Skip to content

Commit

Permalink
Edited 10_onion_routing.asciidoc with Atlas code editor
Browse files Browse the repository at this point in the history
  • Loading branch information
kristenORM committed Nov 19, 2021
1 parent ed14ab6 commit 3622a23
Showing 1 changed file with 9 additions and 9 deletions.
18 changes: 9 additions & 9 deletions 10_onion_routing.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -287,7 +287,7 @@ For simplicity and to avoid getting too technical, we have not included these de

[[ecdh]]
[[ecdh_explained]]
.Elliptic Curve Diffie–Hellman (ECDH) Explained
.Elliptic Curve Diffie–Hellman Explained
****
((("ECDH (Elliptic Curve Diffie–Hellman)")))((("Elliptic Curve Diffie–Hellman (ECDH)")))Assume Alice's private key is _a_ and Bob's private key is _b_. Using the elliptic curve, Alice and Bob each multiply their private key by the generator point _G_ to produce their public keys _A_ and _B_, respectively:
Expand Down Expand Up @@ -416,12 +416,12 @@ At each hop, the hop payload appears at the beginning of the onion payload, foll

[TIP]
====
The onion payload is 1,300 bytes. Each hop payload is 65 bytes or less (padded to 65 bytes if less). So the total onion payload can fit 20 hop payloads (1300 = 20 x 65). The maximum onion routed path is therefore 20 hops.
The onion payload is 1,300 bytes. Each hop payload is 65 bytes or less (padded to 65 bytes if less). So the total onion payload can fit 20 hop payloads (1300 = 20 × 65). The maximum onion routed path is therefore 20 hops.
====

As each layer is "peeled off," more filler data (essentially junk) is added at the end of the onion payload so the next hop gets an onion of the same size and is once again the "first hop" in the onion.

The onion size is 1,366 bytes, structured as shown in <<onion_packet>>.
The onion size is 1,366 bytes, structured as shown in <<onion_packet>>:

1 byte:: A version byte
33 bytes:: A compressed public session key (<<session_key>>) from which the per-hop shared secret (<<shared_secret>>) can be generated without revealing Alice's identity
Expand Down Expand Up @@ -480,7 +480,7 @@ The inner HMAC is then revealed during the inverse of the "shift and encrypt" ro

((("onion routing","wrapping hop payloads", id="ix_10_onion_routing-asciidoc12", range="startofrange")))As a reminder, the onion is wrapped by starting at the end of the path from Dina, the final node or recipient. Then the path is built in reverse all the way back to the sender, Alice.

Alice starts with an empty 1,300-byte field, the fixed-length _onion payload_. Then, Alice fills the onion payload with a pseudorandom byte stream "filler" that is generated from the ++pad++ key.
Alice starts with an empty 1,300-byte field, the fixed-length _onion payload_. Then, she fills the onion payload with a pseudorandom byte stream "filler" that is generated from the ++pad++ key.

This is shown in <<onion_payload_filler>>.

Expand Down Expand Up @@ -586,10 +586,6 @@ In <<bob_onion_wrapping>> we see the steps used to wrap Bob's hop payload in the

All right, by now this is easy!

[[bob_onion_wrapping]]
.Wrapping the onion for Bob
image::images/mtln_1021.png[]

Start with the onion payload (obfuscated) containing Chan's and Dina's hop payloads.

Obtain the session key for this hop dervied from the blinding factor generated by the prior hop.
Expand All @@ -600,6 +596,10 @@ Obfuscate the whole thing XOR with the ++rho++ key from the Alice-Bob shared sec

Calculate the outer HMAC and stick it on the end of Bob's hop payload.(((range="endofrange", startref="ix_10_onion_routing-asciidoc12")))

[[bob_onion_wrapping]]
.Wrapping the onion for Bob
image::images/mtln_1021.png[]


==== The Final Onion Packet

Expand Down Expand Up @@ -775,7 +775,7 @@ Chan repeats the exact same process as Bob:

2. Chan generates the Alice-Chan shared key and the ++mu++ subkey.

3. Chan verifies the onion packet HMAC, then extracts the 1,300-byte onion payload
3. Chan verifies the onion packet HMAC, then extracts the 1,300-byte onion pass:[<span class="keep-together">payload</span>].

4. Chan extends the onion payload by 1,300 extra bytes, filling it with zeroes.

Expand Down

0 comments on commit 3622a23

Please sign in to comment.