summaryrefslogtreecommitdiff
path: root/changes/ntor
diff options
context:
space:
mode:
Diffstat (limited to 'changes/ntor')
-rw-r--r--changes/ntor40
1 files changed, 0 insertions, 40 deletions
diff --git a/changes/ntor b/changes/ntor
deleted file mode 100644
index 3aca82075f..0000000000
--- a/changes/ntor
+++ /dev/null
@@ -1,40 +0,0 @@
- o Major features:
-
- - Tor now supports a new circuit extension handshake designed by Ian
- Goldberg, Douglas Stebila, and Berkant Ustaoglu. Our original
- circuit extension handshake, later called "TAP", was a bit slow
- (especially on the server side), had a fragile security proof, and
- used weaker keys than we'd now prefer. The new circuit handshake
- uses Dan Bernstein's "curve25519" elliptic-curve Diffie-Hellman
- function, making it significantly more secure than the older
- handshake, and significantly faster. Tor can either use one of two
- built-in pure-C curve25519-donna implementations by Adam Langley,
- or link against the "nacl" library for a tuned version if present.
-
- The built-in version is very fast for 64-bit systems building with
- GCC. (About 10-14x faster on the server side, and about 7x faster
- on the client side.) The built-in 32-bit version is still faster
- than the old TAP protocol (about 3x), but using libnacl would be
- better on most 32-bit x86 hosts.
-
- Clients don't currently use this protocol by default, since
- comparatively few clients support it so far. To try it, set
- UseNTorHandshake to 1.
-
- Implements proposal 216; closes ticket #7202.
-
- - Tor servers and clients now support a better CREATE/EXTEND cell
- format, allowing the sender to specify multiple address, identity,
- and handshake types. Implements Robert Ransom's proposal 200;
- closes ticket #7199.
-
- o Code simplification and refactoring:
- - Split the onion.c file into separate modules for the onion queue
- and the different handshakes it supports.
- - Remove the marshalling/unmarshalling code for sending requests to
- cpuworkers over a socket, and instead just send structs. The
- recipient will always be the same Tor binary as the sender, so
- any encoding is overkill.
-
- o Testing:
- - Add benchmark functions to test onion handshake performance.
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion