using Host Identity Protocol in Tor

Nick Mathewson nickm at freehaven.net
Tue Oct 17 15:49:26 UTC 2006


On Tue, Oct 17, 2006 at 01:07:46PM +0300, Andrei Gurtov wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Hi Folks,
> 
> I'm not sure if or-talk would have been a better place for this
> question,

Nope; or-dev is the right place for design.

> but have you considered using Host Identity Protocol (HIP) in
> the Tor implementation?

HIP looks like neat stuff, especially in its mobility features, but it
doesn't seem very mature.  Generally, we'd like to avoid being early
adopters of whiz-bang new features on the internet, since it's hard to
say in advance how popular they will turn out to be.

>                        If I understood right, currently Tor uses TLS
> encryption that leaves some protocol headers feasible.

Tor uses TLS for link encryption, not for end-to-end encryption.
Relevant protocol headers (like the target port and IP) are indeed
encrypted.  I don't personally see a lot of point in encrypting the
port of the next OR to which you're talking.

If you'd like to know how Tor's encryption works in detail, you should
read tor-spec.txt , available at
              http://tor.eff.org/svn/trunk/doc/tor-spec.txt






> HIP combines IPsec with DoS-resistant key exchange protocol (see
> RFC4423). If Tor would use it, then all transport-related info like port
> numbers would be hidden by ESP. It would also allow mobile and
> multihomed Tor servers. Clients could authenticate Tor servers (so that
> faked servers could not be inserted) and servers would be more protected
> against state-exhausting DoS attacks. HIP would also allow to use
> arbitrary transport protocols like UDP or SCTP instead of only TCP.

The mobility and DoS-prevention features of HIP look neat; servers are
already authenticated in the current protocol.

Adding UDP support would be a major win, but it wouldn't be so simple
as just switching to HIP; see the FAQ question about UDP support.


yrs,
-- 
Nick Mathewson
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 652 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20061017/0621b366/attachment.pgp>


More information about the tor-dev mailing list