• Posted: 2021-02-17
  • Author: zzz
  • Posted in release

0.9.49 continues the work to make I2P faster and more secure. We have several improvements and fixes for the SSU (UDP) transport that should result in faster speeds. This release also starts the migration to new, faster ECIES-X25519 encryption for routers. (Destinations have been using this encryption for a few releases now) We've been working on the specifications and protocols for new encryption for several years, and we are getting close to the end of it! The migration will take several releases to complete.

For this release, to minimize disruption, only new installs and a very small percentage of existing installs (randomly selected at restart) will be using the new encryption. If your router does "rekey" to use the new encryption, it may have lower traffic or less reliability than usual for several days after you restart. This is normal, because your router has generated a new identity. Your performance should recover after a while.

We have "rekeyed" the network twice before, when changing the default signature type, but this is the first time we've changed the default encryption type. Hopefully it will all go smoothly, but we're starting slowly to be sure.

As usual, we recommend that you update to this release. The best way to maintain security and help the network is to run the latest release.

RELEASE DETAILS

Changes

  • Build: Git migration
  • Build: Move web resources to wars
  • i2psnark WebSeed support
  • i2psnark padding file support
  • i2ptunnel: Move proxy resources to jar
  • Router: Redesign ECIES encryption for floodfills (proposal 156)
  • Router: Verify RI stores after startup
  • Router: Reduce Sybil threshold
  • Router: ECIES for new routers
  • Router: Start of ECIES migration
  • SSU: Send individual fragments of messages
  • SSU: Westwood+ congestion control
  • SSU: Fast retransmit

Bug Fixes

  • Build: Fix Gradle build
  • Crypto: Increase ratchet tag window to prevent message loss
  • I2CP: Fix encrypted leaseset combined with ECIES crypto or offline keys
  • i2ptunnel: Fix config file saving issues
  • Router: Fix leaseset request fails causing watchdog to bark
  • Router: Hidden mode fixes
  • SSU: Fix partial acks not being sent
  • SSU: Fix occasional high CPU usage

Other

  • Crypto: AES performance improvements
  • DoH: Change to RFC 8484 style
  • i2ptunnel: Remove DSA shared clients
  • Proxy: Add jump servers
  • Router: Add more countries for hidden mode
  • Router: Tunnel peer selection changes
  • Router: Move Sybil subsystem from console to router for embedded use
  • Router: Verify RI stores for a while after startup
  • Util: New unit tests
  • Translation updates

Full list of fixed bugs

SHA256 Checksums:

af4f022f3532b46dd341717fd08447007ca5217b6c88664be693cac7f71912ea  i2pinstall_0.9.49_windows.exe
1614da8703b43e5bdc55007c784f2c211d00650ae0308273605d2ddc321b807e  i2pinstall_0.9.49.jar
5164ffb6eab228b4082d203c691906faa9ff32f09f41c3cebe6d941e03b0b9f2  i2psource_0.9.49.tar.bz2
af685caf28c842be6589471ebe32fc6bd85ad3fc609f1f5e0fbcae69b5d2575f  i2pupdate_0.9.49.zip
f41a6b47d2ea6e1b0d87427a57bd99a3d7f971d57de39b425dbf5017fae156dc  i2pupdate.su3