diff options
| author | teor <teor@torproject.org> | 2018-07-19 13:29:30 +1000 |
|---|---|---|
| committer | teor <teor@torproject.org> | 2018-07-19 13:29:30 +1000 |
| commit | 81a066672d25c2413f0aca1ec735b63c1c98cb11 (patch) | |
| tree | 86cbc4b02d96fafd0f58f50256b7b0f99250e0a0 /tor-spec.txt | |
| parent | c551c2dc07785cc96468a079b1b9a77ddb1e17b0 (diff) | |
| download | torspec-81a066672d25c2413f0aca1ec735b63c1c98cb11.tar.gz torspec-81a066672d25c2413f0aca1ec735b63c1c98cb11.zip | |
tor-spec: Rewrite the Routing Relay Cells section
The section now consists of:
* forward encryption at the client
* forward decryption at ORs
* backward encryption at the end (exit)
* backward decryption at the client
Part of 26860.
Diffstat (limited to 'tor-spec.txt')
| -rw-r--r-- | tor-spec.txt | 64 |
1 files changed, 48 insertions, 16 deletions
diff --git a/tor-spec.txt b/tor-spec.txt index db32093..364505f 100644 --- a/tor-spec.txt +++ b/tor-spec.txt @@ -1353,18 +1353,35 @@ see tor-design.pdf. 5.5. Routing relay cells - When an OR receives a RELAY or RELAY_EARLY cell, it checks the cell's - circID and determines whether it has a corresponding circuit along that - connection. If not, the OR drops the cell. +5.5.1. Circuit ID Checks - Otherwise, if the OR is not at the OP edge of the circuit (that is, - either an 'exit node' or a non-edge node), it de/encrypts the payload + When a node wants to send a RELAY or RELAY_EARLY cell, it checks the cell's + circID and determines whether the corresponding circuit along that + connection is still open. If not, the node drops the cell. + + When a node receives a RELAY or RELAY_EARLY cell, it checks the cell's + circID and determines whether it has a corresponding circuit along + that connection. If not, the node drops the cell. + +5.5.2. Forward Direction + + The forward direction is the direction that CREATE cells are sent. + +5.5.2.1. Routing from the Origin + + When a relay cell is sent from an OP, the OP encrypts the payload + with the stream cipher as follows: + OP sends relay cell: + For I=N...1, where N is the destination node: + Encrypt with Kf_I. + Transmit the encrypted cell to node 1. + +5.5.2.2. Relaying Forward at Onion Routers + + When a forward relay cell is received by an OR, it decrypts the payload with the stream cipher, as follows: - 'Forward' relay cell (same direction as CREATE): - Use Kf as key; decrypt. - 'Back' relay cell (opposite direction from CREATE): - Use Kb as key; encrypt. - Note that in counter mode, decrypt and encrypt are the same operation. + 'Forward' relay cell: + Use Kf as key; decrypt. The OR then decides whether it recognizes the relay cell, by inspecting the payload as described in section 6.1 below. If the OR @@ -1374,14 +1391,29 @@ see tor-design.pdf. encounters an unrecognized relay cell, an error has occurred: the OR sends a DESTROY cell to tear down the circuit. + For more information, see section 6 below. + +5.5.3. Backward Direction + + The backward direction is the opposite direction from CREATE cells. + +5.5.3.1. Relaying Backward at Onion Routers + + When a backward relay cell is received by an OR, it encrypts the payload + with the stream cipher, as follows: + 'Backward' relay cell: + Use Kb as key; encrypt. + +5.5.3. Routing to the Origin + When a relay cell arrives at an OP, the OP decrypts the payload with the stream cipher as follows: - OP receives data cell: - For I=1...N, - Decrypt with Kb_I. If the payload is recognized (see - section 6..1), then stop and process the payload. - - For more information, see section 6 below. + OP receives relay cell from node 1: + For I=1...N, where N is the final node on the circuit: + Decrypt with Kb_I. + If the payload is recognized (see section 6.1), then: + The sending node is I. + Stop and process the payload. 5.6. Handling relay_early cells |