Home / Blog / Anonymizing networks: beyond Tor

Anonymizing networks: beyond Tor

Posted on 04/14/2015, by Jesús Díaz (INCIBE)
Anonymizing networks: beyond Tor

By far, the most popular anonymizing network is Tor. The cause, and probably the consequence as well, is that its community of users, developers and researchers is also the largest. In addition, this attention has led to the occurrence of a greater number of attacks on, and the finding of more vulnerabilities in, Tor (these being practically all resolved or mitigated as far as possible). Nonetheless, they have caused the community to start paying attention to other alternatives, to find out if they are more or less robust.

However, there are few options providing both high usability and robustness, while also having a sufficiently large community of users to aid in the development and evolution of the associated software. This is because they are very complex systems, which must simultaneously provide a high level of security and a low response time or latency (if they are intended for common use), and which require a great deal of effort to maintain.

The following is a brief summary of two of the main alternatives, I2P and Freenet. It ends by listing several other systems which have yet to reach maturity or which seem to have ceased to be maintained some time ago.

I2P: The Invisible Internet Project

As an outcome of recent news about possible attacks and compromises on the Tor network, I2P has received increasing attention. Nevertheless, I2P developers recognize themselves that Tor is backed by a much larger community of users, developers and researchers. This is part of the reason that Tor has suffered more attacks and had more vulnerabilities found, although I2P has not remained completely unaffected either.

I2P is a low-latency anonymous network based on mixes (just like Tor). It develops the concept of “onion routing”, with its layers of encryption, into “garlic routing” which additionally applies encryption to more than one message. In this variant, the sender of a message can encrypt it using the public key of the recipient, but also encapsulate it together with other messages encrypted using the same key.

In I2P, all nodes have the same role, forming a totally decentralized network. Moreover, the focus is on navigation to “eepSites” (the equivalent of what Tor calls hidden services), which makes possible to establish a point-to-point encrypted connection, forming what is known as the I2P “Darknet”. This approach differs from Tor, in which there are nodes with differing roles (entry nodes, exit nodes, intermediate nodes, directories, and others), and which is also designed for accessing normal (non-hidden) websites.

Although it is possible to leave the Darknet by means of the “outproxies” in the network, this is not a primary objective or inherent part of the system (see Section III.H of the document “I2P Data Communication System”):

“I2P is not meant for anonymous Internet browsing, but for anonymous P2P communication.”

The fact that I2P is specifically designed for “eepSites” (hidden services) makes navigation more efficient in comparison with hidden services in Tor. Furthermore, in I2P it is possible to use both transmission control protocol (TCP) and user datagram protocol (UDP) as the transport layer protocol.

As cryptographic primitives, I2P uses the 2048-bit ElGamal and the 256 bit AES for encryption, DSA for signatures (although it is migrating to other algorithms, such as the ECDSA) and SHA-256 for hashing. Public keys are included in the I2P distributed database as entries known as “RouterInfo” (for routers) and “LeaseSet” (for final nodes), which each node has to consult for establishing connections.

As for the established connections, I2P by default uses two (one-way) outbound tunnels and two (one-way) inbound tunnels that change every ten minutes. For a node A to connect to a node B, node A must connect one of its outbound tunnels to one of B’s inbound tunnels (announced in its LeaseSet). The maximum number of hops or jumps for each tunnel is seven.

Nodes are also categorized into four types, depending on their availability and bandwidth, this classification being used to establish tunnels in accordance with the intended use.

- Tunnels Established in I2P Connections (Source: 12P Website) -

There is a Java implementation for I2P, which is available for Windows, Mac, some Linux distributions such as Debian and Ubuntu, BSD, Solaris and Android, and is also open source. There are other Linux distributions angled towards privacy that incorporate it as a native component, such as Tails (from version 0.7 onwards), IprediaOS and Liberté.

- Main I2P Page -


The document “Freenet: A Distributed Anonymous Information Storage and Retrieval System” describes Freenet, which is a peer-to-peer (P2P) system for publishing, copying and retrieving information that is intended to protect the identity of readers and publishers through anonymity. That is, unlike Tor and I2P, Freenet is designed not so much to render communications anonymous as to make information storage both anonymous and distributed over the pieces of equipment making up the network. In this way, availability is guaranteed, while those who access the information are also protected, since not even the machine where it is stored has access to its contents.

When a user uploads a file, the system assigns it a label. This label is used together with the user’s namespace to calculate an encryption key and a pair of asymmetric keys (known as, SSK). The symmetric key is used to encrypt the file itself, and the private key for signing it.

Moreover, another label (known as CHK) is also calculated as a hash value for the contents of the file. Users then share the file, its signature and its CHK with the other nodes in Freenet. They separately publish the label together with the CHK and the decryption key in some way (there are web repositories for this, similar to Hidden Wiki for .onion sites).

Consequently, a user wishing to retrieve a Freenet file needs to know the label, the CHK and the decryption key (for example, through the repositories mentioned above), that are then used to request the file. One advantage of Freenet is that its internal routing algorithm tends to create clusters of nodes containing files with similar search keys. Thus, the number of hops that a client has to make in order to locate a given file is optimized.

Once the file is retrieved from one of the nodes storing it, it is decrypted and its signature is verified by using the appropriate keys.

- The document “Freenet: A Distributed Anonymous Information Storage and Retrieval System” specifies information flows after a request -

This system has been implemented in Java as open source by the Freenet Project as an application for web browsers. Among its main uses, the most prominent is protection against censorship, as it is robust against denials of service (for instance, attempts to eliminate a file from the network). Also, since the information is stored in encrypted form separately from the encryption key, the nodes actually containing it can truly say that they do not know what is being stored (as is also the case with the Mega cloud storage and file hosting service, for example). Nonetheless, this brings with it the risk of its being used for the storage of illegal contents, as noted in the application itself.

- Freenet Directory of Websites -


As was mentioned above, Tor, I2P and Freenet are not the only alternatives, although they are probably the most mature and active systems at present. Other possibilities such as Mixminion or Mixmaster are also of relevance, although they do not seem to be getting active support, and may even be effectively abandoned. Likewise, Free Haven would appear not to be under active development, although it is still in use, for instance to store academic articles related to anonymity. The I2P website also lists a good number of alternatives. Finally, Dissent, for anonymous communications among groups, which is still in its early stages, but is also a system worth considering.