diff options
| author | Roger Dingledine <arma@torproject.org> | 2006-01-07 02:05:22 +0000 |
|---|---|---|
| committer | Roger Dingledine <arma@torproject.org> | 2006-01-07 02:05:22 +0000 |
| commit | 4c64138d71fe45879ff7df396c76b6d8ca3ee27c (patch) | |
| tree | 28ec7d30177965726bd2bbffd41fe4b179b029fd /doc/tor-spec.txt | |
| parent | af54b739856b63086fbbabd894cef15cbe4d0013 (diff) | |
| download | tor-4c64138d71fe45879ff7df396c76b6d8ca3ee27c.tar.gz tor-4c64138d71fe45879ff7df396c76b6d8ca3ee27c.zip | |
correct the key material paragraph
svn:r5748
Diffstat (limited to 'doc/tor-spec.txt')
| -rw-r--r-- | doc/tor-spec.txt | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/doc/tor-spec.txt b/doc/tor-spec.txt index e92b9d72e3..70a215e40a 100644 --- a/doc/tor-spec.txt +++ b/doc/tor-spec.txt @@ -268,12 +268,12 @@ when do we rotate which keys (tls, link, etc)? If CREATE_FAST is used, the client and server base their key material on K0=X|Y. - From the base key material g^xy, they compute derivative key material as - follows. Next, the server computes 100 bytes of key data as K = SHA1(K0 - | [00]) | SHA1(K0 | [01]) | ... SHA1(K0 | [04]) where "00" is a single - octet whose value is zero, [01] is a single octet whose value is one, etc. - The first 20 bytes of K form KH, bytes 21-40 form the forward digest Df, - 41-60 form the backward digest Db, 61-76 form Kf, and 77-92 form Kb. + From the base key material K0, they compute 100 bytes of derivative + key data as K = SHA1(K0 | [00]) | SHA1(K0 | [01]) | ... SHA1(K0 | + [04]) where "00" is a single octet whose value is zero, [01] is a + single octet whose value is one, etc. The first 20 bytes of K form + KH, bytes 21-40 form the forward digest Df, 41-60 form the backward + digest Db, 61-76 form Kf, and 77-92 form Kb. KH is used in the handshake response to demonstrate knowledge of the computed shared key. Df is used to seed the integrity-checking hash |