You are here

About GNUnet

GNUnet is a mesh routing layer for end-to-end encrypted networking and a framework for distributed applications designed to replace the old insecure Internet protocol stack.

In other words, GNUnet provides a strong foundation of free software for a global, distributed network that provides security and privacy. Along with an application for secure publication of files, it has grown to include all kinds of basic applications for the foundation of a GNU internet.

GNUnet is an official GNU package. GNUnet can be downloaded from GNU and the GNU mirrors.

Read more Friday, February 19, 2010 - 22:34 Christian Grothoff

libbrandt GSoC midterm status update


the GSoC midterm evaluation finished this week and it's time for a status update on the libbrandt auctioning library project.

In the past few weeks we decided to switch from RSA like crypto to Ed25519 due to performance reasons and it's generally more modern approach. Therefore we don't use libpari anymore, but libgcrypt instead. Ed25519 also has no need to validate each input value from other protocol participants.

Then I translated the three zero knowledge proofs and the first price auction protocol with a private outcome from this paper to Ed25519 and implemented them including unit tests. If you want to check out the source code, git clone git:// The majority of the current code can be found in crypto.c, the unit tests are in test_crypto.c

The next steps are to implement the higher level messaging state machine and the public library interface.

Read more Wednesday, June 29, 2016 - 12:54 Markus Teich

Rust implementation of GNUnet with GSoC - Mid-term progress

The GSoC mid-term evaluation is happening now, so this is a good time to write up the work I've done so far. My contributions are threefold. The files mentioned below can be found in the async branch (

1. Packed message structs
GNUnet messages are represented by packed C structures. Serialisation and deserialisation are thus straightforward, messages are simply sent byte for byte over the network. gnunet-rs did not do this initially. So I ported a couple of message structures from the C code into Rust and implemented ways to easily construct and send those messages. In the future we hope to automatically generate message structures from the C code using bindgen when it supports packed structures (

2. Removed dynamic links with the GNUnet C library
Previously gnunet-rs links with the C library to use the functions for converting between GNUnet's ASCII encoding and binary value. Linking with the C library only for a couple of functions creates unnecessary overhead. The Java library also doesn't link against the C library. Thus I ported those functions to Rust and wrote some simple test cases for them, those can be found in src/util/ This removes the need for linking with the C library.

3. Asynchronous peerinfo library with gjio
Finally, the most important contribution is asynchronous support using gjio ( gjio is a high-level asynchronous IO library based on event loop and promises. It supports most of the features in the GNUnet Scheduler such as timeout, cancellation and so on.

Currently three public functions for peerinfo are provided.

pub fn iterate_peers(cfg: &Cfg, network: &Network)
-> Promise<Peers, IteratePeersError>
pub fn get_peer(cfg: &Cfg, network: &Network, pk_string: String)
-> Promise<(Option<PeerIdentity>, Option<Hello>), NextPeerError>
pub fn self_id(cfg: &Cfg, network: &Network)
-> Promise<PeerIdentity, TransportServiceInitError>

Since they all return Promises<T, E>, we can perform asynchronous operations by creating multiple promises, chain them together if necessary, finally wait for all of them to evaluate. For instance, to check whether two specific peers are online, we can write the following.

EventLoop::top_level(|wait_scope| -> Result<(), ::std::io::Error> {
// setup config, network, etc.
let promise1 = get_peer(&config, &network, pk_string1)
let promise2 = get_peer(&config, &network, pk_string2)
let result = Promise::all(vec![promise1, promise2].into_iter()).wait(wait_scope, &mut event_port)
// process result

More usage examples can be found under examples/

The work so far presents a proof of concept of accessing the peerinfo service asynchronously. That is exactly what I aimed to achieve by mid-term evaluation in my original proposal.

However, the work is far from over. iterate_peers doesn't return an Iterator, the user must manually evaluate the promise on every iteration and check whether it has reached the end, I'm hoping to make it into Iterator trait. The current API was designed without paying much attention to the existing C or Java API, I'd like to introduce some consistency with the existing API both in terms of naming and functionality. The tests and documentation I have at the moment are minimal, so some work needs to be done to improve on those fronts. Finally, I'd like to implement a couple of other subsystems such as GNS and/or statistics.

Fortunately, summer holidays are finally starting in a couple of weeks, which substantially increases the amount of time that I can spend on GNUnet. I'm looking forward to the next 8 weeks!


Read more Wednesday, June 22, 2016 - 10:17 kc1212

GNU Hacker Meeting August 16-20 2016 (Rennes)

This is the official registration page for the 9th GNU Hacker Meeting 2016. Please read the instructions carefully.

The previous time, we had twice as many people register as showed up, resulting in significant unnecessary expenses. To avoid this, registration is not exactly free this time. Instead, if you are:

  • A European who can afford it, you should register and pay a registration fee of EUR 50 per day to DE67830654080004822650 (GNUnet e.V.).
  • A human who works for an industry that can really afford it, you should register and pay a registration fee of EUR 495 to DE67830654080004822650 (GNUnet e.V.).
  • A European who cannot actually afford the registration fee but who will really show up, you pay the fee and use the box to ask for a refund. You will get your money back in cash if you actually show up.
  • Non-Europeans demonstrate to us that they will actually show up by sending their plane ticket, hotel booking and visa confirmations to

You need to pay the registration fee or send us your long-distance travel documents before August 1st. When paying, please specify your username and GHM 2016 in the wire transfer subject.

If you cannot even afford to travel to Europe, you can apply for a stipend. We will use registration fees to pay for conference expenses, and if we get sufficient sponsorship we'll try to give out travel stipends. If too many people select the refund option, we will limit the amount of (free) food available at the event. Please specify precisely which days you will participate so we can plan accordingly. Any money left over will be made available for future GHMs.

EUR 50 may seem high, but food in France is expensive, and we expect that some participants will ask for the refund and thus will be unable to contribute to cover expenses. Finally, the bus trip on the 3rd day costs approximately EUR 30/person (depending on the size of the group). The venue itself is free of charge, and the organizers will not benefit financially either.

To register, you first need to create an account. If you already have an account but are not logged in, simply click on the GNU logo in the upper left corner to get to the main page where you can login. Afterwards, you can register for the meeting.

Read more Thursday, May 26, 2016 - 15:38 Christian Grothoff

Rust implementation of GNUnet with GSoC


I will be participating in Google Summer of Code this year with GNUnet. The project is on improving the Rust implementation of GNUnet utils. The primary objective is to add asynchronous IO in a way that is general, extensible and resemble the original GNUnet API. More details can be found here -

Jeff Burdges is my mentor and I will be working closely with him on this project.

All the code I produce will be on my own fork of gnunet-rs (on the gsoc branch) which can be found here -


Read more Wednesday, May 25, 2016 - 12:18 kc1212

libbrandt GSoC kickoff


I was accepted for a Google Summer of Code project and will be developing an auctioning library. During the community bonding period I have so far read four papers relevant to the topic, choosen a few algorithms with slightly different properties which I want to implement and reconstructed one of them within the pari/gp CLI (see attachment). I also started with a first draft of the library interface which will be published in a git repository shortly.

I also made some decisions with my mentor, Christian Grothoff regarding implementation details and project goals:

  • The library will be called libbrandt in honor of Felix Brandt who developed the algorithms that will be used.
  • We want to support first price and (M+1)st price auctions.
  • The outcome of the auction can either be private (only revealed to the seller and winners) or public, choosen by the seller at auction creation time.
  • Selling multiple instances of the same item to the same agent will not be supported as the buyer can just place an arbitrary amount of bids by creating sibling agents.
  • Tie breaking is planned to favor the agent who registered first for an auction giving a motivation to potential buyers to sign up early.
  • Currency and actual price mapping is left to the library user.
Read more Tuesday, May 17, 2016 - 22:07 Markus Teich

32c3 YBTI videos now online

Bernd Paysan recorded the YBTI sessions of 32c3 with talks on Taler, SecuShare, Axolotl, net2o, I2P and GNUnet's Byzantine Set Consensus. You can now watch the videos here.

Read more Tuesday, April 5, 2016 - 22:47 Christian Grothoff

OpenSSH-7.1p2 fixes client vulnerability which can leak your private keys

The new openssh-7.1p2 release fixes a vulnerability in openssh clients from versions 5.4 to 7.1 which lets a malicious server to read private keys from the clients memory. For more information and mitigation see,

Be safe out there!

Read more Friday, January 15, 2016 - 17:04 Sree Harsha Totakura


Subscribe to Front page feed