[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Clone nodes

On Wed, Sep 26, 2007 at 09:04:26PM +0200, Juliusz Chroboczek wrote:
> > Router twins did start in the day of onions to lay circuits, but
> > they lived at least for a while into the onion skin (incremental
> > path) era.
> Could you please clarify?  What's an onion, how does it differ from
> the current design?

In the early days of onion routing, roughly the first two generations,
paths were built by a data structure called an onion that comprised
several layers: each one was public-key encrypted for one node in the
path. Within each layer was session keying material to be used once
the actual data started flowing and the identity of the next hop in
the path.  The whole thing was just layers with nothing in the middle,
which is why I called it onion routing (aside: although later people
seemed to apply the phrase to anything that had a layered data
structure.  To me the central aspect making it onion routing is that
the public-key actions are used to lay a cryptographic circuit. Then
the data flows over that. I regard anything else as a misuse of the
term. Note that 'onion' was used to refer to layered data structures
independently at about the same time as we were inventing onion
routing, e.g., in the Babel paper. However, they were talking about
data in a mix network, not onion routing.) Nowadays, we extend the
path one hop at a time: each node does a DH key exchange with the
client to get the session keys, which are used when data starts
flowing, but also to encrypt the one-layer onion (the "onion skin" as
I called it above) to extend to the next hop. This has a few drawbacks
from the old design but some major advantages: the largest are
probably that there is no need to keep digests of onions around at
nodes to guard against replay and forward secrecy once a circuit is
closed.  More about the earlier designs and other info can be found at
Graphic depiction of onions is in the slides is at
These describe mostly generation 0 onion routing, but some aspects of
generation 1 are mentioned, e.g., separating clients from server
nodes.  There is also a brief description of the points I make here
together with graphics at
These slides mostly describe generation 2 onion routing (Tor) as of
c. late 2003.