commit aad2cf495f6e67a29f73a14c7f7ed48c71cb5dc0 Author: Steven Murdoch Steven.Murdoch@cl.cam.ac.uk Date: Mon Nov 5 18:37:03 2012 +0000
Describe variable length cells --- tor-design-2012.tex | 46 ++++++++++++++++++++++++++++++++++------------ 1 files changed, 34 insertions(+), 12 deletions(-)
diff --git a/tor-design-2012.tex b/tor-design-2012.tex index da7c70b..66b6ad4 100644 --- a/tor-design-2012.tex +++ b/tor-design-2012.tex @@ -647,7 +647,7 @@ impact of key compromise. % we can say more abotu the v2 and v3 versions of it. -NM
Section~\ref{subsec:cells} presents the fixed-size \emph{cells} -that are the unit of communication in Tor. We describe in +that are the unit of most communication in Tor. We describe in Section~\ref{subsec:circuits} how circuits are built, extended, truncated, and destroyed. Section~\ref{subsec:tcp} describes how TCP streams are routed through the network. We address @@ -665,23 +665,45 @@ data on the connection with perfect forward secrecy, and prevents an attacker from modifying data on the wire or impersonating an OR.
-Traffic passes along these connections in fixed-size cells. -Each cell is 512 bytes, and consists of a header and a +Most traffic passes along these connections in fixed-size cells. +Each fixed-size cell is 512 bytes, and consists of a header and a payload. The header includes a circuit identifier (circID) that specifies which circuit the cell refers to (many circuits can be multiplexed over the single TLS connection), and a command to describe what to do with the cell's payload. (Circuit identifiers are connection-specific: each circuit has a different circID on each OP/OR or OR/OR connection it -traverses.) Based on their command, cells are either -\emph{control} cells, which are always interpreted by the node -that receives them, or \emph{relay} cells, which carry -end-to-end stream data. The control cell commands are: -\emph{padding} (currently used for keepalive, but also usable -for link padding); \emph{create} or \emph{created} (used to set -up a new circuit); and \emph{destroy} (to tear down a circuit). -% Add: CREATE_FAST, CREATED_FAST, NETINFO, RELAY_EARLY, VERSIONS, VPADDING, -% CERTS, AUTH_CHALLENGE, AUTHENTICATE, AUTHORIZE. -NM +traverses.) Fixed-size cells provide some resistance to traffic +analysis but are inefficient, so some control cells are variable +length, where the ability of an attacker to detect their presence +doesn't affect security. Fixed-size cells also make the packet-size +distribution of Tor distinctive, contrary to the goal of +protocol-fingerprinting resistance. Therefore a variable-length +padding cell was introduced (but is currently unused) to allow +the implementation of schemes to disguise packet length. + +Based on their command, cells are either \emph{control} cells, +which are always interpreted by the node that receives them, +\emph{relay} cells, which carry end-to-end stream data, or +\emph{relay_early} cells, which work similarly to \emph{relay} +cells but are distinguished to enforce the maximum path length +(see \prettyref{sec:XXX}). The fixed-size control cell commands +are: \emph{padding} (currently used for keepalive, but also +usable for link padding); \emph{create} or \emph{created} (used +to set up a new circuit); \emph{create_fast} or +\emph{created_fast} (used to set up a new circuit to the first +hop, without public key computation); \emph{netinfo} (used to +help nodes discover the time and their own address); and +\emph{destroy} (to tear down a circuit). The variable-length +control cell commands are: \emph{versions} (used for +link-protocol negotiation); \emph{vpadding} (variable length +padding); and \emph{certs}, \emph{auth_challenge}, +\emph{authenticate}, and \emph{authorize} (used for OR-OR and +OP-OR authentication). +% Add: CREATE_FAST, CREATED_FAST, NETINFO, RELAY_EARLY, +% VERSIONS, VPADDING, CERTS, AUTH_CHALLENGE, AUTHENTICATE, +% AUTHORIZE. -NM +% Believed done -SJM
Relay cells have an additional header (the relay header) at the front of the payload, containing a streamID (stream identifier: