this release is only suitable for early adopters with some reasonable pain tolerance.
This release represents a major overhaul of the cryptographic primitives used by the system. GNUnet used RSA 2048 since its inception in 2001, but as of GNUnet 0.10.0, we are “powered by Curve25519”. Naturally, changing cryptographic primitives like this breaks backwards compatibility entirely. We have used this opportunity to implement protocol improvements all over the system. In terms of usability, users should be aware that (1) compiling GNUnet requires recent versions of libraries that were only released in December 2013 and are thus unlikely to be available in common distributions, (2) the nascent network is tiny and thus unlikely to provide good anonymity or extensive amounts of interesting information, and (3) that we had limited time to test the new code, especially in a real-world deployment. As a result, this release is only suitable for early adopters with some reasonable pain tolerance.
GNUnet is a framework for secure peer-to-peer networking. GNUnet’s primary design goals are to protect the privacy of its users and to guard itself against attacks or abuse. At this point, GNUnet offers four primary applications on top of the framework:
The file-sharing service allows anonymous censorship-resistant file-sharing. Files, searches and search results are encrypted to make it hard to control, track or censor users. GNUnet’s anonymity protocol (gap) is designed to make it difficult to link users to their file-sharing activities. Users can also individually trade-off between performance and anonymity. Despite providing anonymity, GNUnet’s excess-based economy rewards contributing users with better performance.
The VPN service allows offering of services within GNUnet (using the .gnu TLD) and can be used to tunnel IPv4 and IPv6 traffic over the P2P network. The VPN can also be used for IP protocol translation (6-to-4, 4-to-6) and it is possible to tunnel IP traffic over GNUnet (6-over-4, 4-over-6). Note that at this stage, it is possible for peers to determine the IP address at which services are hosted, so the VPN does not offer anonymity.
The GNU Name System (GNS) provides a fully-decentralized and censorship resistant replacement for DNS. GNS can be used alongside DNS and can be integrated with legacy applications (such as traditional browsers) with moderate effort. GNS provides censorship-resistance, memorable names and cryptographic integrity protection for the records. Note that at this stage, it is possible for a strong adversary to determine which peer is responsible for a particular zone, GNS does not offer strong anonymity. However, GNS offers query privacy, that is other participants can typically not decrypt queries or replies.
GNUnet Conversation allows voice calls to be made over GNUnet. Users are identified using GNS and voice data is encrypted. However, GNUnet Conversation does not provide anonymity at this stage — other peers may observe a connection between the two endpoints and it is possible to determine the IP address associated with a phone.