aboutsummaryrefslogtreecommitdiff
path: root/spec/padding-spec/circuit-level-padding.md
diff options
context:
space:
mode:
Diffstat (limited to 'spec/padding-spec/circuit-level-padding.md')
-rw-r--r--spec/padding-spec/circuit-level-padding.md16
1 files changed, 8 insertions, 8 deletions
diff --git a/spec/padding-spec/circuit-level-padding.md b/spec/padding-spec/circuit-level-padding.md
index a220507..33ecfc3 100644
--- a/spec/padding-spec/circuit-level-padding.md
+++ b/spec/padding-spec/circuit-level-padding.md
@@ -23,7 +23,7 @@ future padding defenses, see the research developer documentation\[17\].
<a id="padding-spec.txt-3.1"></a>
-## Circuit Padding Negotiation
+## Circuit Padding Negotiation {#negotiation}
Circuit padding machines are advertised as "Padding" subprotocol versions
(see tor-spec.txt Section 9). The onion service circuit padding machines are
@@ -96,7 +96,7 @@ on the circuit, the command is ignored.
<a id="padding-spec.txt-3.2"></a>
-## Circuit Padding Machine Message Management
+## Circuit Padding Machine Message Management { #machine-msg-mgt }
Clients MAY send padding cells towards the relay before receiving the
circpad_negotiated response, to allow for outbound cover traffic before
@@ -112,7 +112,7 @@ immediately tear down such circuits to avoid side channel risk.
<a id="padding-spec.txt-3.3"></a>
-## Obfuscating client-side onion service circuit setup
+## Obfuscating client-side onion service circuit setup { #hiding-circ-setup }
The circuit padding currently deployed in Tor attempts to hide client-side
onion service circuit setup. Service-side setup is not covered, because doing
@@ -129,7 +129,7 @@ Note that inter-arrival timing is not obfuscated by this defense.
<a id="padding-spec.txt-3.3.1"></a>
-### Common general circuit construction sequences
+### Common general circuit construction sequences { #circ-setup-sequences}
Most general Tor circuits used to surf the web or download directory
information start with the following 6-cell relay cell sequence (cells
@@ -156,7 +156,7 @@ network/guard-level adversary.
<a id="padding-spec.txt-3.3.2"></a>
-### Client-side onion service introduction circuit obfuscation
+### Client-side onion service introduction circuit obfuscation { #hiding-intro }
Two circuit padding machines work to hide client-side introduction circuits:
one machine at the origin, and one machine at the second hop of the circuit.
@@ -199,7 +199,7 @@ minutes).
<a id="padding-spec.txt-3.3.3"></a>
-### Client-side rendezvous circuit hiding
+### Client-side rendezvous circuit hiding { #hiding-rendezvous }
Following a similar argument as for intro circuits, we are aiming for padded
rendezvous circuits to blend in with the initial cell sequence of general
@@ -240,7 +240,7 @@ will look alike.
<a id="padding-spec.txt-3.3.4"></a>
-### Circuit setup machine overhead
+### Circuit setup machine overhead { #setup-overhead }
For the intro circuit case, we see that the origin-side machine just sends a
single \[PADDING_NEGOTIATE\] cell, whereas the origin-side machine sends a
@@ -252,7 +252,7 @@ padding cells, for a total of 4 padding cells.
<a id="padding-spec.txt-3.4"></a>
-## Circuit padding consensus parameters
+## Circuit padding consensus parameters { #consenus-parameters }
The circuit padding system has a handful of consensus parameters that can
either disable circuit padding entirely, or rate limit the total overhead
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion