[tor-commits] [torspec/master] prop224: add distinguishing values to every hash
nickm at torproject.org
nickm at torproject.org
Fri Nov 20 15:38:41 UTC 2015
commit 34e529c65576fbb24406545dad2b222b0aac06f6
Author: teor (Tim Wilson-Brown) <teor2345 at gmail.com>
Date: Fri Nov 20 11:36:44 2015 +1100
prop224: add distinguishing values to every hash
Some hashes were missing distinguishing values, even though other
hashes had them, and the "Cryptographic building blocks" section
appears to require them:
"all signatures are generated not over strings themselves, but over
those strings prefixed with a distinguishing value"
---
proposals/224-rend-spec-ng.txt | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/proposals/224-rend-spec-ng.txt b/proposals/224-rend-spec-ng.txt
index 530cd84..ad0947c 100644
--- a/proposals/224-rend-spec-ng.txt
+++ b/proposals/224-rend-spec-ng.txt
@@ -662,7 +662,7 @@ Status: Draft
The time at which a key from the next interval becomes valid is
determined by taking the first two bytes of
- OFFSET = H(Key | INT_8(Next_Period_Num))
+ OFFSET = H("interval-offset" | Key | INT_8(Next_Period_Num))
as a big-endian integer, dividing by 65536, and treating that as a
fraction of the overlap interval.
@@ -717,7 +717,7 @@ Status: Draft
Then, for each node listed in the current consensus with the HSDir3
flag, we compute a directory index for that node as:
- hsdir_index(node) = H(node_identity_digest |
+ hsdir_index(node) = H("node-idx" | node_identity_digest |
shared_random |
INT_8(period_num) )
@@ -1702,8 +1702,8 @@ Appendix A. Signature scheme with key blinding [KEYBLIND]
possible alternatives. Also, see [KEYBLIND-PROOF] for a security
proof of this scheme.
- (To use this with Tor, set N = INT_8(period-number) | INT_8(Start of
- period in seconds since epoch).)
+ (To use this with Tor, set N = "key-blind" | INT_8(period-number) |
+ INT_8(Start of period in seconds since epoch).)
Appendix B. Selecting nodes [PICKNODES]
More information about the tor-commits
mailing list