Tor vs I2P: Key Differences, Advantages, and Terminology Compared

By Ava McKinneyOnline Safety

Introduction

Tor and Onion Routing are anonymous proxy networks that allow users to tunnel data through their networks with low latency. The two main differences between Tor and I2P are based on their threat models and the design of their exit proxy nodes (although Tor also supports hidden services, just like I2P). Additionally, Tor implements a centralized point for managing network visibility and collecting statistics, unlike I2P’s distributed network model, network database, and peer selection.

The function of exit nodes in I2P/Tor comes with several clear issues—once data leaves the network, global observers can easily monitor this traffic. Furthermore, exit nodes have access to unencrypted data in both directions, are easily identified, and are vulnerable to various real-world attacks. These are in addition to the usual security concerns we already know about.

However, many people don’t need to worry about this, as they are outside the threat model. They are also outside the (formal) boundary of I2P (if people need to create an exit node, they can do so). In fact, some I2P users use Tor as their exit node.

Tor and I2P Terminology Comparison

Although Tor and I2P are similar in many ways, their terminology differs significantly.

  • Tor Cell / I2P Message
  • Tor Client / I2P Router or Client
  • Tor Circuit / I2P Tunnel
  • Tor Directory / I2P NetDb
  • Tor Directory Server / I2P Floodfill Router
  • Tor Entry Guards / I2P Fast Peers
  • Tor Entry Node / I2P Inbound Proxy
  • Tor Exit Node / I2P Outbound Proxy
  • Tor Hidden Service / I2P Eepsite or Destination
  • Tor Hidden Service Descriptor / I2P LeaseSet
  • Tor Introduction Point / I2P Inbound Gateway
  • Tor Node / I2P Router
  • Tor Onion Proxy / I2PTunnel Client (more or less)
  • Tor Relay / I2P Router
  • Tor Rendezvous Point / Similar to I2P Inbound Gateway + Outbound Endpoint
  • Tor Router Descriptor / I2P RouterInfo
  • Tor Server / I2P Router

Advantages of Tor Over I2P

  • Significantly larger user base
  • More attention from the scientific and hacker communities; benefits from formal research on anonymity, resistance, and performance; known, non-anonymous, visible, and university-affiliated leadership
  • Has already solved a number of scaling issues that I2P has yet to address
  • Significant funding
  • More developers, including several paid contributors
  • More resilient to state-level blocking due to TLS-based transport and bridges (I2P has proposals for “fully closed paths,” but they are not yet implemented)
  • Large enough network to adapt to blocking and DOS attempts
  • Designed and optimized for exit traffic, with a large number of exit nodes
  • Better documentation, research, specifications, website, and much more translated material
  • More efficient memory usage
  • Tor clients operate with very low protocol overhead
  • Centralized control reduces the complexity of each node and can effectively handle Sybil attacks
  • A set of high-performance nodes ensures high throughput and lower latency
  • Implemented in C, not Java

Advantages of I2P Over Tor

  • Designed and optimized for hidden services, which are much faster than in Tor
  • Fully distributed and self-organizing network
  • Peers are selected based on continuous profiling and performance measurements, rather than self-reported bandwidth
  • Floodfill peers (“directory servers”) change constantly and are not trusted, unlike hardcoded directory servers in Tor
  • Small enough to avoid heavy blocking or DOS attacks
  • Provides peer-to-peer services
  • Switches packets rather than connections
  • Explicit, transparent message balancing across many peers, unlike using a single path
  • Reliability and fault tolerance through maintaining multiple parallel tunnels and rotating tunnels; each user’s connections scale as O(1) instead of O(N) (e.g., Alice maintains 2 inbound tunnels that any peer she communicates with can use, rather than a separate circuit for each peer)
  • Unidirectional tunnels instead of bidirectional circuits, doubling the number of nodes an attacker must compromise to obtain the same information
  • Protection against detection of client activity, even if the attacker participates in the tunnel, since tunnels are used not only for message transfer but also for NetDb, tunnel management, and tunnel health checks
  • I2P uses short-lived tunnels, reducing the number of samples an attacker can use for attacks, unlike Tor circuits, which typically last longer
  • I2P APIs are designed for anonymity and security, whereas SOCKS is designed for functionality
  • With rare exceptions, all peers participate in routing traffic for others
  • Full-mode operation is quite low-cost, whereas in Tor, if a client doesn’t require much bandwidth, they still don’t fully utilize the network
  • Built-in automatic update mechanism
  • Supports both TCP and UDP transport
  • Implemented in Java, not C

Other Potential, but Not Yet Implemented, Advantages of I2P

…and possibly never to be implemented, so don’t count on them:

  • Protection against message volume analysis by wrapping multiple messages into one
  • Protection against statistical analysis by adding delays at different hops (where delays are independent of other hosts)
  • Various tunnel-level padding strategies (e.g., creating a tunnel that processes 500 messages per minute, where the endpoint sends random data if there is no useful traffic, etc.)

Leave a Reply