Home Explore Help
Sign In
piros
/
tor
3
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

changes file for the ntor branch

Nick Mathewson 13 years ago
parent
ed3c8d9d44
commit
92d6a83e98
1 changed files with 40 additions and 0 deletions
Split View Show Diff Stats
  1. 40 0
      changes/ntor

+ 40 - 0
changes/ntor
View File 

@@ -0,0 +1,40 @@
 
+  o Major features:
 
+
 
+    - Tor now supports a new circuit extension handshake designed by Ian
 
+      Goldberg, Douglas Stebila, and Berkant Ustaoglu. Our original
 
+      circuit extension handshake, later called "TAP", was a bit slow
 
+      (especially on the server side), had a fragile security proof, and
 
+      used weaker keys than we'd now prefer. The new circuit handshake
 
+      uses Dan Bernstein's "curve25519" elliptic-curve Diffie-Hellman
 
+      function, making it significantly more secure than the older
 
+      handshake, and significantly faster. Tor can either use one of two
 
+      built-in pure-C curve25519-donna implementations by Adam Langley,
 
+      or link against the "nacl" library for a tuned version if present.
 
+
 
+      The built-in version is very fast for 64-bit systems building with
 
+      GCC. (About 10-14x faster on the server side, and about 7x faster
 
+      on the client side.) The built-in 32-bit version is still faster
 
+      than the old TAP protocol (about 3x), but using libnacl would be
 
+      better on most 32-bit x86 hosts.
 
+
 
+      Clients don't currently use this protocol by default, since
 
+      comparatively few clients support it so far. To try it, set
 
+      UseNTorHandshake to 1.
 
+
 
+      Implements proposal 216; closes ticket #7202.
 
+
 
+    - Tor servers and clients now support a better CREATE/EXTEND cell
 
+      format, allowing the sender to specify multiple address, identity,
 
+      and handshake types.  Implements Robert Ransom's proposal 200;
 
+      closes ticket #7199.
 
+
 
+  o Code simplification and refactoring:
 
+    - Split the onion.c file into separate modules for the onion queue
 
+      and the different handshakes it supports.
 
+    - Remove the marshalling/unmarshalling code for sending requests to
 
+      cpuworkers over a socket, and instead just send structs.  The
 
+      recipient will always be the same Tor binary as the sender, so
 
+      any encoding is overkill.
 
+
 
+  o Testing:
 
+    - Add benchmark functions to test onion handshake performance.