[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] Answer question about eliminating symmetric encryption from...
- To: or-cvs@freehaven.net
- Subject: [or-cvs] Answer question about eliminating symmetric encryption from...
- From: nickm@seul.org (Nick Mathewson)
- Date: Sun, 1 Jun 2003 22:18:18 -0400 (EDT)
- Delivered-to: archiver@seul.org
- Delivered-to: or-cvs-outgoing@seul.org
- Delivered-to: or-cvs@seul.org
- Delivery-date: Sun, 01 Jun 2003 22:18:25 -0400
- Reply-to: or-dev@freehaven.net
- Sender: owner-or-cvs@freehaven.net
Update of /home/or/cvsroot/src/or
In directory moria.mit.edu:/tmp/cvs-serv27580/src/or
Modified Files:
onion.c
Log Message:
Answer question about eliminating symmetric encryption from onion skins
Index: onion.c
===================================================================
RCS file: /home/or/cvsroot/src/or/onion.c,v
retrieving revision 1.51
retrieving revision 1.52
diff -u -d -r1.51 -r1.52
--- onion.c 28 May 2003 02:03:25 -0000 1.51
+++ onion.c 2 Jun 2003 02:18:16 -0000 1.52
@@ -428,7 +428,20 @@
* The first 128 bytes are RSA-encrypted with the server's public key,
* and the last 16 are encrypted with the symmetric key.
*/
-/* FIXME: Nick: looks like we could simplify this by just using 128 bytes for g^x. */
+/* FIXME:
+ Nick: looks like we could simplify this by just using 128 bytes for g^x.
+
+ Problem: this will fail if g^x is greater than the RSA modulus.
+ We'd need to repeatedly generate g^x, until we got one that was
+ < the RSA modulus. Also, if we ever can afford to revert to a
+ bigger DH key, we'll need to revert. Are these 'features' ok?
+ If so, we can omit the symmetric encryption.
+
+ Convesely, we can just increment RSA key sizes. Since we don't
+ use them very often comparatively, we may be able to afford 1536
+ bits. (Just a thought.)
+ -NM
+*/
int
onion_skin_create(crypto_pk_env_t *dest_router_key,
crypto_dh_env_t **handshake_state_out,