summaryrefslogtreecommitdiff
path: root/changes
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2013-01-03 11:52:41 -0500
committerNick Mathewson <nickm@torproject.org>2013-01-03 11:52:41 -0500
commitb1bdecd703879ca09bf63bf1453a70c4b80ac96d (patch)
tree9fd512361cae60d0aec849e52e349cc1a67f8055 /changes
parentee4182612f7f06ae09531bf75e9b84ea30871278 (diff)
parentd3de0b91fb322c00d11857d89a8420af0d466e39 (diff)
downloadtor-b1bdecd703879ca09bf63bf1453a70c4b80ac96d.tar.gz
tor-b1bdecd703879ca09bf63bf1453a70c4b80ac96d.zip
Merge branch 'ntor-resquashed'
Conflicts: src/or/cpuworker.c src/or/or.h src/test/bench.c
Diffstat (limited to 'changes')
-rw-r--r--changes/ntor40
1 files changed, 40 insertions, 0 deletions
diff --git a/changes/ntor b/changes/ntor
new file mode 100644
index 0000000000..3aca82075f
--- /dev/null
+++ b/changes/ntor
@@ -0,0 +1,40 @@
+ o Major features:
+
+ - Tor now supports a new circuit extension handshake designed by Ian
+ Goldberg, Douglas Stebila, and Berkant Ustaoglu. Our original
+ circuit extension handshake, later called "TAP", was a bit slow
+ (especially on the server side), had a fragile security proof, and
+ used weaker keys than we'd now prefer. The new circuit handshake
+ uses Dan Bernstein's "curve25519" elliptic-curve Diffie-Hellman
+ function, making it significantly more secure than the older
+ handshake, and significantly faster. Tor can either use one of two
+ built-in pure-C curve25519-donna implementations by Adam Langley,
+ or link against the "nacl" library for a tuned version if present.
+
+ The built-in version is very fast for 64-bit systems building with
+ GCC. (About 10-14x faster on the server side, and about 7x faster
+ on the client side.) The built-in 32-bit version is still faster
+ than the old TAP protocol (about 3x), but using libnacl would be
+ better on most 32-bit x86 hosts.
+
+ Clients don't currently use this protocol by default, since
+ comparatively few clients support it so far. To try it, set
+ UseNTorHandshake to 1.
+
+ Implements proposal 216; closes ticket #7202.
+
+ - Tor servers and clients now support a better CREATE/EXTEND cell
+ format, allowing the sender to specify multiple address, identity,
+ and handshake types. Implements Robert Ransom's proposal 200;
+ closes ticket #7199.
+
+ o Code simplification and refactoring:
+ - Split the onion.c file into separate modules for the onion queue
+ and the different handshakes it supports.
+ - Remove the marshalling/unmarshalling code for sending requests to
+ cpuworkers over a socket, and instead just send structs. The
+ recipient will always be the same Tor binary as the sender, so
+ any encoding is overkill.
+
+ o Testing:
+ - Add benchmark functions to test onion handshake performance.