[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Better Authentication/Key Negotiations

To: or-talk@xxxxxxxxxxxxx
Subject: Better Authentication/Key Negotiations
From: Watson Ladd <watsonbladd@xxxxxxxxx>
Date: Tue, 29 Aug 2006 10:31:30 -0400
Delivered-to: archiver@seul.org
Delivered-to: or-talk-outgoing@seul.org
Delivered-to: or-talk@seul.org
Delivery-date: Tue, 29 Aug 2006 10:31:50 -0400
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:user-agent:mime-version:to:subject:content-type:content-transfer-encoding; b=pZqprhcxpM3W3rgPByV0gcS6QpWm8HMbPQ1UUfcb1cC2vvS+puGMqVJ3e01NoqjQ6SblWcgiy8+UUdVzMI77Sp4h6xTHkhDfRp9xIzri2k6g+0A3DaCBtQNSrk7dYzszU3R39x2XRZLwY0aL1gfFJXcr64ATMgApZ/X30oTL0es=
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Thunderbird 1.5.0.5 (Macintosh/20060719)

One of the things I noticed about the TOR protocol is the amount of CPU a key negotiation takes. It takes 3 exponentiations by the server to decrypt the DH handshake, create the other part of the handshake, and preform the DH exponentiation. As this needs to be preformed three times to make a circuit, and each circuit only conducts a small amount of information when web browsing, and the servers have load issues, it looks like this is something we should simplify. My idea is to sign the DH handshake half that the server sends to the client with something like a Schnorr signature, which is cheap to make. The client will still have to preform 3 exponentiations, but the server only 2. We could also use XTR to make the calculations cheaper without adopting Schnorr signatures, which are patented.

Prev by Author: Re: Configurring a server
Next by Author: Re: Holy shit I caught 1
Previous by thread: Vidalia (was:Re: OSX: Vidilia (Does not recognize that tor is already running))
Next by thread: Introducing Torbird
Index(es):
- Author
- Thread