The client's published port [2 bytes]
The server's published IPV4 address [4 bytes]
The server's published port [2 bytes]
- The forward key (K_f) [8 bytes]
- The backward key (K_f) [8 bytes]
+ The forward key (K_f) [16 bytes]
+ The backward key (K_f) [16 bytes]
The maximum bandwidth (bytes/s) [4 bytes]
- [Total: 36 bytes]
+ [Total: 48 bytes]
The client then RSA-encrypts the message with the server's
public key, and PKCS1 padding to given an encrypted message
The server then creates a server authentication message[M2] as
follows:
- Modified client authentication [32 bytes]
+ Modified client authentication [48 bytes]
A random nonce [N] [8 bytes]
- [Total: 40 bytes]
+ [Total: 56 bytes]
The client authentication is generated from M by replacing
the client's preferred bandwidth [B_c] with the server's
preferred bandwidth [B_s], if B_s < B_c.
The OP generates a message [M] in the following format:
Maximum bandwidth (bytes/s) [4 bytes]
- Forward key [K_f] [8 bytes]
- Backward key [K_b] [8 bytes]
- [Total: 20 bytes]
+ Forward key [K_f] [16 bytes]
+ Backward key [K_b] [16 bytes]
+ [Total: 32 bytes]
The OP encrypts M with the OR's public key and PKCS1 padding,
opens a TCP connection to the OR's TCP port, and sends the
Once the handshake is complete, the ORs or OR and OP send cells
(specified below) to one another. Cells are sent serially,
- encrypted with the DES-OFB keystream specified by the handshake
+ encrypted with the 3DES-OFB keystream specified by the handshake
protocol. Over a connection, communicants encrypt outgoing cells
with the connection's K_f, and decrypt incoming cells with the
connection's K_b.
0: Identity
1: Single DES in OFB
2: RC4
+ 3: Triple DES in OFB
The port and address field denote the IPV4 address and port of
the next onion router in the circuit, or are set to 0 for the
Once a connection has been established, the OP and exit node
package stream data in TOPIC_DATA cells, and upon receiving such
cells, echo their contents to the corresponding TCP stream.
+ [XXX Mention zlib encoding. -NM]
When one side of the TCP stream is closed, the corresponding edge
node sends a TOPIC_END cell along the circuit; upon receiving a
projects / thirdparty / tor.git / commitdiff
