aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2004-04-01 03:31:00 +0000
committerNick Mathewson <nickm@torproject.org>2004-04-01 03:31:00 +0000
commitfed8cb69bd2067eef910087d5aad62a3c5718c5e (patch)
tree04d9c027aaa9f62f098d7ecbeafa2cfca1c149cf
parentd01497cf3cb6e3c890e49953d5becd745a5222e5 (diff)
downloadtor-fed8cb69bd2067eef910087d5aad62a3c5718c5e.tar.gz
tor-fed8cb69bd2067eef910087d5aad62a3c5718c5e.zip
Use padding with intro requests
svn:r1425
-rw-r--r--doc/rend-spec.txt14
1 files changed, 5 insertions, 9 deletions
diff --git a/doc/rend-spec.txt b/doc/rend-spec.txt
index 0129ffe87c..a74a81cfc6 100644
--- a/doc/rend-spec.txt
+++ b/doc/rend-spec.txt
@@ -244,15 +244,11 @@ Tor Rendezvous Spec
PK_ID is the hash of Bob's public key. RP is NUL-terminated.
The data is encrypted to Bob's PK as follows: Suppose Bob's PK is L octets
- long. If the data to be encrypted is shorter than L, then it is encrypted
- directly (with no padding). If the data is at least as long as L, then a
- randomly generated 16-byte symmetric key is prepended to the data, after
- which the first L-16 bytes of the data are encrypted with Bob's PK; and the
- rest of the data is encrypted with the symmetric key.
-
- [There's very little here is that is recognizable by Bob to let him
- know if he decrypted it correctly. Perhaps we should add OAEP padding
- to the RSA -- there is space -RD]
+ long. If the data to be encrypted is shorter than L-42, then it is
+ encrypted directly (with OAEP padding). If the data is at least as long
+ as L-42, then a randomly generated 16-byte symmetric key is prepended to
+ the data, after which the first L-16-42 bytes of the data are encrypted with
+ Bob's PK; and the rest of the data is encrypted with the symmetric key.
1.9. Introduction: From the Introduction Point to Bob's OP