From ed29ac205461ca0d1e61e3d4caad95381139eedb Mon Sep 17 00:00:00 2001 From: George Kadianakis Date: Sat, 23 Jun 2018 13:24:51 -0500 Subject: rend-spec-v3.txt: Clarify role of first layer desc encryption. It's meant to protect against entities that don't know the identity public key (aka the onion address). Closes #26379. Pointed out by Steven Murdoch. --- rend-spec-v3.txt | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'rend-spec-v3.txt') diff --git a/rend-spec-v3.txt b/rend-spec-v3.txt index 728f38f..0b56fce 100644 --- a/rend-spec-v3.txt +++ b/rend-spec-v3.txt @@ -1124,8 +1124,8 @@ Table of contents: 2.5.1. First layer of encryption [HS-DESC-FIRST-LAYER] The first layer of HS descriptor encryption is designed to protect - descriptor confidentiality against entities who don't know the blinded - public key of the hidden service. + descriptor confidentiality against entities who don't know the public + identity key of the hidden service. 2.5.1.1. First layer encryption logic @@ -1136,6 +1136,11 @@ Table of contents: SECRET_DATA = blinded-public-key STRING_CONSTANT = "hsdir-superencrypted-data" + The encryption scheme in [HS-DESC-ENCRYPTION-KEYS] uses the service + credential which is derived from the public identity key (see [SUBCRED]) to + ensure that only entities who know the public identity key can decrypt the + first descriptor layer. + The ciphertext is placed on the "superencrypted" field of the descriptor. Before encryption the plaintext is padded with NUL bytes to the nearest -- cgit v1.2.3-54-g00ecf