Add Threefish as onion routing option

parent b05c9bd4
......@@ -26,4 +26,4 @@ fraudulent registration. I don't want to exercise this sort of
control. Any product which implements net2o, or provides services
using net2o can use this logo. If you don't use the AGPLv3 for your
net2o implementation or services, you have to ask for permission,
though.
\ No newline at end of file
though.
......@@ -29,15 +29,17 @@ the load, and can't easily be scared to turn it off.
*This is not yet implemented*
As onion routing uses cryptography on already encrypted and authenticated
packets, and should not increase the size of the packets, I will use a block
cipher, with an AES-XEX variant. The destination memory address and the
second flag byte will also be encrypted, using ECB (taking the first part of
the message to fill the 16 bytes), the decrypted memory address is the sector
index for AES-XEX. This encryption is not tamper-proof, but tampered packets
will be filtered out at the legitimate destination. The requirement here
is that it is harder to correlate input and output of a relay through
decryption than through other means.
As onion routing uses cryptography on already encrypted and
authenticated packets, and should not increase the size of the
packets, I will use a block cipher, with an AES-XEX variant or
Threefish when the cost of AES is too high. The destination memory
address and the second flag byte will also be encrypted, using ECB
(taking the first part of the message to fill the 16 bytes), the
decrypted memory address is the sector index for AES-XEX or the tweak
for Threefish. This encryption is not tamper-proof, but tampered
packets will be filtered out at the legitimate destination. The
requirement here is that it is harder to correlate input and output of
a relay through decryption than through other means.
The most interesting problem however here is how to not expose the
routing field, because it contains the path through the onion routing
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment