diff options
author | Nick Mathewson <nickm@torproject.org> | 2024-03-25 21:17:33 -0400 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2024-03-25 21:17:33 -0400 |
commit | 02e00acc592ca9c8c3aa1e347c6932daadded57f (patch) | |
tree | 5519b2ec9d757cb791b7a3f7832745f09f716506 | |
parent | 664b6626bac8fb356d7f9f075874c5f806c0bbb5 (diff) | |
download | torspec-02e00acc592ca9c8c3aa1e347c6932daadded57f.tar.gz torspec-02e00acc592ca9c8c3aa1e347c6932daadded57f.zip |
Slight clarifications about hsv3 relay crypto
There was a missing link at one point, and another point where we
should have said what cryptography we were using.
-rw-r--r-- | spec/rend-spec/encrypting-user-data.md | 7 | ||||
-rw-r--r-- | spec/rend-spec/introduction-protocol.md | 4 |
2 files changed, 10 insertions, 1 deletions
diff --git a/spec/rend-spec/encrypting-user-data.md b/spec/rend-spec/encrypting-user-data.md index 460f71e..fdf1a30 100644 --- a/spec/rend-spec/encrypting-user-data.md +++ b/spec/rend-spec/encrypting-user-data.md @@ -10,3 +10,10 @@ Tor relay encryption protocol, applying encryption with these keys before other encryption, and decrypting with these keys before other decryption. The client encrypts with Kf and decrypts with Kb; the service host does the opposite. + +As mentioned +[previously](./introduction-protocol.md#INTRO-HANDSHAKE-REQS), +these keys are used the same as for +[regular relay cell encryption](../tor-spec/routing-relay-cells.md), +except that instead of using AES-128 and SHA1, +both parties use AES-256 and SHA3-256. diff --git a/spec/rend-spec/introduction-protocol.md b/spec/rend-spec/introduction-protocol.md index cb7debf..e605994 100644 --- a/spec/rend-spec/introduction-protocol.md +++ b/spec/rend-spec/introduction-protocol.md @@ -721,7 +721,9 @@ HANDSHAKE_INFO element (see \[JOIN_REND\]). The hidden service host now also knows the keys generated by the handshake, which it will use to encrypt and authenticate data end-to-end between the client and the server. These keys are as -computed in tor-spec.txt section 5.1.4, except that instead of using +computed with the +[ntor handshake](../tor-spec/create-created-cells.html#ntor), +except that instead of using AES-128 and SHA1 for this hop, we use AES-256 and SHA3-256. <a id="rend-spec-v3.txt-3.4"></a> |