3 min read

Overlay Network Interoperability : Circumvention Resilience With I2P Blizzard

Overlay Network Interoperability : Circumvention Resilience With I2P Blizzard

In 2019, a new I2P product framework began to take shape as a solution to create an application dashboard for people who want to specifically use apps and plugins. It would be a “privacy toolkit” with a bundled router and minimal administrative options, and a browser. It would be built out from the existing Firefox I2P In Private Browsing web extension.

Along with the email and torrenting options present in the I2P Java router software, we began thinking about what I2P could do to demonstrate its own unique capabilities and also offer support to another project.

To that end, work began on a Tor Snowflake browser plugin that would help increase the number of available Snowflakes. During 2021 the creation of Blizzard and a SAMv3 based Pluggable Transport for Tor began. The intention would be to include this as part of the new tool kit and as a standalone product.

We found ourselves facing the question of I2P and Tor being competitors and even some confusion about why we would want to work on such a project. It would not be the first time that we encountered this question and considered our own place in public perception and in our community of privacy advocates.

We felt that I2P, Tor, and other privacy-enhancing technologies shouldn’t see themselves as competing with each other, but rather competing with ever-evolving systems of surveillance that have been injected, uninvited, into all aspects of our digital lives. We find different solutions to similar problems in the same space.

I2P cannot solve the problems of blocking, censorship and privacy on its own. What it can do is consider where it stands as part of building a collaborative architecture to support censorship resistance, digital freedom and privacy.

In regions where Tor may be blocked but I2P is not, I2P can support Tor distribution. Support for Snowflake distribution applies some of I2P’s strengths to Tor and contributes to Tor and the privacy community to strengthen its overall circumvention architecture.

Where Tor has found it’s primary use-case building a trustworthy relay, guard, and exit node set for providing access to the Web, I2P has evolved into an analysis-resisting peer-to-peer network and has built- in metadata-obfuscating capabilities.

Collaborative Community Networks

In I2P, the community and the network are often one and the same, because nearly every I2P user participates in routing traffic for the other users of I2P. This is observed in the participation of routers.

If the I2P network experiences segmentation by physical separation, 2 networks form and may rejoin when they re-discover each other. This power the networks has comes from having a network architecture which embodies the beliefs of a community. Some community members participate more, but all are welcome. An anonymity network like I2P is not able to work without diversity among its participants.

The differences in approaches between I2P and Tor and their observed practical consequences have become important to understanding how I2P can affect Tor for the better and how Tor can help I2P as well.

When considering our privacy and digital rights community, we believe that focusing on interoperability is a priority.

What Is I2P Blizzard?

The plugin for Snowflake is flexible, and can provide a Snowflake proxy in many ways. However, in order to minimize enumeration risk while maximizing default utility, only one of these ways is enabled by default. This is running, and managing the runtime/lifetime of a “Native” Snowflake proxy based on contributions to the upstream `snowflake/proxy` source code. This allows I2P users to offer an efficient, transparent Snowflake proxy to those in need.

In other modes, the Snowflake plugin also presents a web site with an embedded Snowflake badge. This site can be customized and localized, but the snowflake badge will always be added to the final page. This is so that visitors to the page will become Snowflakes while they are reading the page.

In this way, services that are “cross-hosted” on I2P and on the visible internet can show their support for Snowflake publicly and encourage their visitors to get involved with the Snowflake or Cupcake browser extensions.

Some essential I2P services are cross-hosted, such as the Reseed Services and the Git Services. In the future, these could also serve as mirrors of the snowflake software or source code.

How Does Blizzard Help I2P?

I2P traffic is always using obfuscation. From a network perspective this means that it is not easy to tell how many hops are in a tunnel or where it originates or ends. I2P uses a multihop to avoid disclosing location metadata.
However, there is one important exception, and that is what I2P calls its “Reseed” process. This happens when a new user downloads the first ~70 or known peers, one of which will connect them to the larger I2P network. These reseed servers are hosted on the visible internet and contacted over the clear internet. We want to change that, and in many ways, Snowflake is an ideal prototype for a more-invisible reseed process.

Create your own Blizzard : https://github.com/eyedeekay/blizzard