Most of the posts here, with regard to anonymity networks, have talked about Tor, I2P, Freenet, and/or ZeroNet. Even so, a recent commenter on the post Dos and Don’ts of the Tor Browser had said “You forgot to mention lokinet, yggdrasil, and alienet.”
Therefore, it seemed appropriate to do a series on some of the less well known anonymity networks. Yggdrasil is a fully end-to-end encrypted IPv6 network which is lightweight and autonomous. Despite being an IPv6 network, it also works over IPv4 connections as well. It takes its name from the “world tree” of Norse cosmology.
The idea behind the Yggdrasil network is to create a “decentralised internet” of sorts, independent of the internet that most people use today, which relies on ISPs. According to About | Yggdrasil, the network features several characteristics that differentiate it from traditional networks:
|End-to-end encryption for all traffic across the network||No||Yes|
|Decentralised routing information shared using a DHT||No||Yes|
|Cryptographically bound IPv6 addresses||No||Yes|
|Node is aware of its relative location to other nodes||No||Yes|
|IPv6 address remains with the device even if moved||No||Yes|
|Topology extends gracefully across different mediums, i.e. mesh||No||Yes|
They explain on their site that Yggdrasil aims to address many of the problems that occur with the topology of the internet as we know it today. As the internet has grown over time, many different networks have been “stapled together” in inefficient ways.
As a result, a number of issues have started to crop up:
- The routing tables that make up an internet “map” are gargantuan and ineffectual
- There’s no method by which a device can figure out its location on the internet relative to another
- There’s no effective way to tell where a data packet will end up without sending it
- It’s challenging to install networks into locations that are dynamic, such as wireless mesh networks
At present, ISPs handle most of these issues. The problem with this is that you’re then under your ISP’s control, and they have the ability to inspect or manipulate your internet traffic. Yggdrasil aims to mitigate many of the above problems by using a “spanning tree” topology.
The “tree” starts with a “root node” at the top, and then branches out into other nodes. All the other nodes in the network have one “parent node,” and one or more “children.” Also, each node is connected to at least one other in the network:
According to Yggdrasil’s About page, this is effectual for the following reasons:
- It lets every device on the network make the same assumptions about the topology of the network
- The use of locators for sending traffic across the network simplifies the switching layer, as forwarding does not require nodes to maintain state tables of anything beyond their own peers
- All route determination is automatic – no manual configuration of routes is required
- Devices don’t need to store lots of information about the topology of the network – in fact, storing information about only a small number of nodes is usually enough to reach the entire network
- We can bridge reliable/static networks very easily with dynamic/non-static networks without flooding large amounts of routing information between different areas (i.e. point-to-point or mesh wireless networks)
- The network responds gracefully to changes in topology without intervention, and networks can even join and split without interrupting connectivity between local nodes
They have versions available for a number of different platforms: Linux, macOS, iOS, and Windows, and instructions can be found at Installation | Yggdrasil. This includes building it from source. It should be noted, however, that Yggdrasil isn’t an “anonymity network” in the same sense as Tor, I2P, etc., though it is a decentralized network. Depending on your threat model, you should decide which type of network is most effective for you.