aboutsummaryrefslogtreecommitdiff
path: root/doc/design-paper
diff options
context:
space:
mode:
authorPaul Syverson <syverson@itd.nrl.navy.mil>2007-06-27 20:52:42 +0000
committerPaul Syverson <syverson@itd.nrl.navy.mil>2007-06-27 20:52:42 +0000
commit94847ceb3e9efc8c26a47c2a17ae65e6dc4f9a58 (patch)
tree9dc27edd5f138191d85aa4d680be1e879f53b5b3 /doc/design-paper
parentc045c8909da45c8963458fb3102be448894c4008 (diff)
downloadtor-94847ceb3e9efc8c26a47c2a17ae65e6dc4f9a58.tar
tor-94847ceb3e9efc8c26a47c2a17ae65e6dc4f9a58.tar.gz
Minor edits suggested by Susan Landau
svn:r10686
Diffstat (limited to 'doc/design-paper')
-rw-r--r--doc/design-paper/sptor.tex16
1 files changed, 9 insertions, 7 deletions
diff --git a/doc/design-paper/sptor.tex b/doc/design-paper/sptor.tex
index eaa2f0428..9daa686c8 100644
--- a/doc/design-paper/sptor.tex
+++ b/doc/design-paper/sptor.tex
@@ -71,20 +71,22 @@ logical or physical locations to those sites or to observers. It
enables hosts to be publicly accessible yet have similar protection
against location through its \emph{location-hidden services}.
-To connect to a remote server via Tor, the client software learns
+To connect to a remote server via Tor the client software first learns
a %signed
list of Tor nodes from several central \emph{directory servers} via a
-voting protocol to avoid dependence on or complete trust in any one of
-them, and incrementally creates a private pathway or \emph{circuit} of
-encrypted connections through authenticated Tor nodes on the network
-whose public keys were obtained form the directory servers,
-negotiating a separate set of encryption keys for each hop along the
+voting protocol (to avoid dependence on or complete trust in any one
+of these servers). It then incrementally creates a private pathway or
+\emph{circuit} across the network. This circuit consists of
+encrypted connections through authenticated Tor nodes
+whose public keys were obtained from the directory servers. The client
+software negotiates a separate set of encryption keys for each hop along the
circuit. The nodes in the circuit are chosen at random by the client
subject to a preference for higher performing nodes to allocate
resources effectively and with a client-chosen preferred set of first
nodes called \emph{entry guards} to complicate profiling attacks by
internal adversaries~\cite{hs-attack}.
-The circuit is extended one node at a time, and each node
+The circuit is extended one node at a time, tunneling extensions
+through already established portions of the circuit, and each node
along the way knows only the immediately previous and following nodes
in the circuit, so no individual Tor node knows the complete path that
each fixed-sized data packet (or \emph{cell}) will take. Thus,