Abstract:
With the growing concerns for privacy, anonymous communication has been getting more and more attentions. One of the most popular anonymous communication systems is the invisible Internet project (I2P). Similar with the onion router (Tor, the most popular anonymous communication system), I2P uses garlic routing to protect the identities of both sides of a communication. The implementation of garlic routing in I2P is called tunnel, and a tunnel usually contains three hops, so every single hop in the tunnel can’t get the identities of both the sender and recipient. However, if an attacker can compromise the two endpoints of a tunnel or can simultaneously observe the traffics entering and leaving the I2P network, the attacker can use traffic analysis to correlate the sender and recipient of an I2P communication. This paper makes an analysis of security in I2P’s path selection from the perspectives of both an internal attacker and a network attacker. The results show that there still exist potential threats against I2P’s anonymity given the current I2P’s path selection algorithm.