D@AU ~/+50°C/Opportunist/Orwell # ./.cris/pr.run
GNUnet is a new network protocol stack for building secure, distributed, and privacy-preserving applications. With strong roots in academic research, our goal is to replace the old insecure Internet protocol stack.
GNUnet is typically run as an overlay network on top of the existing Internet infrastructure forming the basis of a hybrid peer-to-peer mesh and relay backbone for applications to run on. It could just as well be run independently of the Internet, over dedicated radio and cable.
GNUnet is made for a free and open society: It's a self-organizing network and it is free software as in freedom. GNUnet puts you in control of your data. You determine which data to share with whom, and you're not pressured to accept compromises.
The Internet of tomorrow needs GNUnet today
The conventional Internet is currently like a system of roads with deep potholes and highwaymen all over the place. Even if you still can use the roads (e.g. send emails, or browse websites) your vehicle might get hijacked, damaged, or long arms might reach into its back and steal your items (data) to use it against you and sell it to others - while you can't even notice the thievery nor accuse and hold the scroungers accountable.
The Internet is broken
Protocols from Ethernet and IP to BGP and X.509 PKI are insecure by default: protecting against address forgery, routers learning metadata, or choosing trustworthy CAs is nontrivial and sometimes impossible.
GNUnet provides privacy by design, improving addressing, routing, naming and content distribution in a technically robust manner - as opposed to ad-hoc designs in place today.
Decentralization is hard
Instead of sharing common components and tools for building P2P systems, every P2P project seems to re-invent the wheel. This heightens the effort and increases the potential number of vulnerabilities.
GNUnet is a metadata-preserving foundation for your application, covering areas from addressing to reliable bidirectional Axolotl-encrypted channels, with advanced routing. Our work is based on continuous research spanning almost two decades.
Metadata is exposed
Your metadata is just as revealing as the actual content; and it gets exposed on the Internet.
Even though transport encryption is increasingly being deployed on the Internet, it still reveals data that can threaten democracy: the identities of senders and receivers, the times, frequency and the volume of communication are all still revealed.
GNUnet addresses these concerns with perfect forward secrecy via ephemeral public key addressing, fixed packet size to hinder traffic analysis, layered encryption, Sybil-resistant routing, and more.
Freedoms are not respected
Today, monitoring increasingly centralized infrastructure, proprietary implementations, traffic shapers and firewalls restrict all of the essential freedoms to various degrees.
GNUnet gives users freedoms to securely access information ("run" the network), to study all aspects of the network's operation ("access the code"), to distribute information ("copy"), as well as the freedom to deploy new applications ("modify").
Learn more about GNUnet
If you want to know more about the GNUnet please continue reading the about page. There are much more resources, such as the main handbook / reference manual, a bibliography and videos.
You are very welcome to get engaged into the conversation, install GNUnet, use it and contribute.
Be aware that this project is still in an early alpha stage when it comes to software – it is not an easy task to rewrite the whole Internet!
GNU Taler (Alpha)
GNU Taler is a new privacy-preserving electronic payment system. Payments are cryptographically secured and are confirmed within milliseconds with extremely low transaction costs.
The GNU Name System
The GNU Name System (GNS) is a fully decentralized replacement for the Domain Name System (DNS). Instead of using a hierarchy, GNS uses a directed graph. Naming conventions are similar to DNS, but queries and replies are private even with respect to peers providing the answers. The integrity of records and privacy of look-ups is cryptographically secured.
re:claimID is a decentralized Identity Provider (IdP) service built in top of the GNU Name System. It allows users to securely share personal information with websites using standardized protocols (OpenID Connect).
GNUnet filesharing is an application that aims to provide censorship-resistant, anonymous filesharing. The publisher is empowered to make a gradual choice between performance and anonymity.
GNUnet conversation is an application that provides secure voice communication in a fully decentralized way by employing GNUnet for routing and transport.
secushare is creating a decentralized social networking application on top of GNUnet. Using overlay multicast and the extensible PSYC protocol, notifications are distributed end-to-end encrypted to authorized recipients only.
pretty Easy privacy
pretty Easy privacy (p≡p) is creating a usable end-to-end encrypted e-mail solution using opportunistic key exchange. p≡p will use GNUnet to protect metadata and exploit new cryptographic protocols to verify keys.