[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [torspec] branch main updated: Describe the behavior of our HSv3 crypto layers.

To: tor-commits@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-commits] [torspec] branch main updated: Describe the behavior of our HSv3 crypto layers.
From: gitolite role via tor-commits <tor-commits@xxxxxxxxxxxxxxxxxxxx>
Date: Tue, 13 Jun 2023 16:13:45 +0000
Auto-submitted: auto-generated
Cc: gitolite role <git@xxxxxxxxxxxxxxxxxxxxx>
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 13 Jun 2023 12:13:56 -0400
Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=lists.torproject.org; s=2022-eugeni; t=1686672832; bh=s4qY81CNF4Ja5q12d7trV3j/gx7OE7tWKAac+jkKcnA=; h=Date:To:Subject:List-Id:List-Unsubscribe:List-Archive:List-Post: List-Help:List-Subscribe:From:Reply-To:Cc:From; b=F0VxcREDOCJ03P0yLyH/bXF4B4jWxNthW1RIaOeI9N14d+2XR3vli8NNRVvrt85fO CnS855IcgeLIn9gw80Tg0zI9nQi6yFgPWdyM3Ul9bBddOCqCl+ZTX/kR8krJ7cLaGD 8ZZemq0sSKdHP6G8tmegIaZck4wAncjA5UFjJC9ikTmi99SiS4QUpAYeooiJjhKN2L SGyWEYVnvAVbLwdaEBSQS88loo6JqLOZNhD2Lg4nvgZZU5HycTFIPPOTK0nxXEFfj9 AmjkLHIUG0GOsgHwdiEbIKWY8i3UdDZHQEeov6bAgped7Q7LH1xqy5JEa6ozetnEyF 0eUlRKi62sE7g==
List-archive: <http://lists.torproject.org/pipermail/tor-commits/>
List-help: <mailto:tor-commits-request@lists.torproject.org?subject=help>
List-id: "auto: code repository commits" <tor-commits.lists.torproject.org>
List-post: <mailto:tor-commits@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=unsubscribe>
Reply-to: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Sender: "tor-commits" <tor-commits-bounces@xxxxxxxxxxxxxxxxxxxx>

This is an automated email from the git hooks/post-receive script.

dgoulet pushed a commit to branch main
in repository torspec.

The following commit(s) were added to refs/heads/main by this push:
     new b345ca0  Describe the behavior of our HSv3 crypto layers.
b345ca0 is described below

commit b345ca044131b2eb18e6ae0d5f23643a92aeff34
Author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
AuthorDate: Tue Jun 13 11:15:47 2023 -0400

    Describe the behavior of our HSv3 crypto layers.
    
    These layers use SHA3 instead of SHA1 and AES256 instead of AES128.
    Their SENDME tags are made with SHA3 too, but they are truncated to
    20 bytes.
    
    Closes #204.
---
 rend-spec-v3.txt | 3 ++-
 tor-spec.txt     | 5 +++++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/rend-spec-v3.txt b/rend-spec-v3.txt
index 53880db..062b3d7 100644
--- a/rend-spec-v3.txt
+++ b/rend-spec-v3.txt
@@ -2080,7 +2080,8 @@ Table of contents:
    The hidden service host now also knows the keys generated by the
    handshake, which it will use to encrypt and authenticate data
    end-to-end between the client and the server. These keys are as
-   computed in tor-spec.txt section 5.1.4.
+   computed in tor-spec.txt section 5.1.4, except that instead of using
+   AES-128 and SHA1 for this hop, we use AES-256 and SHA3-256.
 
 3.4. Authentication during the introduction phase. [INTRO-AUTH]
 
diff --git a/tor-spec.txt b/tor-spec.txt
index 72a3f19..8ab16d8 100644
--- a/tor-spec.txt
+++ b/tor-spec.txt
@@ -2175,6 +2175,11 @@ see tor-design.pdf.
          matched on the other side from the previous cell sent that the OR/OP
          must remember.
 
+         (Note that if the digest in use has an output length greater than 20
+         bytes—as is the case for the hop of an onion service rendezvous
+         circuit created by the hs_ntor handshake—we truncate the digest
+         to 20 bytes here.)
+
    If the VERSION is unrecognized or below the minimum accepted version (taken
    from the consensus), the circuit should be torn down.
 

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

Prev by Author: [tor-commits] [stem] 20/20: Stem release 1.8.2
Next by Author: [tor-commits] [stem] 15/20: Remove tests for deprecated tor version
Previous by thread: [tor-commits] [Git][tpo/applications/tor-browser][tor-browser-102.12.0esr-13.0-1] fixup! Bug 21952: Implement Onion-Location
Next by thread: [tor-commits] [torspec] branch main updated: update 343-rend-caa to include guidance on the non mandatory state of CAA
Index(es):
- Author
- Thread