diff options
Diffstat (limited to 'spec/rend-spec-v3/hidden-service-descriptors-encryption-format-hs-desc-enc.md')
-rw-r--r-- | spec/rend-spec-v3/hidden-service-descriptors-encryption-format-hs-desc-enc.md | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/spec/rend-spec-v3/hidden-service-descriptors-encryption-format-hs-desc-enc.md b/spec/rend-spec-v3/hidden-service-descriptors-encryption-format-hs-desc-enc.md index 8c6982b..719d4fa 100644 --- a/spec/rend-spec-v3/hidden-service-descriptors-encryption-format-hs-desc-enc.md +++ b/spec/rend-spec-v3/hidden-service-descriptors-encryption-format-hs-desc-enc.md @@ -1,4 +1,5 @@ <a id="rend-spec-v3.txt-2.5"></a> + ## Hidden service descriptors: encryption format [HS-DESC-ENC] Hidden service descriptors are protected by two layers of encryption. @@ -10,6 +11,7 @@ second layer of encryption is only useful when client authorization is enabled and protects against entities that do not possess valid client credentials. <a id="rend-spec-v3.txt-2.5.1"></a> + ### First layer of encryption [HS-DESC-FIRST-LAYER] The first layer of HS descriptor encryption is designed to protect @@ -17,6 +19,7 @@ descriptor confidentiality against entities who don't know the public identity key of the hidden service. <a id="rend-spec-v3.txt-2.5.1.1"></a> + #### First layer encryption logic The encryption keys and format for the first layer of encryption are @@ -39,6 +42,7 @@ Before encryption the plaintext is padded with NUL bytes to the nearest multiple of 10k bytes. <a id="rend-spec-v3.txt-2.5.1.2"></a> + #### First layer plaintext format After clients decrypt the first layer of encryption, they need to parse the @@ -133,6 +137,7 @@ Here are all the supported fields: ``` <a id="rend-spec-v3.txt-2.5.1.3"></a> + #### Client behavior [FIRST-LAYER-CLIENT-BEHAVIOR] ```text @@ -154,6 +159,7 @@ Here are all the supported fields: ``` <a id="rend-spec-v3.txt-2.5.1.4"></a> + #### Hiding client authorization data ```text @@ -176,6 +182,7 @@ Here are all the supported fields: ``` <a id="rend-spec-v3.txt-2.5.2"></a> + ### Second layer of encryption [HS-DESC-SECOND-LAYER] The second layer of descriptor encryption is designed to protect descriptor @@ -188,6 +195,7 @@ If client authorization is disabled, then the second layer of HS encryption does not offer any additional security, but is still used. <a id="rend-spec-v3.txt-2.5.2.1"></a> + #### Second layer encryption keys The encryption keys and format for the second layer of encryption are @@ -204,6 +212,7 @@ parameters as follows: ``` <a id="rend-spec-v3.txt-2.5.2.2"></a> + #### Second layer plaintext format After decrypting the second layer ciphertext, clients can finally learn the @@ -386,6 +395,7 @@ implementations MUST accept this section even if it is missing its final newline. <a id="rend-spec-v3.txt-2.5.3"></a> + ### Deriving hidden service descriptor encryption keys [HS-DESC-ENCRYPTION-KEYS] In this section we present the generic encryption format for hidden service @@ -428,6 +438,7 @@ Here is the key generation logic: ``` <a id="rend-spec-v3.txt-2.5.4"></a> + ### Number of introduction points [NUM_INTRO_POINT] This section defines how many introduction points an hidden service @@ -443,4 +454,3 @@ The reason for a maximum value of 20 is to give enough scalability to tools like OnionBalance to be able to load balance up to 120 servers (20 x 6 HSDirs) but also in order for the descriptor size to not overwhelmed hidden service directories with user defined values that could be gigantic. - |