From Wikipedia, the free encyclopedia
Jump to: navigation, search
Not to be confused with Gnutella.
GNUnet logo.svg
GNUnet Screenshot.png
GNUnet with the GTK+ user interface
Developer(s) GNU Project
Initial release November 5, 2001; 14 years ago (2001-11-05)
Stable release 0.10.1 (April 8, 2014; 21 months ago (2014-04-08)[1]) [±]
Development status Active
Written in C[2]
Operating system GNU/Linux, FreeBSD, NetBSD, OpenBSD, OS X, Windows
Type Anonymous P2P, Friend-to-friend
License GNU General Public License
Alexa rank Negative increase 1,022,092 (Oct 2015)[3]

GNUnet is a free software framework for decentralized, peer-to-peer networking and an official GNU package. The framework offers link encryption, peer discovery, resource allocation, communication over many transports (such as tcp, udp, http, https, wlan and bluetooth) and various basic peer-to-peer algorithms for routing, multicast and network size estimation.

GNUnet's basic network topology is that of a mesh network. GNUnet includes a distributed hash table (DHT) which is a randomized variant of Kademlia that can still efficiently route in small-world networks. GNUnet offers a "F2F topology" option for restricting connections to only the users' trusted friends. The users' friends' own friends (and so on) can then indirectly exchange files with the users' computer, never using its IP address directly.

GNUnet uses Uniform resource identifiers (not approved by IANA, although an application has been made). GNUnet URIs consist of two major parts: the module and the module specific identifier. A GNUnet URI is of form gnunet://module/identifier where module is the module name and identifier is a module specific string.

The primary codebase is written in C, but with gnunet-java there is an effort to produce an API for developing extensions in Java. GNUnet is part of the GNU project. It has gained interest to the hacker community after the PRISM revelations.[4]

GNUnet includes various P2P applications in the main distribution of the framework; additionally, a few external projects (such as secushare) are also extending the GNUnet infrastructure.

GNUnet is unrelated to the older Gnutella P2P protocol. Gnutella is not an official GNU project while GNUnet is.

File sharing[edit]

The primary application at this point is anonymous, censorship-resistant file-sharing, allowing users to anonymously publish or retrieve information of all kinds. GNUnet uses GNU libextractor to automatically annotate shared files with metadata.

The file sharing service uses GNUnet's anonymity protocol for routing queries and replies. Forwarded query messages are used to search for content and blocks of data. Depending on load of the forwarding node, messages are forwarded to zero or more nodes. When a node is under stress it drops requests from its neighbor nodes having lower internal trust value. A special feature of GNUnet's anonymity protocol is that the user can select an individual anonymity level. The anonymity level determines how much cover traffic a peer must have to hide the user's own traffic. Users can specify an anonymity level for each publish, search and download operation. An anonymity level of zero can be used to select non-anonymous file-sharing. GNUnet's DHT infrastructure is only used if non-anonymous file-sharing is specified.

File sharing URIs[edit]

Files shared with GNUnet are ECRS (An Encoding for Censorship-Resistant Sharing) coded. The fs module identifier consists of either chk, sks, ksk or loc followed by a slash and a category specific value.

  • chk identifies files, typically: gnunet://fs/chk/[file hash, using 0-9A-V].[query hash, using 0-9A-V].[file size in bytes]
  • sks identifies files within namespaces, typically: gnunet://fs/sks/NAMESPACE/IDENTIFIER
  • ksk identifies search queries, typically: gnunet://fs/ksk/KEYWORD[+KEYWORD]*
  • loc identifies a datum on a specific machine, typically: gnunet://fs/loc/PEER/QUERY.TYPE.KEY.SIZE


A type of GNUnet filesharing URI pointing to a specific copy of GNU GPL license text:


Another type of GNUnet filesharing URI, pointing to the search results of a search with keyword "gpl":


GNU Name System[edit]

GNUnet includes an implementation of the GNU Name System (GNS), a decentralized and censorship-resistant replacement for DNS. In GNS, each user manages his own master zone which is mapped into the DNS namespace under the .gnu top-level domain. Users can delegate subdomains to zones managed by other users. Lookups of records defined by other users are performed using GNUnet's DHT. A major problem of this approach is that names are no longer globally unique, requiring the use of proxies and other workarounds to address common requirements of legacy applications.

Protocol translation[edit]

GNUnet can tunnel IP traffic over the peer-to-peer network. If necessary, GNUnet can perform IPv4-IPv6 protocol translation in the process. GNUnet provides a DNS Application-level gateway to proxy DNS requests and map addresses to the desired address family as necessary. This way, GNUnet offers a possible technology to facilitate IPv6 transition. Furthermore, in combination with GNS, GNUnet's protocol translation system can be used to access hidden services --- IP-based services that run locally at some peer in the network and which can only be accessed by resolving a GNS name.

The communication port, officially registered at IANA, is 2086 (tcp + udp).[5]

Social API[edit]

Gabor X toth published in early September 2013 a thesis[6] to present the design of a social messaging service for the GNUnet peer-to-peer framework that offers scalability, extensibility, and end-to-end encrypted communication. The scalability property is achieved through multicast message delivery, while extensibility is made possible by using PSYC (Protocol for SYnchronous Conferencing), which provides an extensible RPC (Remote Procedure Call) syntax that can evolve over time without having to upgrade the software on all nodes in the network. Another key feature provided by the PSYC layer are stateful multicast channels, which are used to store e.g. user profiles. End-to-end encrypted communication is provided by the mesh service of GNUnet, upon which the multicast channels are built. Pseudonymous users and social places in the system have cryptographical identities — identified by their public key — these are mapped to human memorable names using GNS (GNU Name System), where each pseudonym has a zone pointing to its places.

That is the required building block for turning the GNUnet framework into a fully peer-to-peer social networking platform.


A trivial chat module has been implemented more as a test than as a serious application, but it is usable.[citation needed]

See also[edit]

Christian Grothoff, maintainer of GNUnet, in Berlin on August 1, 2013: "You broke the Internet. We're making ourselves a GNU one".


  1. ^ Grothoff, Christian (2013-12-24). "GNUnet 0.10.0 released" (Mailing list). info-gnunet. Retrieved 2013-12-25. 
  2. ^ GNUnet Source Code
  3. ^ " Site Overview". Alexa Internet. Retrieved October 27, 2015. 
  4. ^ Grothoff, Christian (1 August 2013). "Video: You broke the Internet. We're making ourselves a GNU one.". Pirate Party Germany, Berlin. Retrieved 4 October 2013. 
  5. ^ Service Name and Transport Protocol Port Number Registry, p. 37
  6. ^ Toth, Gabor X (2013-09-05), Design of a Social Messaging System Using Stateful Multicast - Retrieved 2013-09-28

External links[edit]