What is a “P2P VPN”?

Those who remember Napster, or who have since torrented media files, will certainly be familiar with the term “P2P.” Maybe lesser known is the fact that P2P (or peer-to-peer) networks have a wide range of applications, including communications, collective research, and physical resource sharing. So how does a peer-to-peer network work exactly, and where do VPNs (or Virtual Private Networks) come into the picture?

Technically, the terms “P2P” and “VPN” are both types of networks, but they have distinct objectives: decentralized resource-sharing (P2P) and data anonymization (VPN). So we would like to clear this issue up. If you’re searching for a “P2P VPN” on the market, you won’t find many. But don’t worry, what you’re basically looking for is a decentralized VPN (dVPN), since both P2Ps and dVPNS are decentralized.

Fortunately, dVPNs are now commercially available to provide more robust privacy protections than traditional VPNs. As we will see, the way that most mainstream VPN services centralize our data makes us vulnerable to data breaches, cyber attacks, and government disclosure requests. dVPNs can avoid this with a decentralized routing architecture, even if it is not strictly speaking “peer-to-peer,” or a real “P2P VPN.”

In this article, we will go through how P2P networks operate on a client-to-client model, how their innovations in decentralized networks paved the way for newer dVPNs, and how the two might be best used together for optimal privacy.

Read this article to discover what is a Mixnet and how it powers NymVPN.

What is a P2P network?

P2P stands for “peer-to-peer.” It refers to a decentralized network in which any “peer” in the network is both a client and a server. A P2P exchange is done without the need for any centralized server to route user data. Rather, numerous and decentralized peers offer up their resources to be used, accessed, and acquired by other users (who are also peers). This promises a more collective form of online resource sharing.

The types of resources that can be shared through a P2P network are quite diverse. It could simply be data files, communications, and information. Music and video files are perhaps the most familiar types of resources to be shared on a P2P network. But this can also include more complex, collective capacities such as computer processing power, digital storage, and network bandwidth.

Examples of P2P networks

P2P architectures have been applied to a wide variety of digital tasks:

• File sharing platforms, starting with the now defunct Napster and living on in other torrent programs, are the most well-known P2P platforms. The Pirate Bay was not really a P2P network, but rather a torrent indexing site linking users to available media through its own unique distribution system of “trackers” and “swarms.”
• Blockchain technology applies P2P network principles to create a means for secure, transparent, and immutable record-keeping. Importantly, the security features of blockchain come from the decentralized nature of the ledger, cryptographic encryption, and trust ensured through mathematical algorithms and consensus mechanisms.
• Cryptocurrencies, famously inaugurated by Bitcoin, use blockchain infrastructures to enable a decentralized ledger of financial transactions for increased anonymity.
• Communication platforms like Skype were founded on P2P networks, though they later incorporated a hybrid model with some centralization through cloud service. The Invisible Internet Project (I2P), RetroShare, Tox, and Matrix also offer encrypted messaging, as well as file sharing abilities, built wholly or partially upon P2P networks.
• Distributed computing projects, such as SETI@home, mobilize the computer processing power of thousands of volunteers around the world. Together, these peers are able to solve complex computational problems that few single computers are able to do alone.

How does a P2P network work?

The principles behind a P2P network are resource sharing, decentralization, and equality (with the latter varying in practice between platforms).

Resource sharing

Network participants (peers) first make resources or capacities they have publicly available for access or use by the network. In principle, a resource could be anything shareable. When using a P2P torrent-based network, for example, a user searches for a film, album, or book to download. The torrent program will then search through the network to link the searching user with others sharing it. The download will then arrive in bits from many simultaneous sources.

More complicated models, like the Seti@home project, harness the computing power of global volunteers to analyze radio signals in search of extraterrestrial life. In this case, a P2P network of like-minded users can exponentially increase the power of what any computer can do. More recently in Web3, Akash is a decentralized compute marketplace, a bit like AirBnB but for CPU power, where users and purchase cheaper CPU capacity from others. The decentralized service, transactionally supported by blockchain and operationally run through the cloud, optimizes unused computing power across the world.

Decentralized network

P2P networks all involve some form of decentralization, but the degree depends on specific network operations and goals. A fully decentralized network has no central server or prioritized point of coordination. It is formed solely by peers who can be anywhere in the world, and who most likely do not know one another. In the case of torrenting, decentralization is also enacted at the sharing level: a single resource acquisition by one peer is sourced from many peers at the same time, with the distribution of data-packets decentralized by default. Other P2P networks are only partially decentralized, using certain centralized points (e.g., a blockchain or a node registry) in order to manage the scalability of the P2P network.

The equal peer model

Lastly, participants are considered to be equal (hence the name “peers”): anyone on the network should be able to access available resources like others. But this is more of a principle than a universal feature across P2Ps, which sometimes may allocate more privileges to certain peers over others. This is the case with some file-sharing P2Ps where peers with a quality assortment of files and high sharing statistics might be allotted better privileges (like front-of-the-line downloading priorities) over simple “leechers.”

Despite these differences, the thing to keep in mind is that a P2P network is not a client-server model: peer users (clients) do not share, use, or access resources through a central platform (server). If we watch a movie on Netflix, we access the data of the film through the company’s central databases. In short, clients consume or access what the server (or service) can provide. Without any centralized server infrastructure, P2P networks are built on a different client-to-client model: each peer is both server-client, potentially giving and receiving.

P2Ps: Some pros and cons

The decentralized nature of P2P networks offers several advantages and corresponding difficulties for users.

Resilience

Pros: P2P networks are not in themselves security services. But their decentralized network structure can provide improved resilience against database failures or attacks. If one peer’s server is attacked, this does not necessarily affect other peers in the network (though it can). Many quality P2P networks also now use encryption protocols to secure communications between peers. This makes it so outside parties attempting to intercept shared content would be unable to access the content itself.

Cons: The encryption of P2P traffic does not prevent your activity on the network from being tracked and linked back to you through your IP address. Without the kind of network management that centralized networks can provide, decentralized distribution might open users to malware and viruses. There are also cyber attacks which target P2P networks particularly. With a Sibyl attack, a user creates many fake peer identities to gain disproportionate control over a network. With an eclipse attack, attackers set up malicious peers in the network to establish “trusted” contact and promote sharing with healthy peers until enough peers are compromised to gain control of a full traffic.

Costs

Pros: By opening users to a network of available resources (such as unused storage space or bandwidth), some users can save money by avoiding using individual and centralized services (cloud space or more expensive internet packages). And, of course, a P2P can also provide users with access to free resources (such as otherwise commercial media files).

Cons: While certain users benefit from available resources, higher sharers can potentially experience system and CPU strain. There are also ethical considerations in sharing copyrighted materials freely. Furthermore, there is the question of whether, in relying on volunteering peers, a P2P can equitably compensate or acknowledge what peers contribute differently (even if all peers have potential access to the full P2P resource bank). The incorporation of incentive systems is a developing phenomenon in the P2P and now the dVPN world.

Speed

Pros: P2P networks can sometimes provide optimized speed for exchanging users. In the case of downloading media, this is because data packets arrive from multiple peers simultaneously. If one source has latency, due to a peer going offline or being overwhelmed, the slack can be picked up elsewhere.

Cons: In cases other than downloading, such as data routing through single peers, P2P networks can experience latency or slowness, delaying the transmission of data. The scalability and degree of decentralization of the network can also increase latency issues: the bigger and more dispersed the network becomes, the harder it might be to optimize performance without resorting to centralized mechanisms.

So what is a P2P VPN?

In principle, a P2P VPN is a Virtual Private Network (VPN) that routes client traffic through a decentralized peer-to-peer architecture. However, there are virtually no “P2P VPNs” on the market, with the exception of maybe one. But there’s no need to worry about this terminology: what users are looking for is essentially a decentralized VPN (dVPN), since both are decentralized networks.

P2P VPNs are dVPNs

Taken on their own, P2Ps and VPNs are distinct frameworks with their own service objectives. As we’ve seen, P2Ps are decentralized networks used for sharing information or resources between network participants (peers). A VPN is an online privacy service that encrypts user data and routes it through the VPN’s own server before accessing the public internet. VPN routing replaces the user’s unique IP address with that of the VPN server, allowing you to be more anonymous in what you do online.

But let’s explain how a P2P VPN should work in principle before considering which dVPNs will best meet the needs of users looking for anonymity and privacy online.

How does a P2P VPN work?

Like a traditional VPN, a P2P VPN should first encrypt a user’s data on their device before routing the traffic through a decentralized network of other clients (or peers). Once on another peer’s server, or a traditional VPN’s own, your IP address is masked by the proxy server. But this is where similarities stop. Most traditional VPN services are client-server models, which means user traffic is routed through the service provider’s highly centralized server(s). By locating user data in one place, users are vulnerable to data breaches or cyber attacks which would reveal the metadata of their activities. Since a P2P network is decentralized, it can at least avoid this one security vulnerability.

With a P2P VPN, user traffic is routed according to a client-client (or peer-to-peer) model. When you connect to the VPN, your data is routed through other peers’ computers on the network before arriving at its destination. These peers basically volunteer their bandwidth to reroute other peers’ traffic, thus obfuscating the IP addresses of others. This can help avoid the vulnerabilities of centralized server infrastructures. But there are important risks with a P2P VPN to consider.

Are P2P VPNs safe? Benefits and downsides

When turning to a dVPN (whether P2P based or not), users’ concerns are typically the security, privacy, and anonymity of their online activities. And for good reason! But performance is also a crucial factor. So in considering what type of dVPN to use, it’s important to consider how any VPN might meet these user needs.

Unfortunately there is not a good enough market history of “P2P VPN” products to learn from. So we must compare known P2P network strengths and weaknesses with what new and privacy-focused dVPNs – like NymVPN, which is based on a mixnet – can provide to address these possible issues.

Security

P2P VPN: P2P networks did not originally provide default encryption protocols for peer traffic. Without encryption for the end-to-end transmission of user data from peer-to-peer, the contents of user data can be compromised along the route, or exploited by malicious peers. Thankfully, a lot has changed for web users in general. Quality P2P networks now often include encryption to protect peer-to-peer exchanges. However, P2P networks are still notorious for malware infections, targeted cyber attacks, and the possibility of malicious peers taking control of your traffic, and law enforcement surveillance.

Mixnet VPN: The type of encryption protocols offered by a VPN are important considerations, since some are weaker than others. NymVPN uses advanced, multi-layered onion encryption in which user data is encrypted multiple times. When the data passes through one of the 2-5 nodes (or “peers” in P2P tongue), only one layer of encryption is removed to reveal where to send the data next. This makes sure that end-to-end encryption is guaranteed. It also removes the P2P possibility of malicious nodes mishandling your data, traffic, or even IP address.

Privacy and anonymity

P2P VPN: The extent of a VPN’s decentralization matters. If your data only passes through one peer before accessing the public web, then this makes that peer a targetable server for revealing your IP address and metadata. In these cases, it’s also not clear what can stop individual peers from logging full user traffic through their server. This leaves us vulnerable to the same types of data breaches and data-targeting cyber attacks that continue to plague traditional VPNs. P2P network communications are also known to perform poorly against traffic analysis in which users’ metadata is analyzed by sophisticated surveillance to track online activity.

Mixnet VPN: Genuine user privacy and anonymity online now requires sophisticated VPN architectures. NymVPN is multi-hop by default, so the risks of data centralization and breaches are significantly reduced. To further complicate data analysis across a decentralized and multi-hop network, your data is mixed up with other user traffic as it passes through a node. Additionally, dummy data packets are circulated through the network to convolute attempts to analyze network traffic.

Performance

P2P VPN: In file sharing, P2Ps can provide increased speed and avoid latency. But it’s not clear how this would translate to a VPN service, especially one that is only one-hop (one peer). If a user is being routed through a single peer whose bandwidth is overwhelmed, we can imagine a lot of latency for VPN clients.

Mixnet VPN: At Nym, we recognize that users have distinct needs when using a VPN. Users might want general online privacy in whatever they do, from browsing, streaming, and communicating without compromising speed. But they might also need robust privacy for certain traffic, such as sensitive work communications. Nym’s faster 2-hop dVPN mode allows users to navigate the internet with enhanced security and speed, while choosing the unparalleled security of the 5-hop mixnet mode for selected tasks. Certain activities like gaming, which require optimal speeds and connection, can be set to bypass the NymVPN altogether. Read more on the values of split-tunneling in this way with a VPN.

For privacy, go mixnet

The jargon surrounding digital products can be confusing. But when it comes to finding a tool to protect our online privacy, it shouldn’t be. So if you’ve been looking for something like a “P2P VPN” and not finding one, don’t worry: it’s just a decentralized VPN (in the language of Web 2.0).

In choosing a VPN, the biggest risk is falling back on a traditional and mainstream VPN. The centralization of user data on their servers poses serious privacy risks not limited to metadata breaches, as well as potential government demands for the disclosure of user data. What we all need is a VPN newly designed to meet global privacy requirements.

Whether you need some general privacy and anonymity online, or more robust protections for particular sensitive content, NymVPN is a comprehensive and flexible tool to protect your activity across the whole web when and as you need it to.