doc/modes.texi

   1 @node Modes of operation
   2 @unnumbered Modes of operation
   3
   4 See also this page @ref{Режимы работы, on russian}.
   5
   6 There are three modes of operation and two modes of data confidentiality
   7 protection.
   8
   9 Three modes of operation provide various trade-off between
  10 resource-consumption and effectiveness.
  11
  12 @table @asis
  13
  14 @item Default mode.
  15
  16 Data packets are encrypted and authenticated and sent immediately. This
  17 is the most effective mode with minimal overhead and delays.
  18
  19 @verbatim
  20          +-----------+   +-----+         +---------+    +------+
  21          |  DATA     |   |DATA |         |  DATA   |    | DATA |
  22          +-----------+   +-----+         +---------+    +------+
  23
  24 ---------------------------------------------------------------------------------------> t
  25 @end verbatim
  26
  27 @item @ref{Noise} mode.
  28
  29 This mode hides packet's lengths. It consumes more traffic as a rule.
  30
  31 @verbatim
  32  +------const------+        +------const------+    +------const------+
  33 /                   \      /                   \  /                   \
  34
  35 +------+------------+      +---------+---------+  +-------------+-----+
  36 | DATA | NOISE      |      | DATA    | NOISE   |  | DATA        |NOISE|
  37 +------+------------+      +---------+---------+  +-------------+-----+
  38
  39 ---------------------------------------------------------------------------------------> t
  40 @end verbatim
  41
  42 @item @ref{CPR} mode.
  43
  44 This mode also hides packets timestamps. It can increase delays and
  45 insert dummy noised packets.
  46
  47 @verbatim
  48  +------const------+             +------const------+             +------const------+
  49 /                   \           /                   \           /                   \
  50
  51 +------+------------+           +---------+---------+           +-------------------+
  52 | DATA | NOISE      |<--const-->| DATA    | NOISE   |<--const-->|       NOISE       |
  53 +------+------------+           +---------+---------+           +-------------------+
  54
  55 ---------------------------------------------------------------------------------------> t
  56 @end verbatim
  57
  58 @end table
  59
  60 Confidentiality protection modes are also trade-off between
  61 effectiveness and resource-consumption.
  62
  63 @table @asis
  64
  65 @item @ref{Transport, Default} mode.
  66
  67 Encryption and authentication is done using well-known algorithms. This
  68 is very effective mode. It generates packets undistinguishable from the
  69 noise.
  70
  71 @verbatim
  72 +---------------------------------------------------------+
  73 |                       PACKET                            |
  74 |                                                         |
  75 |  +-----+ +---------------------------+   +-------+      |
  76 |  | TAG |/         CIPHERTEXT          \ /  NONCE  \     |
  77 |  +-----+|-----------------------------||-----------|    |
  78 |         |                             ||           |    |
  79 +---------------------------------------------------------+
  80           |                             ||           |
  81           |-----------------------------||-----------|
  82           |          ENCRYPTION         ||    MAC    |
  83           +------------+---+------------++-----------+
  84           |    DATA    |PAD|    ZEROS   ||  SERIAL   |
  85           +------------+---+------------++-----------+
  86 @end verbatim
  87
  88 @item @ref{Encless, Encryptionless} mode.
  89
  90 This mode does not use any encryption function. Chaffing-and-Winnowing
  91 encoding is used over AONT (all-or-nothing) package instead. This mode
  92 consumes much more traffic and resources. It also generated
  93 undistinguishable from the noise packets.
  94
  95 @verbatim
  96 +----------------------------------------------------+
  97 |                  PACKET                            |
  98 |                                                    |
  99 |     +---------------------------+  +---------+     |
 100 |    /         CIPHERTEXT          \/   NONCE   \    |
 101 |    |-----------------------------||-----------|    |
 102 |    |                             ||           |    |
 103 +----------------------------------------------------+
 104      |                             ||           |
 105      |--------+--------------------||-----------|
 106      |Chaffing|        AONT        ||    MAC    |
 107      +--------+---+---+------------++-----------+
 108      |    DATA    |PAD|    ZEROS   ||  SERIAL   |
 109      +------------+---+------------++-----------+
 110 @end verbatim
 111
 112 @end table