diff options
author | Nick Mathewson <nickm@torproject.org> | 2023-02-08 11:39:37 -0500 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2023-02-08 11:39:37 -0500 |
commit | 78385868959876f08149d7cd0346b2603d327a0f (patch) | |
tree | 0e996a034b9f6f9add4f0c411a9c8d92b550013d | |
parent | 4234d9325913a0c2ab54a86f2108b3fe99551035 (diff) | |
download | torspec-78385868959876f08149d7cd0346b2603d327a0f.tar.gz torspec-78385868959876f08149d7cd0346b2603d327a0f.zip |
Refer to N_hs_desc_enc in description of encrypted-cookie
-rw-r--r-- | rend-spec-v3.txt | 11 |
1 files changed, 3 insertions, 8 deletions
diff --git a/rend-spec-v3.txt b/rend-spec-v3.txt index 0dc20db..947d82e 100644 --- a/rend-spec-v3.txt +++ b/rend-spec-v3.txt @@ -1242,13 +1242,8 @@ Table of contents: a pre-shared x25519 keypair (`KP_hsc_desc_enc`) which is used to decrypt the descriptor cookie. - - We now describe the descriptor cookie encryption scheme. Here are the - relevant keys: - - descriptor_cookie = descriptor cookie used to encrypt the descriptor - - And here is what the hidden service computes: + We now describe the descriptor cookie encryption scheme. Here is what + the hidden service computes: SECRET_SEED = x25519(KS_hs_desc_ephem, KP_hsc_desc_enc) KEYS = KDF(N_hs_subcred | SECRET_SEED, 40) @@ -1263,7 +1258,7 @@ Table of contents: - The "encrypted-cookie" field contains the descriptor cookie ciphertext as follows and is encoded in base64: - encrypted-cookie = STREAM(iv, COOKIE-KEY) XOR descriptor_cookie + encrypted-cookie = STREAM(iv, COOKIE-KEY) XOR N_hs_desc_enc. See section [FIRST-LAYER-CLIENT-BEHAVIOR] for the client-side logic of how to decrypt the descriptor cookie. |