[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[or-cvs] Specify CREATE_FAST and CREATED_FAST



Update of /home/or/cvsroot/tor/doc
In directory moria.mit.edu:/tmp/cvs-serv18249/doc

Modified Files:
	tor-spec.txt 
Log Message:
Specify CREATE_FAST and CREATED_FAST

Index: tor-spec.txt
===================================================================
RCS file: /home/or/cvsroot/tor/doc/tor-spec.txt,v
retrieving revision 1.83
retrieving revision 1.84
diff -u -d -r1.83 -r1.84
--- tor-spec.txt	2 May 2005 21:22:31 -0000	1.83
+++ tor-spec.txt	2 May 2005 22:09:34 -0000	1.84
@@ -124,6 +124,8 @@
          2 -- CREATED     (Acknowledge create)      (See Sec 4)
          3 -- RELAY       (End-to-end data)         (See Sec 5)
          4 -- DESTROY     (Stop using a circuit)    (See Sec 4)
+         5 -- CREATE_FAST (Create a circuit, no PK) (See sec 4)
+         6 -- CREATED_FAST (Circtuit created, no PK) (See Sec 4)
 
    The interpretation of 'Payload' depends on the type of the cell.
       PADDING: Payload is unused.
@@ -207,6 +209,28 @@
    implementations should notice when the other side of a connection is
    sending CREATE cells with the "wrong" MSG, and switch accordingly.)
 
+4.1.1. CREATE_FAST/CREATED_FAST cells
+
+   When initializing the first hop of a circuit, the OP has already
+   established the OR's identity and negotiated a secret key using TLS.
+   Because of this, it is not always necessary for the OP to perform the
+   an set of public key operations to create a circuit.  In this case, the
+   OP SHOULD send a CREATE_FAST cell instead of a CREATE cell for the first
+   hop only.  The OR responds with a CREATED_FAST cell, and the circuit is
+   created.
+
+   A CREATE_FAST cell contains:
+
+       Key material (X)    [20 bytes]
+
+   A CREATED_FAST cell contains:
+
+       Key material (Y)    [20 bytes]
+       Derivative key data [20 bytes]
+
+   [Versions of Tor before 0.1.???? did not support these cell types;
+    clients should not send CREATE_FAST cells to older Tor servers.]
+
 4.2. Setting circuit keys
 
    Once the handshake between the OP and an OR is completed, both
@@ -227,6 +251,11 @@
    is used to encrypt the stream of data going from the OP to the OR, and
    Kb is used to encrypt the stream of data going from the OR to the OP.
 
+   The fast-setup case uses the same formula, except that X|Y is used
+   in place of g^xy in determining K.  That is,
+      K = SHA1(X|Y | [00]) | SHA1(X|Y | [01]) | ... SHA1(X|Y| | [04])
+   The values KH, Kf, Kb, Df, and Db are established and used as before.
+
 4.3. Creating circuits
 
    When creating a circuit through the network, the circuit creator