|
|
@@ -276,8 +276,8 @@ The relay station should then replace the X-Slitheen header with an X-Ignore hea
|
|
|
|
|
|
\subsection{Downstream Application Data (Covert $\rightarrow$ Client)}
|
|
|
|
|
|
-SOCKS data from the covert site is delivered to the client (according to the slitheen\_ID of the flow) in downstream slitheen blocks. Each slitheen block contains a 16-byte header containing the stream ID of the data, a counter to indicate the order of blocks in the same stream, the length of SOCKS data, the length of garbage bytes, and a padding of zeros. This header is AES encrypted in ECB mode with a key generated from the client-relay shared secret. The body of the slitheen block is AES encrypted in CBC mode with a key generated as a part of the same key block:
|
|
|
-$$\texttt{slitheen\_key\_block} = \texttt{PRF}(g^{rs} || \texttt{"SLITHEEN\_SUPER\_ENCRYPT"})$$
|
|
|
+SOCKS data from the covert site is delivered to the client (according to the slitheen\_ID of the flow) in downstream slitheen blocks. Each slitheen block contains a 16-byte header containing the stream ID of the data, a counter to indicate the order of blocks in the same stream, the length of SOCKS data, the length of garbage bytes, and a padding of zeros. This header is AES encrypted in ECB mode with a key generated from the slitheen\_ID. The body of the slitheen block is AES encrypted in CBC mode with a key generated as a part of the same key block:
|
|
|
+$$\texttt{slitheen\_key\_block} = \texttt{PRF}(\texttt{slitheen\_ID}) || \texttt{"SLITHEEN\_SUPER\_ENCRYPT"})$$
|
|
|
$$\texttt{slitheen\_header\_key} = \texttt{slitheen\_key\_block}[0:\texttt{key\_len}-1] $$
|
|
|
$$\texttt{slitheen\_body\_key} = \texttt{slitheen\_key\_block}[\texttt{key\_len}:2\texttt{key\_len}-1] $$
|
|
|
|
