[tor-talk] comparison of Tor and Kovri in regards to deanonymization attacks

s7r s7r at sky-ip.org
Fri Dec 7 00:12:16 UTC 2018


Hello,

bo0od wrote:
> I2P and Tor comparison:
> 
> https://geti2p.net/en/comparison/tor
> 
> Kovri and I2Pd C++ bloody war:
> 
> https://i2p.rocks/blog/kovri-and-the-curious-case-of-code-rot-part-1.html
> 
> I2P by design safer than Tor. but due to the usage and rapid development
> of Tor , I2P left behind many steps which needs long time to catch up or
> sudden magic stick effect.

I am a Tor supporter, but this is not the reason why I disapprove this
statement.

It depends from what perspective you look at it as "safer than Tor". It
does not have directory authorities, and there are no relevant points
that need to make a consensus in order to make the I2P network work, so
yes some attacker cannot take down 9 servers and disable the network,
but this does not necessarily mean is safer. I mean, Tor could any time
drop the system where known directory authorities vote for other relays
and make a consensus, in favor for a decentralized system that is
controlled only by code and cannot be shut down by seizing N servers,
but this does not happen because the directory authority system is
studied, well known, it works and we are sure it solves way more attacks
than it opens. Think about that. It's a piece of cake for Tor developers
to write code that somehow drop the directory authority consensus style
and adopt something else, but this opens huge attack surface that is not
yet well studied and well understood, so better no. I think this is a +,
not a -.

- I2P can be attacked with far less resources than Tor;
- Tor is deeply researched and various attack types and problems have
already been solved;
- Tor is larger as a network with more capacity, and more diversity;

They also have different purposes so they cannot be directly compared on
absolutely every feature, because:

- Tor is designed to allow people to access the internet (clearnet, or
better said destinations outside the Tor network) anonymously, by
routing the traffic via a chain of multiple servers, making the
trace-back to a certain  user as close to impossible as possible.

- I2P is more oriented for traffic inside the I2P network (e.g. you
cannot browse cnn.com anonymously via I2P).

It's like comparing apples with bananas. Both are good, but quite
different.

> 
> I would summaries the success of Tor over I2P with these points:
> 
> - Tor is way faster than I2P in the few past years (because I2P support
> torrenting , so the speed is slow).

That is not the reason. Tor has more network resources in terms of
servers available for users to use, it uses bandwidth weights to ensure
a server gets as much traffic as it can at least theoretically handle,
based on bandwidth authority measurements.

Tor also uses flags, in order to know what servers to pick for each
point in a given circuit.

These are the primary reasons why Tor is much faster and continues to be
reliable even when it was attacked by million of 'zombie' botnet
computers that were hidden behind Tor.

I don't think that was a good thing that happened, but I think it is a
good thing that we got through it with no problems for average users.
Even the worst critic should applause this.

> 
> - Due to the slow speed of I2P , its very unlikely you can stream or do
> heavy connections on the clearnet. Tor you can do it with even up to 1MB
> speed.

Correct.

> 
> - I2P meant to be for inproxy which is in other word it wont target/suit
> the average user. Tor is suiting the average users due to its high speed
> bandwidth and its ease interacting with the outproxy/clearnet.
> 
> - Tor has a modified browser which is a fork of firefox-esr called Tor
> Browser Bundle which is easy to click and run with Tor. I2P until now
> there is no official browser supporting it and user needs to do the
> configurations manually.

It is easy to click and run with Tor, but it also makes the privacy
oriented necessary settings so users cannot be tracked by websites. This
is important, there is much work done to remove from Firefox stuff or
configure stuff in a way that is oriented for user privacy. Tor Browser
it does not just start Tor automatically and a portable Firefox for
browsing.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20181207/cb1b8e37/attachment.sig>


More information about the tor-talk mailing list