[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] basket: More eggs in the Guard basket.

On Wed, 17 Dec 2014 13:51:02 -0500
Nick Mathewson <nickm@xxxxxxxxxxxx> wrote:
> Should the handshake also a signature by Bob of (X|N), and should
> maybe the shared secret also include a digest of all the other parts
> of the communication?

Hmm, maybe I shouldn't have left bits out, and I really do need to
document the handshake component of the protocol.

The former is actually done, a BLAKE-256 digest of the entire client
request is included in Bob's response and is covered by the signature.
The client verifies that Bob received a unmodified request, after
checking the signature.  There's no reason why the signature can't just
include the entire request here if that's better.

Including a digest of everything sent as part of the shared secret
seems like a good idea, so I shall revise the protocol to do that
(digesting < 50 KiB of data isn't that big of a deal given how
heavyweight the other crypto bits are).


Yawning Angel

Attachment: pgpufyXJZMe5f.pgp
Description: OpenPGP digital signature

tor-dev mailing list