On Tue, Oct 17, 2006 at 01:07:46PM +0300, Andrei Gurtov wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi Folks,
>
> I'm not sure if or-talk would have been a better place for this
> question,
Nope; or-dev is the right place for design.
> but have you considered using Host Identity Protocol (HIP) in
> the Tor implementation?
HIP looks like neat stuff, especially in its mobility features, but it
doesn't seem very mature. Generally, we'd like to avoid being early
adopters of whiz-bang new features on the internet, since it's hard to
say in advance how popular they will turn out to be.
> If I understood right, currently Tor uses TLS
> encryption that leaves some protocol headers feasible.
Tor uses TLS for link encryption, not for end-to-end encryption.
Relevant protocol headers (like the target port and IP) are indeed
encrypted. I don't personally see a lot of point in encrypting the
port of the next OR to which you're talking.
If you'd like to know how Tor's encryption works in detail, you should
read tor-spec.txt , available at
http://tor.eff.org/svn/trunk/doc/tor-spec.txt
> HIP combines IPsec with DoS-resistant key exchange protocol (see
> RFC4423). If Tor would use it, then all transport-related info like port
> numbers would be hidden by ESP. It would also allow mobile and
> multihomed Tor servers. Clients could authenticate Tor servers (so that
> faked servers could not be inserted) and servers would be more protected
> against state-exhausting DoS attacks. HIP would also allow to use
> arbitrary transport protocols like UDP or SCTP instead of only TCP.
The mobility and DoS-prevention features of HIP look neat; servers are
already authenticated in the current protocol.
Adding UDP support would be a major win, but it wouldn't be so simple
as just switching to HIP; see the FAQ question about UDP support.
yrs,
--
Nick Mathewson
Attachment:
pgpUpf6VR7mAT.pgp
Description: PGP signature