Nick Mathewson wrote: On Tue, Oct 17, 2006 at 01:07:46PM +0300, Andrei Gurtov wrote:-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Folks, I'm not sure if or-talk would have been a better place for this question,Nope; or-dev is the right place for design.but have you considered using Host Identity Protocol (HIP) in the Tor implementation?HIP looks like neat stuff, especially in its mobility features, but it doesn't seem very mature. Generally, we'd like to avoid being early adopters of whiz-bang new features on the internet, since it's hard to say in advance how popular they will turn out to be. If I understood right, currently Tor uses TLS encryption that leaves some protocol headers feasible.Tor uses TLS for link encryption, not for end-to-end encryption. Relevant protocol headers (like the target port and IP) are indeed encrypted. I don't personally see a lot of point in encrypting the port of the next OR to which you're talking. If you'd like to know how Tor's encryption works in detail, you should read tor-spec.txt , available at http://tor.eff.org/svn/trunk/doc/tor-spec.txtHIP combines IPsec with DoS-resistant key exchange protocol (see RFC4423). If Tor would use it, then all transport-related info like port numbers would be hidden by ESP. It would also allow mobile and multihomed Tor servers. Clients could authenticate Tor servers (so that faked servers could not be inserted) and servers would be more protected against state-exhausting DoS attacks. HIP would also allow to use arbitrary transport protocols like UDP or SCTP instead of only TCP. Problem: ESP uses raw IP packets. A lot of secure computers ban non root users from using raw sockets as they are useful in interesting ways. Also most OS implementations of ESP require root access to set it up. So we will be using our own implementation of ESP, which might not be compatible with third-party servers made to take advantage of hardware cryptography. The mobility and DoS-prevention features of HIP look neat; servers are already authenticated in the current protocol. Adding UDP support would be a major win, but it wouldn't be so simple as just switching to HIP; see the FAQ question about UDP support. yrs, Sincerely, Watson Ladd -- They who would give up an essential liberty for temporary security, deserve neither liberty or security --Benjamin Franklin |
Attachment:
signature.asc
Description: OpenPGP digital signature