Home Explore Help
Sign In
piros
/
tor
3
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

clean up related works section

svn:r709
Roger Dingledine 22 years ago
parent
e8b701dae9
commit
0ead73a78e
1 changed files with 59 additions and 86 deletions
Unified View Show Diff Stats
  1. 59 86
      doc/tor-design.tex

+ 59 - 86
doc/tor-design.tex
View File 

@@ -294,10 +294,6 @@ these attacks,\footnote{
 
   rate, or to limit
 
   rate, or to limit
 
   the variation in traffic shape.  Doing so can have prohibitive bandwidth
 
   the variation in traffic shape.  Doing so can have prohibitive bandwidth
 
   costs and/or performance limitations.
 
   costs and/or performance limitations.
 
-  %One can also use a cascade (fixed
 
-  %shared route) with a relatively fixed set of users. This assumes a
 
-  %significant degree of agreement and provides an easier target for an active
 
-  %attacker since the endpoints are generally known.
 
 } most designs protect primarily against traffic analysis rather than traffic
 
 } most designs protect primarily against traffic analysis rather than traffic
 
 confirmation \cite{or-jsac98}---that is, they assume that the attacker is
 
 confirmation \cite{or-jsac98}---that is, they assume that the attacker is
 
 attempting to learn who is talking to whom, not to confirm a prior suspicion
 
 attempting to learn who is talking to whom, not to confirm a prior suspicion
 
@@ -333,85 +329,61 @@ current implementation does no padding and thus remains vulnerable
 
 to both active and passive bridging.
 
 to both active and passive bridging.
 
 %XXX fix, yes it does, sort of.
 
 %XXX fix, yes it does, sort of.
 
 
 
-%XXX do a paragraph on p2p vs client-server
 
-\cite{tarzan:ccs02}
 
-\cite{morphmix:fc04}
 
-
 
-Systems such as Freedom and the original Onion Routing
 
-build the anonymous channel all at once, using a layered ``onion'' of
 
-public-key encrypted messages, each layer of which provides a set of session
 
-keys and the address of the next server in the channel.  Tor as described
 
-herein, Tarzan, Morphmix, Cebolla \cite{cebolla}, and AnonNet
 
-\cite{anonnet} build the
 
-channel in stages, extending it one hop at a time. This approach
 
-makes perfect forward secrecy feasible.
 
-
 
-Distributed-trust anonymizing systems differ in how they prevent attackers
 
-from controlling too many servers and thus compromising too many user paths.
 
-Some protocols rely on a centrally maintained set of well-known anonymizing
 
-servers.  The current Tor design falls into this category.
 
-Others (such as Tarzan and MorphMix) allow unknown users to run
 
-servers, while using a limited resource (DHT space for Tarzan; IP space for
 
-MorphMix) to prevent an attacker from owning too much of the network.
 
-Crowds uses a centralized ``blender'' to enforce Crowd membership
 
-policy. For small crowds it is suggested that familiarity with all
 
-members is adequate. For large diverse crowds, limiting accounts in
 
-control of any one party is more complex: 
-``(e.g., the blender administrator sets up an account for a user only
 
-after receiving a written, notarized request from that user) and each
 
-account to one jondo, and by monitoring and limiting the number of
 
-jondos on any one net- work (using IP address), the attacker would be
 
-forced to launch jondos using many different identities and on many
 
-different networks to succeed'' \cite{crowds-tissec}.
 
-
 
 PipeNet \cite{back01, pipenet}, another low-latency design proposed at
 
 PipeNet \cite{back01, pipenet}, another low-latency design proposed at
 
 about the same time as the original Onion Routing design, provided
 
 about the same time as the original Onion Routing design, provided
 
 stronger anonymity at the cost of allowing a single user to shut
 
 stronger anonymity at the cost of allowing a single user to shut
 
 down the network simply by not sending.  Low-latency anonymous
 
 down the network simply by not sending.  Low-latency anonymous
 
-communication has also been designed for other environments, including
 
-ISDN \cite{isdn-mixes}
 
-% and mobile applications such as telephones and
 
-%active badging systems \cite{federrath-ih96,reed-protocols97}.
 
-
 
-Some systems, such as Crowds \cite{crowds-tissec}, do not rely on changing the
 
-appearance of packets to hide the path; rather they try to prevent an
 
-intermediary from knowing whether it is talking to an initiator
 
-or just another intermediary.  Crowds uses no public-key
 
-encryption, but the responder and all data are visible to all
 
-nodes on the path; so anonymity of the connection initiator depends on
 
-filtering all identifying information from the data stream. Crowds only
 
-supports HTTP traffic.
 
+communication has also been designed for other environments such as
 
+ISDN \cite{isdn-mixes}.
 
+
 
+In P2P designs like Tarzan \cite{tarzan:ccs02} and MorphMix
 
+\cite{morphmix:fc04}, all participants both generate traffic and relay
 
+traffic for others. Rather than aiming to hide the originator within a
 
+group of other originators, these systems instead aim to prevent a peer
 
+or observer from knowing whether a given peer originated the request
 
+or just relayed it from another peer. While Tarzan and MorphMix use
 
+layered encryption as above, Crowds \cite{crowds-tissec} simply assumes
 
+an adversary who cannot observe the initiator: it uses no public-key
 
+encryption, so nodes on a circuit can read that circuit's traffic. The
 
+anonymity of the initiator relies on filtering all identifying information
 
+from the data stream.
 
 
 
 Hordes \cite{hordes-jcs} is based on Crowds but also uses multicast
 
 Hordes \cite{hordes-jcs} is based on Crowds but also uses multicast
 
-responses to hide the initiator. Herbivore \cite{herbivore} and
 
-P5 \cite{p5} go even further, requiring broadcast.
 
-Each uses broadcast in different ways, and trade-offs are made to
 
-make broadcast more practical. Both Herbivore and P5 are designed primarily
 
-for communication between communicating peers, although Herbivore
 
-permits external connections by requesting a peer to serve as a proxy.
 
-Allowing easy connections to nonparticipating responders or recipients
 
-is a practical requirement for many users, e.g., to visit
 
-nonparticipating Web sites or to exchange mail with nonparticipating
 
-recipients.
 
-
 
-Tor is not primarily designed for censorship resistance but rather
 
-for anonymous communication. However, Tor's rendezvous points, which
 
-enable connections between mutually anonymous entities, also
 
-facilitate connections to hidden servers.  These building blocks to
 
-censorship resistance and other capabilities are described in
 
-Section~\ref{sec:rendezvous}.  Location-hidden servers are an
 
-essential component for the anonymous publishing systems such as
 
-Eternity\cite{eternity}, Publius\cite{publius},
 
-Free Haven\cite{freehaven-berk}, and Tangler\cite{tangler}.
 
-
 
-
 
-STILL NOT MENTIONED:
 
-real-time mixes\\
 
-rewebbers\\
 
-cebolla\\
 
-
 
-
 
-[XXX Close by mentioning where Tor fits.]
 
+responses to hide the initiator. Herbivore \cite{herbivore} and P5
 
+\cite{p5} go even further, requiring broadcast.  Each uses broadcast
 
+in different ways, and trade-offs are made to make broadcast more
 
+practical. Both Herbivore and P5 are designed primarily for communication
 
+between peers, although Herbivore permits external connections by
 
+requesting a peer to serve as a proxy.  Allowing easy connections to
 
+nonparticipating responders or recipients is important for usability,
 
+for example so users can visit nonparticipating Web sites or exchange
 
+mail with nonparticipating recipients.
 
+
 
+Systems like Freedom and the original Onion Routing build the circuit
 
+all at once, using a layered ``onion'' of public-key encrypted messages,
 
+each layer of which provides a set of session keys and the address of the
 
+next server in the circuit. Tor as described herein, Tarzan, MorphMix,
 
+Cebolla \cite{cebolla}, and AnonNet \cite{anonnet} build the circuit
 
+in stages, extending it one hop at a time. This approach makes perfect
 
+forward secrecy feasible.
 
+
 
+Distributed-trust anonymizing systems need to prevent attackers from
 
+adding too many servers and thus compromising too many user paths.
 
+Tor relies on a centrally maintained set of well-known servers. Tarzan
 
+and MorphMix allow unknown users to run servers, and limit an attacker
 
+from becoming too much of the network based on a limited resource such
 
+as number of IPs controlled. Crowds suggests requiring written, notarized
 
+requests from potential crowd members.
 
+
 
+Anonymous communication is an essential component of censorship-resistant
 
+systems like Eternity \cite{eternity}, Free Haven \cite{freehaven-berk},
 
+Publius \cite{publius}, and Tangler \cite{tangler}. Tor's rendezvous
 
+points enable connections between mutually anonymous entities; they
 
+are a building block for location-hidden servers, which are needed by
 
+Eternity and Free Haven.
 
+
 
+% didn't include rewebbers. No clear place to put them, so I'll leave
 
+% them out for now. -RD
 
 
 
 \Section{Design goals and assumptions}
 
 \Section{Design goals and assumptions}
 
 \label{sec:assumptions}
 
 \label{sec:assumptions}
 
@@ -493,7 +465,7 @@ or because they present an area of active research lacking a generally
 
 accepted solution.
 
 accepted solution.
 
 
 
 \begin{tightlist}
 
 \begin{tightlist}
 
-\item[Not Peer-to-peer:] Tarzan and Morphmix aim to
 
+\item[Not Peer-to-peer:] Tarzan and MorphMix aim to
 
   scale to completely decentralized peer-to-peer environments with thousands
 
   scale to completely decentralized peer-to-peer environments with thousands
 
   of short-lived servers, many of which may be controlled by an adversary.
 
   of short-lived servers, many of which may be controlled by an adversary.
 
   Because of the many open problems in this approach, Tor uses a more
 
   Because of the many open problems in this approach, Tor uses a more
 
@@ -1136,15 +1108,15 @@ however, and its network properties still need to be investigated. [XXX
 
 
 
 Channel-based anonymity designs must choose which protocol layer to
 
 Channel-based anonymity designs must choose which protocol layer to
 
 anonymize.  They may choose to intercept IP packets directly, and relay
 
 anonymize.  They may choose to intercept IP packets directly, and relay
 
-them whole (stripping the source address) as the contents of their
 
-anonymous channels \cite{tarzan:ccs02,freedom2-arch}.  Alternatively,
 
+them whole (stripping the source address) as the contents of the
 
+circuit \cite{tarzan:ccs02,freedom2-arch}.  Alternatively,
 
 they may
 
 they may
 
 accept TCP streams and relay the data in those streams along the
 
 accept TCP streams and relay the data in those streams along the
 
-channel, ignoring the breakdown of that data into TCP frames. (Tor
 
+circuit, ignoring the breakdown of that data into TCP frames. (Tor
 
 takes this approach, as does Rennhard's anonymity network \cite{anonnet}
 
 takes this approach, as does Rennhard's anonymity network \cite{anonnet}
 
-and Morphmix \cite{morphmix:fc04}.)  Finally, they may accept
 
+and MorphMix \cite{morphmix:fc04}.)  Finally, they may accept
 
 application-level protocols (such as HTTP) and relay the application
 
 application-level protocols (such as HTTP) and relay the application
 
-requests themselves along their anonymous channels.
 
+requests themselves along the circuit.
 
 
 
 This protocol-layer decision represents a compromise between flexibility
 
 This protocol-layer decision represents a compromise between flexibility
 
 and anonymity.  For example, a system that understands HTTP can strip
 
 and anonymity.  For example, a system that understands HTTP can strip
 
@@ -1586,7 +1558,7 @@ and its resistance to attacks.
 
   runs on top of TCP, so design options that could not easily do so
 
   runs on top of TCP, so design options that could not easily do so
 
   would be difficult to test on the current network. However, most
 
   would be difficult to test on the current network. However, most
 
   low-latency protocols are designed to run over TCP. We are currently
 
   low-latency protocols are designed to run over TCP. We are currently
 
-  discussing with the designers of Morphmix interoperability of the
 
+  discussing with the designers of MorphMix interoperability of the
 
   two systems, which seems to be relatively straightforward. This will
 
   two systems, which seems to be relatively straightforward. This will
 
   allow testing and direct comparison of the two rather different
 
   allow testing and direct comparison of the two rather different
 
   designs.
 
   designs.
 
@@ -1972,7 +1944,7 @@ How do we prevent unreliable servers from rendering the network
 
 unusable?  Fifth, do clients receive so much anonymity benefit from
 
 unusable?  Fifth, do clients receive so much anonymity benefit from
 
 running their own servers that we should expect them all to do so, or
 
 running their own servers that we should expect them all to do so, or
 
 do we need to find another incentive structure to motivate them?
 
 do we need to find another incentive structure to motivate them?
 
-(Tarzan and Morphmix present possible solutions.)
 
+(Tarzan and MorphMix present possible solutions.)
 
 
 
 [[ XXX how to approve new nodes (advogato, sybil, captcha (RTT));]
 
 [[ XXX how to approve new nodes (advogato, sybil, captcha (RTT));]
 
 
 
@@ -2111,7 +2083,8 @@ issues remaining to be ironed out. In particular:
 
 %     'SOCKS'
 
 %     'SOCKS'
 
 %     Try not to use \cite as a noun.  
 %     Try not to use \cite as a noun.  
 %     'Authorizating' sounds great, but it isn't a word.
 
 %     'Authorizating' sounds great, but it isn't a word.
 
-%     'First, second, third', not 'Firstly, secondly, thridly'.
 
+%     'First, second, third', not 'Firstly, secondly, thirdly'.
 
+%     'circuit', not 'channel'
 
 %
 
 %
 
 %     'Substitute ``Damn'' every time you're inclined to write ``very;'' your
 
 %     'Substitute ``Damn'' every time you're inclined to write ``very;'' your
 
 %     editor will delete it and the writing will be just as it should be.'
 
 %     editor will delete it and the writing will be just as it should be.'