[tor-dev] What to read to analyze Tor's use of NTor?

Roger Dingledine arma at mit.edu
Thu Sep 19 03:57:54 UTC 2013


Hi Nick, Ian,

I've been pointing people to "Section 6 of
http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.228.6223" when
they ask what NTor is. But then I realized that that's not the best
(single) place to send cryptographers when I ask them to analyze whether
we've designed or built it right.

Then I found
https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/216-ntor-handshake.txt
which looks great

but then I also found
https://gitweb.torproject.org/torspec.git/blob/HEAD:/tor-spec.txt#l852
which looks crisper.

So the questions:

A) Which combination and order of these three resources should I point
people at? That is, does the tor-spec stanza replace proposal 216
completely, or is there still some use to looking at the proposal too,
or is the proposal wrong now because you fixed stuff since then but
didn't change the proposal, etc? Did I miss any good resources?

B) What are the sketchiest parts -- the parts of the design or the
implementation that you most want review on, or that you think would be
most fruitful for finding issues?

C) What else should I be asking you, in terms of how to get this thing
reviewed the mostest and the bestest? We rolled out NTor quicker than we
rolled out TAP, relatively speaking, and now it would count as breaking a
widely deployed system so I bet we can get some more people evaluating it.

Thanks!
--Roger



More information about the tor-dev mailing list