nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-10 13:13:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

compress sec1-3, we're at 15pg with standard latex8.sty now

Browse Source 
svn:r765
This commit is contained in:
Roger Dingledine 2003-11-05 01:46:32 +00:00
parent 868b3c9724
commit 6c68317577
1 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
doc/tor-design.tex
View File

@ -160,11 +160,11 @@ or flooding and send less data until the congestion subsides.
\textbf{Directory servers:} The earlier Onion Routing design
planned to flood link-state information through the network---an approach
that can be unreliable and open to partitioning attacks or
deception. Tor takes a simplified view toward distributing link-state
that can be unreliable and open to partitioning attacks.
Tor takes a simplified view toward distributing such
information. Certain more trusted nodes act as \emph{directory
servers}: they provide signed directories that describe known
routers and their availability. Users periodically download these
routers and their availability. Users periodically download the
directories via HTTP.
\textbf{Variable exit policies:} Tor provides a consistent mechanism
@ -388,8 +388,8 @@ multiple communications to or from a single user. Within this
main goal, however, several considerations have directed
Tor's evolution.
\textbf{Deployability:} The design must be implemented,
deployed, and used in the real world. Thus it
\textbf{Deployability:} The design must be deployed and used in the
real world. Thus it
must not be expensive to run (for example, by requiring more bandwidth
than volunteers are willing to provide); must not place a heavy
liability burden on operators (for example, by allowing attackers to
@ -491,9 +491,9 @@ which points in the network he should attack.
Our adversary might try to link an initiator Alice with her
communication partners, or try to build a profile of Alice's
behavior. He might mount passive attacks by observing the network edges
and correlating traffic entering and leaving the network---either
by relationships in packet timing; relationships in volume;
or relationships in externally visible user-selected
and correlating traffic entering and leaving the network---by
relationships in packet timing, volume, or externally visible
user-selected
options. The adversary can also mount active attacks by compromising
routers or keys; by replaying traffic; by selectively denying service
to trustworthy routers to move users to