to query a floodfill router for the network database entry, and all
LeaseSets would have to be published to the network database
25
26. Network Database
I2P's netDb works to share the network's metadata.
A percentage of I2P users are appointed as 'floodfill peers'. Currently, I2P
installations that have a lot of bandwidth and are fast enough, will appoint
themselves as floodfill as soon as the number of existing floodfill routers
drops too low.
If a floodfill router receives a 'store' query, it will spread the information to
other floodfill routers using the Kademlia algorithm.
26
27. Network Database
Two types of information are stored in the network database.
A Router Info stores information on a specific I2P router and how to contact it
A LeaseSet stores information on a specific destination (e.g. I2P website, e-
mail server...).
In addition, the data contains timing information, to avoid storage of old entries
and possible attacks.
27
28. Transport protocols
Then, to accommodate the need for high degree communication), I2P
moved from a TCP based transport to a UDP-based one - "Secure Semi
reliable UDP", or "SSU".
The goal of this protocol is to provide secure, authenticated, semi reliable and
unordered message delivery, exposing only a minimal amount of data easily
discernible to third parties. It should support high degree communication as
well as TCP-friendly congestion control and may include PMTU detection. It
should be capable of efficiently moving bulk data at rates sufficient for home
users. In addition, it should support techniques for addressing network
obstacles, like most NATs or firewalls.
28
29. Benefits of I2P over Tor
Designed and optimized for hidden services, which are much faster than in
Tor
Fully distributed and self organizing
Peers are selected by continuously profiling and ranking performance,
rather than trusting claimed capacity
Floodfill peers ("directory servers") are varying and untrusted, rather than
hardcoded
Small enough that it hasn't been blocked or DOSed much, or at all
Peer-to-peer friendly.
29
30. Benefits of I2P over Tor
Packet switched instead of circuit switched
implicit transparent load balancing of messages across multiple peers, rather
than a single path
resilience vs. failures by running multiple tunnels in parallel, plus rotating
tunnels
scale each client's connections at O(1) instead of O(N) (Alice has e.g. 2
inbound tunnels that are used by all of the peers Alice is talking with, rather
than a circuit for each)
Unidirectional tunnels instead of bidirectional circuits, doubling the number
of nodes a peer has to compromise to get the same information.
30
31. Benefits of I2P over Tor
Protection against detecting client activity, even when an attacker is
participating in the tunnel, as tunnels are used for more than simply
passing end to end messages (e.g. netDb, tunnel management, tunnel
testing)
Tunnels in I2P are short lived, decreasing the number of samples that an
attacker can use to mount an active attack with, unlike circuits in Tor, which
are typically long lived.
I2P APIs are designed specifically for anonymity and security, while
SOCKS is designed for functionality.
31
32. Benefits of I2P over Tor
Essentially all peers participate in routing for others
The bandwidth overhead of being a full peer is low, while in Tor, while client
nodes don't require much bandwidth, they don't fully participate in the
mixnet.
Integrated automatic update mechanism
Both TCP and UDP transports
Java, not C (ewww).
32