mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-10 21:23:58 +01:00
Answer question about eliminating symmetric encryption from onion skins
svn:r304
This commit is contained in:
parent
dfa64b61ed
commit
d3592af042
@ -428,7 +428,20 @@ crypt_path_t *onion_generate_cpath(routerinfo_t **firsthop) {
|
|||||||
* The first 128 bytes are RSA-encrypted with the server's public key,
|
* The first 128 bytes are RSA-encrypted with the server's public key,
|
||||||
* and the last 16 are encrypted with the symmetric key.
|
* and the last 16 are encrypted with the symmetric key.
|
||||||
*/
|
*/
|
||||||
/* FIXME: Nick: looks like we could simplify this by just using 128 bytes for g^x. */
|
/* FIXME:
|
||||||
|
Nick: looks like we could simplify this by just using 128 bytes for g^x.
|
||||||
|
|
||||||
|
Problem: this will fail if g^x is greater than the RSA modulus.
|
||||||
|
We'd need to repeatedly generate g^x, until we got one that was
|
||||||
|
< the RSA modulus. Also, if we ever can afford to revert to a
|
||||||
|
bigger DH key, we'll need to revert. Are these 'features' ok?
|
||||||
|
If so, we can omit the symmetric encryption.
|
||||||
|
|
||||||
|
Convesely, we can just increment RSA key sizes. Since we don't
|
||||||
|
use them very often comparatively, we may be able to afford 1536
|
||||||
|
bits. (Just a thought.)
|
||||||
|
-NM
|
||||||
|
*/
|
||||||
int
|
int
|
||||||
onion_skin_create(crypto_pk_env_t *dest_router_key,
|
onion_skin_create(crypto_pk_env_t *dest_router_key,
|
||||||
crypto_dh_env_t **handshake_state_out,
|
crypto_dh_env_t **handshake_state_out,
|
||||||
|
Loading…
Reference in New Issue
Block a user