The Invisible Internet Project(new window) (I2P) is an open-source, decentralized anonymizing network built on similar principles to Tor. Unlike Tor, which was primarily designed to allow anonymous browsing of the regular internet (but can also be used as a dark web), I2P is primarily designed to browse the dark web (but can also be used to access the regular internet). 

What is a dark web?

There are multiple dark webs that rely on different protocols and browsers to access them. Tor Onion Services is by far the most popular dark web (and is often considered synonymous with the term “dark web”). Other dark webs include I2P and Freenet(new window).

Learn more about Tor Onion Services

A dark web is much like the regular World Wide Web. It is a collection of websites that are connected to each other via hyperlinks. The difference between a dark web and the World Wide Web is that you can only access dark websites using special software, configurations, or authorization.

Dark webs are often confused with the deep web, but they are not the same. The deep web, also known as the invisible web or hidden web, is simply every web page not indexed by standard search engines. 

Get Proton VPN!

What is I2P?

I2P started in 2003 as a fork of Freenet. It’s similar to Tor but has improved anonymity features. Like Tor, I2P can be used to browse the regular web privately via volunteer-run outproxies (similar to Tor exit nodes), but I2P itself(new window) recommends that “Tor Browser or a trusted VPN are better options for browsing the internet privately”.

I2P instead focuses on eepsites. Similar to Tor onion websites, these are websites with a .i2p domain name that you can only access from within the I2P network. 

Although I2P is designed to be faster than Tor, page loading times can still be very slow compared to regular web pages. I2P therefore typically uses simple HTML-only designs to minimize load times. 

How I2P works

I2P is designed to improve upon the onion routing(new window) system used by Tor. When using Tor, your connection is routed through at least three random nodes, with your data being re-encrypted each time it passes through a node.

The entry node can see your real IP address, but has no access to the content of your data or what you do on the internet. If you use Tor to access the regular internet, the exit node decrypts and encrypts your data (and can therefore see it) and can see which websites you visit. But it has no idea what your real IP address is. 

If you use Tor onion services (the dark web), there is no exit node — onion sites exist within the Tor network.

How onion services work

Instead of onion routing, I2P uses what is (loosely) termed garlic routing(new window). Like onion routing, this uses multiple layers of end-to-end encryption. But it also offers some key improvements, the most important of which are:

1. Rather than being sent one by one (as they are in Tor), data packets are bundled together into cloves (hence the name “garlic routing”) before being sent through the I2P network as messages. Usually, each message contains one clove, but sometimes they contain two. This makes it harder for attackers to deanonymize you with timing attacks(new window)

In theory, this setup also brings network efficiency gains, which should result in faster page loading times.

2. Tor connections are bidirectional. That is, outgoing and incoming traffic use the same path through connected nodes. I2P, on the other hand, is unidirectional. This means that outgoing and incoming traffic use different paths, making it much harder to trace a connection back to a user.

3. The use of short-lived tunnels (instead of Tor’s much longer-lived tunnels) makes it harder for an attacker to target connections.

4. I2P uses packet switching instead of circuit switching(new window), which allows for better load balancing and resilience. In theory, it also allows for better scaling, but Tor has solved some scaling issues that I2P has yet to address

Is I2P safe?

I2P has never been anywhere as popular as Tor, and has been in sharp decline over recent years. This has a couple of important security implications:

1. Far fewer people are actively working on developing I2P, which makes it more likely that security issues will go unnoticed and unpatched. The fact that (unlike Tor(new window)) I2p relies solely on donations for funding also contributes to this problem. 

2. Arguably, the biggest weakness of Tor is that an adversary could potentially control enough (ostensibly) volunteer-run nodes(new window) to threaten the anonymity of its users. With so many fewer nodes than Tor, this kind of attack would be much easier to perform on I2P.

It’s also worth noting that I2P has never undergone a formal third party security audit. 

How to set up I2P 

On the desktop

To use I2P, you must first install the I2P router software(new window), which is available for Windows, macOS, and Linux (if installing on Linux, you’ll also need Java, if it isn’t already installed). It’s also available as a Docker image. 

Once the guided install process is complete, your default browser will open the I2P Router Console page on most desktop devices. You can also access this page by visiting 127.0.0.1:7657 in your browser when the I2P router service is running. 

This page allows you to manage and configure your I2P server, provides links to various I2P resources (such as FAQs, technical docs, and community websites), and allows you to access I2P’s built-in address book and email, BitTorrent, and web server apps.

Some of the links are to I2P pages, which are good for testing that everything works as it should, but there are no links to third-party eepsites.

To actually access eepsites, you’ll need to configure your browser’s proxy settings(new window)

On Android

The Android app is available(new window) on the Google Play Store, F-Droid, and as an APK. As with the desktop router console, the app allows you to manage and configure your I2P server settings. 

You’ll also need to configure your browser’s proxy settings. Modern versions of Chrome and Firefox for Android don’t allow you to do this, but the I2P app includes instructions for configuring some open-source Android browsers that do.

How to use I2P

While it’s possible to use I2P to access regular websites, this isn’t what it was designed for, and we don’t recommend it. To access eepsites, you first need to find some. A good place to start is the clear web(new window) search engine, I2P Search(new window)

If an eepsite isn’t already in your Addressbook, you’ll probably need the help of a jump service(new window) to connect to it.

Once you find an eepsite, you can add it to your Addressbook.

However, be prepared to find that a great many eepsites links are now long dead.

Final thoughts: I2P vs. Tor

In short, if you can access the dark web resource you’re looking for with I2P, you should use I2P. If it’s only available on Tor, then you should use Tor. You’ll most likely find that Tor gives you access to many more dark web sites.

It’s often said on the internet that Tor is better for accessing regular websites, as anonymously as possible, while I2P is better for accessing dark web content. On a technical level, there is some truth to this; I2P offers real security advantages over Tor and is faster.

However, always a niche project within an obscure area of interest (the dark web), the I2P user base is clearly in serious decline. This is demonstrated by the sheer number of dead links found on any I2P search engine or eepsite directory and by the low level of traffic found on once-popular I2P forums.

In addition to a lack of content, this presumably also means that the development of I2P (including security patches) has slowed. And as discussed above, the relatively limited number of I2P nodes also makes it much more vulnerable to attack from a powerful actor.

Tor, on the other hand, is thriving(new window)

It’s worth noting that you can improve your security(new window) when using either I2P or Tor by connecting to a reputable no-logs VPN service (such as Proton VPN) before establishing an I2p or Tor connection. 

Protect your privacy and security online
Get Proton VPN free

Related articles

Paris Olympics
The 2024 Summer Olympics in Paris begins this July. While you’ve likely already missed your chance to get a ticket and witness the best athletes from around the world in person, there are plenty of ways to enjoy the games from the comfort of your hom
Where to watch euros
Every four years, the entire continent of Europe turns its eyes to see who will be crowned as the continent’s champion of football (or soccer for the Americans).  This is the 17th edition of the UEFA European Football Championship, in which 24 natio
How to enable location services
Location services refer to a combination of technologies used in devices like smartphones and computers that use data from your device’s GPS, WiFi, mobile (cellular networks), and sometimes even Bluetooth connections to determine and track your geogr
What is AirTag stalking?
In an era of “smart devices” that often double as spy devices, AirTags are tracking tools that are open about their function and can be vital in helping locate lost items (as anyone who has lost their car keys can attest to). However, as a recent cla
How to fix a "Your connection is not safe" error
As you surf the web using your browser, you’ll no doubt encounter websites that your browser will refuse to load, instead showing some variation of an error message, such as Your connection is not private or Warning: Potential Security Risk Ahead. 
Your search history is a window into your inner life. Anyone with access to it knows what your hobbies and interests are, your sexual orientation and preferences, the things that worry you (for example your medical concerns), your political affiliati