[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #22995 [Core Tor/Tor]: prop224 should say we use SHA3-256 for rend circuit digests

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #22995 [Core Tor/Tor]: prop224 should say we use SHA3-256 for rend circuit digests
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Tue, 19 Sep 2017 14:02:43 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 19 Sep 2017 10:02:53 -0400
In-reply-to: <044.e56a0d927409056d8e8234757eb80208@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <044.e56a0d927409056d8e8234757eb80208@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#22995: prop224 should say we use SHA3-256 for rend circuit digests
------------------------------------+------------------------------------
 Reporter:  teor                    |          Owner:  asn
     Type:  defect                  |         Status:  assigned
 Priority:  Medium                  |      Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor            |        Version:
 Severity:  Normal                  |     Resolution:
 Keywords:  prop224, tor-spec, doc  |  Actual Points:
Parent ID:                          |         Points:  0.5
 Reviewer:                          |        Sponsor:
------------------------------------+------------------------------------

Comment (by asn):

 What's the problem here? The spec does say that SHA3-256 should be used:
 {{{
 4.2.1. Key expansion

    The hidden service and its client need to derive crypto keys from the
    NTOR_KEY_SEED part of the handshake output. To do so, they use the KDF
    construction as follows:

        K = KDF(NTOR_KEY_SEED | m_hsexpand,    HASH_LEN * 2 + S_KEY_LEN *
 2)

    The first HASH_LEN bytes of K form the forward digest Df; the next
 HASH_LEN
    bytes form the backward digest Db; the next S_KEY_LEN bytes form Kf,
 and the
    final S_KEY_LEN bytes form Kb.  Excess bytes from K are discarded.
 }}}

 Do you think we should make it clearer in section 5 that those keys are
 from `KDF()` which:
 {{{
       * Instantiate KDF with SHAKE-256.
 }}}

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22995#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #23231 [Applications/Tor Browser]: Error in STL wrappers when building Firefox 64-bit for Windows
Next by Author: Re: [tor-bugs] #16553 [Metrics/Onionoo]: Add support for searching by host name
Previous by thread: Re: [tor-bugs] #23009 [Core Tor/Tor]: Make it clear that RELAY_SENDME cells don't have a payload
Next by thread: Re: [tor-bugs] #22995 [Core Tor/Tor]: prop224 should say we use SHA3-256 for rend circuit digests
Index(es):
- Author
- Thread