diff options
author | Karsten Loesing <karsten.loesing@gmx.net> | 2008-08-01 11:19:43 +0000 |
---|---|---|
committer | Karsten Loesing <karsten.loesing@gmx.net> | 2008-08-01 11:19:43 +0000 |
commit | ff180d5a7190f8e286150657a5b0c20e3050d6f5 (patch) | |
tree | 7d02f097518c7cc4ed85aca88cb1f25fbceb49ac /proposals/121-hidden-service-authentication.txt | |
parent | 1279f1b8fdf577e2f9076aaa84173016b7c9476b (diff) | |
download | torspec-ff180d5a7190f8e286150657a5b0c20e3050d6f5.tar.gz torspec-ff180d5a7190f8e286150657a5b0c20e3050d6f5.zip |
Proposal 121: Use first part of Diffie-Hellman handshake for replay protection instead of rendezvous cookie.
svn:r16327
Diffstat (limited to 'proposals/121-hidden-service-authentication.txt')
-rw-r--r-- | proposals/121-hidden-service-authentication.txt | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/proposals/121-hidden-service-authentication.txt b/proposals/121-hidden-service-authentication.txt index 971572d..149ba7a 100644 --- a/proposals/121-hidden-service-authentication.txt +++ b/proposals/121-hidden-service-authentication.txt @@ -28,6 +28,8 @@ Change history: with Nick 31-Jul-2008 Limit maximum descriptor size to 20 kilobytes to prevent abuse. + 01-Aug-2008 Use first part of Diffie-Hellman handshake for replay + protection instead of rendezvous cookie. Overview: @@ -385,10 +387,13 @@ Details: When receiving a v3 INTRODUCE2 cell, Bob checks whether a client has provided valid authorization data to him. He also requires that the timestamp is no more than 30 minutes in the past or future and that the - rendezvous cookie has not been used in the past 60 minutes to prevent - replay attacks by rogue introduction points. If all checks pass, Bob - builds a circuit to the provided rendezvous point and otherwise drops the - cell. + first part of the Diffie-Hellman handshake has not been used in the past + 60 minutes to prevent replay attacks by rogue introduction points. (The + reason for not using the rendezvous cookie to detect replays---even + though it is only sent once in the current design---is that it might be + desirable to re-use rendezvous cookies for multiple introduction requests + in the future.) If all checks pass, Bob builds a circuit to the provided + rendezvous point and otherwise drops the cell. 1.4. Summary of authorization data fields |