[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [torspec/master] prop224: Remove KH from ntor key derivation.

To: tor-commits@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-commits] [torspec/master] prop224: Remove KH from ntor key derivation.
From: nickm@xxxxxxxxxxxxxx
Date: Tue, 30 May 2017 12:43:38 +0000 (UTC)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 30 May 2017 08:43:55 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-commits/>
List-help: <mailto:tor-commits-request@lists.torproject.org?subject=help>
List-id: "auto: code repository commits" <tor-commits.lists.torproject.org>
List-post: <mailto:tor-commits@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=unsubscribe>
Patch-author: George Kadianakis <desnacked@xxxxxxxxxx>
Sender: "tor-commits" <tor-commits-bounces@xxxxxxxxxxxxxxxxxxxx>

commit c8e256400689fd19f4c429349f532ab21cb7583e
Author: George Kadianakis <desnacked@xxxxxxxxxx>
Date:   Tue May 23 15:48:21 2017 +0300

    prop224: Remove KH from ntor key derivation.
    
    We don't need KH anymore since we do a MAC check anyway.
---
 proposals/224-rend-spec-ng.txt | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/proposals/224-rend-spec-ng.txt b/proposals/224-rend-spec-ng.txt
index f8e131c..6f16fce 100644
--- a/proposals/224-rend-spec-ng.txt
+++ b/proposals/224-rend-spec-ng.txt
@@ -1857,12 +1857,11 @@ Table of contents:
    NTOR_KEY_SEED part of the handshake output. To do so, they use the KDF
    construction as follows:
 
-       K = KDF(NTOR_KEY_SEED | m_hsexpand,    HASH_LEN * 3 + S_KEY_LEN * 2)
+       K = KDF(NTOR_KEY_SEED | m_hsexpand,    HASH_LEN * 2 + S_KEY_LEN * 2)
 
-   The first HASH_LEN bytes of K form KH; the next HASH_LEN form the forward
-   digest Df; the next HASH_LEN bytes form the backward digest Db; the next
-   S_KEY_LEN bytes form Kf, and the final S_KEY_LEN bytes form Kb.  Excess
-   bytes from K are discarded.
+   The first HASH_LEN bytes of K form the forward digest Df; the next HASH_LEN
+   bytes form the backward digest Db; the next S_KEY_LEN bytes form Kf, and the
+   final S_KEY_LEN bytes form Kb.  Excess bytes from K are discarded.
 
    Subsequently, the rendezvous point passes relay cells, unchanged, from each
    of the two circuits to the other.  When Alice's OP sends RELAY cells along



_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

Prev by Author: [tor-commits] [tor/master] Merge branch 'ahf_bugs_21667_2_squashed'
Next by Author: [tor-commits] [tor/master] test: Move duplicate HS test code and unify it
Previous by thread: [tor-commits] [torspec/master] prop224: Hash time period length wherever we use period_num.
Next by thread: [tor-commits] [torspec/master] prop224: Specify blinding factor clamping.
Index(es):
- Author
- Thread