[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-bugs] #22995 [Core Tor/Tor]: prop224 should say we use SHA256 for rend circuit digests
#22995: prop224 should say we use SHA256 for rend circuit digests
------------------------------+------------------------------------
Reporter: teor | Owner:
Type: defect | Status: new
Priority: Medium | Milestone: Tor: 0.3.2.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Keywords: prop224, tor-spec, doc
Actual Points: | Parent ID:
Points: 0.5 | Reviewer:
Sponsor: |
------------------------------+------------------------------------
In prop224, the rend section says:
{{{
A successfully completed handshake, as embedded in the
INTRODUCE/RENDEZVOUS cells, gives the client and hidden service host
a shared set of keys Kf, Kb, Df, Db, which they use for sending
end-to-end traffic encryption and authentication as in the regular
Tor relay encryption protocol, applying encryption with these keys
before other encryption, and decrypting with these keys before other
decryption. The client encrypts with Kf and decrypts with Kb; the
service host does the opposite.
}}}
https://gitweb.torproject.org/torspec.git/tree/proposals/224-rend-spec-
ng.txt#n1890
But that's not what the code does: circuit_init_cpath_crypto() uses SHA256
rather than SHA1 when `is_hs_v3` is true.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22995>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs