Tor and I2P are by far the most widely used anonymity networks all over the globe. Tor relies on centralized directory services to help understand the Tor network, as well as measure and visualize its infrastructure via the Tor Metrics project. Oppositely, I2P lacks such centralized directory servers, which renders obtaining a full view of the network a considerably challenging task.

A recently published paper presented an empirical analysis of the I2P network, which included measurement of features including population, router type, churn rate, and the geographical distribution of peers across the I2P network. Moreover, the paper proposed solutions to resist censorship of the I2P network. Throughout this article, we will outline some of the interesting information presented in this paper.

Population of peers across the I2P network

The study measured the number of unique peers and IP addresses across the I2P network. Figure (1) illustrates the number of IPv4 and IPv6 peers and IP addresses measured across the I2P network during the three-month period of study.

Figure (1): Number of unique I2P peers and IP addresses

The number of measured daily peers was shown to be stable averaging around 30.5K. An I2P peer was identified via means of a cryptographic identifier, which represents a unique hash value encapsulated within its Router Info. This cryptographic identifier is created the first time the I2P software is installed onto the machine, and never changes throughout its operational lifetime.

To obtain the number of unique IP addresses, the researchers measured all the unique IPv4 and IPv6 addresses, provided that they are supported by an I2P router, on a daily basis. Due to the fact that some peers often change their IP address, one would expect the overall number of unique IP addresses to be larger than the number of peers. Nevertheless, as shown in figure (1), the overall number of IP addresses is considerably smaller than the number of peers.

The study found out that there are around 15k unknown IP peers per day, which can be categorized into 14k firewalled peers and 4k hidden peers. Between these two categories, there were around 2.6k overlapping peers, i.e., there are 2.6K I2P peers per day that change their status between firewalled and are hidden.

Blocking resistance of the I2P network

Using the measured network data, the authors of the paper examined the blocking resistance of the I2P network against a sensor that tries to block access to I2P via means of address-based blocking strategies. Despite the decentralized nature of the I2P network, they found out that the sensor is capable of blocking around 95% of I2P peers and IP addresses by operating a total of 10 routers across the network. This will lead to profound network compromise: a blocking rate exceeding 70% is sufficient to yield considerable latency in web browsing activities, while successful blocking of more than 90% of I2P peers and IP addresses can render the network highly unstable.

The paper proposed the use of bridges as a solution to resist censor blocking of access to I2P. As oppressive regimens block local users from accessing the Tor network, Tor offers users in regions controlled by such regimens with special relay nodes known as bridges. In a similar way, I2P can utilize the bridges to help restricted users access the I2P network, along in association with a non-fingerprintable traffic pattern that is presently under development. Even though Tor users may have a hard time recruiting bridges, due to the fact that new bridges are usually found and quickly blocked. I2P has a greater potential to adopt the utilization of bridges because its decentralized and dynamic network has a high churn rate.

Even though a sensor can block a large proportion of IP addresses on the I2P network, the study has found that a small percentage of peers and IP addresses cannot be blocked at all. Observations showed that IP addresses that cannot be blocked often represent newly joined peers. As such, these new peers can be utilized as bridges to overcome censorship in restricted regions. Due to the fact that these peers are new, they are less likely to be discovered and immediately blocked by the sensor.

Final thoughts

I2P network is not extensively studied and analyzed as is the case with the Tor network. Even though I2P has a more decentralized nature than Tor, a sensor can easily block users from accessing it with very low amount of resources. Bridges can be utilized to resist I2P censorship, yet further studies are needed to prove the feasibility of using newly joined peers as effective network bridges.