Academic research and analysis of I2P is an important part of ensuring that the software and network performs as expected and is safe for users in hostile environments.
Recent events have prompted anonymity projects to provide specific guidelines for responsible research. We endorse the Tor Ethical Research Guidelines and incorporate them here. Please follow the Tor guidelines when researching I2P as well.
There is a large research community investigating a wide range of aspects of anonymity. For a current and comprehensive list of relevant papers, see the Free Haven Anonymity Bibliography. I2P benefits from much of the research into Tor and onion routing, but there is little dedicated research interest into the theory behind I2P, and the choices and tradeoffs that the network makes. This presents a unique opportunity for original research.
A list of known published papers about I2P is available here.
See also the Tor Research Home Page for general guidance and links.
Testing Attacks on I2P
I2P can be run as a separate test network by controlling the locations that a new router reseeds from so that it only finds other test routers.
The standard mode of operation is to have one JVM per router instance; hence running multiple copies of I2P on a single machine is inadvisable, both due to the potential resource drain and the certain port conflicts. To better facilitate setting up small test networks, I2P has a multirouter mode which enables multiple distinct routers to be run in the same JVM.
MultiRouter can be started from the i2p base directory by running the below command.
env CLASSPATH=$(find lib/ -name *.jar | paste -s -d ':') java net.i2p.re.router.MultiRouter 25
Additionally, I2P can be started in a virtual network mode. This mode disables all transports, allowing the router to be tested in isolation without network traffic. To enable this mode, add
i2p.vmCommSystem=true to the router.config before starting.
Testing the Live I2P Network
If you are planning on conducting research on the live I2P network, please contact us before you commence your testing. While we do not discourage researchers from responsibly testing their ideas on the live network, if an attack becomes apparent and we don't have any line of communication then we will end up taking countermeasures which could interfere with the test.
Router Family Configuration
As of release 0.9.25, I2P supports a router family configuration. This provides researchers who run multiple routers with the means to publicly identify those routers. In turn, this helps the I2P project understand that these routers are not running an attack on the network. It also will prevent other routers from including multiple routers of the family in a single tunnel, which could lead to deanonymization. Routers that appear to be colluding but do not have a declared family may be assumed to be an attack on the network, and may be blocked. The best way to ensure the success of your research project is to work with us.
A router family shares a private key so that participation in the family cannot be spoofed. To configure a router family, click on the 'I2P Internals' link in the router console, and then on the 'Family' tab. Follow the instructions there to generate the private key for the first router in the family. Then, export the key from that router, and import it to other members of the family.