GNUnet 0.20 P2P Platform Released

The GNUnet 0.20 framework, designed for building secure decentralized P2P networks, has been released. Networks created with GNUnet have no single point of failure and are capable of ensuring the privacy of user data, preventing potential abuse by authorities or administrators with access to network nodes.

Key Features of GNUnet

• Supports P2P networks over TCP, UDP, HTTP/HTTPS, Bluetooth, and WLAN, and can operate in F2F (Friend-to-Friend) mode.
• NAT traversal is supported, including via UPnP and ICMP.
• Distributed Hash Table (DHT) can be used for data placement addressing.
• Tools are provided for deploying mesh networks.
• Selective granting and revocation of access rights is managed by the decentralized attribute exchange service reclaimID, which uses GNS (GNU Name System) and Attribute-Based Encryption.
• Low resource consumption and a multi-process architecture ensure isolation between components.
• Flexible logging and statistics collection tools are available.
• APIs for C and bindings for other programming languages are provided for application development.
• Event loops and processes are used instead of threads to simplify development.
• A test library is included for automatically deploying experimental networks with tens of thousands of peers.

Applications Built on GNUnet Technologies

• GNS (GNU Name System): A fully decentralized, censorship-resistant alternative to DNS. GNS can be used alongside DNS in traditional applications like web browsers. Unlike DNS, GNS uses a directed graph instead of a tree hierarchy. Name resolution is similar to DNS, but queries and responses remain confidential—nodes processing requests do not know the recipient, and transit nodes or third-party observers cannot decrypt queries or responses. Integrity and immutability of records are ensured by cryptographic mechanisms. DNS zones in GNS are defined using ECDSA key pairs based on Curve25519.
• Anonymous File Sharing Service: Enables file sharing without revealing information about who uploaded, searched for, or downloaded files, thanks to encrypted data transfer and the GAP protocol.
• VPN System: Allows creation of hidden services in the “.gnu” domain and tunneling of IPv4 and IPv6 over the P2P network. Supports IPv4-to-IPv6 and IPv6-to-IPv4 translation, as well as tunneling IPv4-over-IPv6 and IPv6-over-IPv4.
• GNUnet Conversation Service: Provides voice calls over GNUnet. User identification is handled by GNS, and voice traffic is transmitted in encrypted form. Anonymity is not yet provided—other peers can track connections between users and determine their IP addresses.
• Secushare: A platform for building decentralized social networks using the PSYC protocol. It supports multicast notifications with end-to-end encryption, ensuring that only authorized users can access messages, files, chats, and discussions (even node administrators cannot read messages not addressed to them).
• pretty Easy privacy: An encrypted email system that uses GNUnet to protect metadata and supports various cryptographic protocols for key verification.
• GNU Taler: A payment system that provides anonymity for buyers while tracking seller transactions for transparency and tax reporting. Supports various existing currencies and electronic money, including dollars, euros, and bitcoins.
• GNUnet Messenger: A service for creating secure chat applications. The CADET protocol (Confidential Ad-hoc Decentralized End-to-End Transport) is used to ensure confidentiality and protection against message interception, enabling fully decentralized, end-to-end encrypted group communication.

What’s New in GNUnet 0.20

The new version introduces protocol changes that break compatibility, which may cause issues when nodes running GNUnet 0.20 interact with older versions. The following updates have been made:

• Functions GNUNET_STRINGS_get_suffix_from_binary_name and GNUNET_s have been moved to the libgnuneutil library.
• New functions added: GNUNET_JSON_spec_object_const, GNUNET_JSON_spec_array_const, GNUNET_PQ_get_oid_by_name, and GNUNET_PQ_get_oid.
• Added KEM (Key Encapsulation Mechanism) API.