diff options
author | George Kadianakis <desnacked@riseup.net> | 2018-06-23 13:24:51 -0500 |
---|---|---|
committer | George Kadianakis <desnacked@riseup.net> | 2018-06-23 18:17:43 -0500 |
commit | ed29ac205461ca0d1e61e3d4caad95381139eedb (patch) | |
tree | 7e53273f940e3808594dc8a85a68a4f2c88b17cf /rend-spec-v3.txt | |
parent | 4df184021b7c84cc47e2ed19a601b1e790b5b4fb (diff) | |
download | torspec-ed29ac205461ca0d1e61e3d4caad95381139eedb.tar.gz torspec-ed29ac205461ca0d1e61e3d4caad95381139eedb.zip |
rend-spec-v3.txt: Clarify role of first layer desc encryption.
It's meant to protect against entities that don't know the identity public
key (aka the onion address).
Closes #26379. Pointed out by Steven Murdoch.
Diffstat (limited to 'rend-spec-v3.txt')
-rw-r--r-- | rend-spec-v3.txt | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/rend-spec-v3.txt b/rend-spec-v3.txt index 728f38f..0b56fce 100644 --- a/rend-spec-v3.txt +++ b/rend-spec-v3.txt @@ -1124,8 +1124,8 @@ Table of contents: 2.5.1. First layer of encryption [HS-DESC-FIRST-LAYER] The first layer of HS descriptor encryption is designed to protect - descriptor confidentiality against entities who don't know the blinded - public key of the hidden service. + descriptor confidentiality against entities who don't know the public + identity key of the hidden service. 2.5.1.1. First layer encryption logic @@ -1136,6 +1136,11 @@ Table of contents: SECRET_DATA = blinded-public-key STRING_CONSTANT = "hsdir-superencrypted-data" + The encryption scheme in [HS-DESC-ENCRYPTION-KEYS] uses the service + credential which is derived from the public identity key (see [SUBCRED]) to + ensure that only entities who know the public identity key can decrypt the + first descriptor layer. + The ciphertext is placed on the "superencrypted" field of the descriptor. Before encryption the plaintext is padded with NUL bytes to the nearest |