diff options
author | Nick Mathewson <nickm@torproject.org> | 2003-06-02 02:18:16 +0000 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2003-06-02 02:18:16 +0000 |
commit | d3592af0428bd604041bb7524532e04d2799e479 (patch) | |
tree | 20beb5ae6443c5b413f2581cc16af08f4465139f | |
parent | dfa64b61ed7f7c3ff0976755cb8dd319be7362f1 (diff) | |
download | tor-d3592af0428bd604041bb7524532e04d2799e479.tar.gz tor-d3592af0428bd604041bb7524532e04d2799e479.zip |
Answer question about eliminating symmetric encryption from onion skins
svn:r304
-rw-r--r-- | src/or/onion.c | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/src/or/onion.c b/src/or/onion.c index 803fe3be15..61021e6d4f 100644 --- a/src/or/onion.c +++ b/src/or/onion.c @@ -428,7 +428,20 @@ crypt_path_t *onion_generate_cpath(routerinfo_t **firsthop) { * The first 128 bytes are RSA-encrypted with the server's public key, * and the last 16 are encrypted with the symmetric key. */ -/* FIXME: Nick: looks like we could simplify this by just using 128 bytes for g^x. */ +/* FIXME: + Nick: looks like we could simplify this by just using 128 bytes for g^x. + + Problem: this will fail if g^x is greater than the RSA modulus. + We'd need to repeatedly generate g^x, until we got one that was + < the RSA modulus. Also, if we ever can afford to revert to a + bigger DH key, we'll need to revert. Are these 'features' ok? + If so, we can omit the symmetric encryption. + + Convesely, we can just increment RSA key sizes. Since we don't + use them very often comparatively, we may be able to afford 1536 + bits. (Just a thought.) + -NM +*/ int onion_skin_create(crypto_pk_env_t *dest_router_key, crypto_dh_env_t **handshake_state_out, |