1 @node Modes of operation
2 @unnumbered Modes of operation
4 See also this page @ref{Режимы работы, on russian}.
6 There are three modes of operation and two modes of data confidentiality
9 Three modes of operation provide various trade-off between
10 resource-consumption and effectiveness.
16 Data packets are encrypted and authenticated and sent immediately. This
17 is the most effective mode with minimal overhead and delays.
20 +-----------+ +-----+ +---------+ +------+
21 | DATA | |DATA | | DATA | | DATA |
22 +-----------+ +-----+ +---------+ +------+
24 ---------------------------------------------------------------------------------------> t
27 @item @ref{Noise} mode.
29 This mode hides packet's lengths. It consumes more traffic as a rule.
32 +------const------+ +------const------+ +------const------+
35 +------+------------+ +---------+---------+ +-------------+-----+
36 | DATA | NOISE | | DATA | NOISE | | DATA |NOISE|
37 +------+------------+ +---------+---------+ +-------------+-----+
39 ---------------------------------------------------------------------------------------> t
44 This mode also hides packets timestamps. It can increase delays and
45 insert dummy noised packets.
48 +------const------+ +------const------+ +------const------+
51 +------+------------+ +---------+---------+ +-------------------+
52 | DATA | NOISE |<--const-->| DATA | NOISE |<--const-->| NOISE |
53 +------+------------+ +---------+---------+ +-------------------+
55 ---------------------------------------------------------------------------------------> t
60 Confidentiality protection modes are also trade-off between
61 effectiveness and resource-consumption.
65 @item @ref{Transport, Default} mode.
67 Encryption and authentication is done using well-known algorithms. This
68 is very effective mode. It generates packets undistinguishable from the
72 +---------------------------------------------------------+
75 | +-----+ +---------------------------+ +-------+ |
76 | | TAG |/ CIPHERTEXT \ / NONCE \ |
77 | +-----+|-----------------------------||-----------| |
79 +---------------------------------------------------------+
81 |-----------------------------||-----------|
83 +------------+---+------------++-----------+
84 | DATA |PAD| ZEROS || SERIAL |
85 +------------+---+------------++-----------+
88 @item @ref{Encless, Encryptionless} mode.
90 This mode does not use any encryption function. Chaffing-and-Winnowing
91 encoding is used over AONT (all-or-nothing) package instead. This mode
92 consumes much more traffic and resources. It also generated
93 undistinguishable from the noise packets.
96 +----------------------------------------------------+
99 | +---------------------------+ +---------+ |
100 | / CIPHERTEXT \/ NONCE \ |
101 | |-----------------------------||-----------| |
103 +----------------------------------------------------+
105 |--------+--------------------||-----------|
106 |Chaffing| AONT || MAC |
107 +--------+---+---+------------++-----------+
108 | DATA |PAD| ZEROS || SERIAL |
109 +------------+---+------------++-----------+