specification - Onion Routing
specification - Onion Routing
specification - Onion Routing
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Index Algorithm Key Length<br />
2 RC4 16 bytes<br />
3 IDEA 8 bytes<br />
4 Illegal N/A<br />
5-15 Reserved N/A<br />
Table2.4D - Cryptographic Function Index Definitions<br />
Additionally, when a anonymous circuit is created additional data packaged in DATA cells immediately follows the<br />
onion. In order to unify the description of onions for the various types of connections the onion proper and this<br />
additional connection info data will be collectively referred to as the onion.<br />
There are six types of additional onion data that can be sent in the payload of DATA cells. These are the following:<br />
a) The first DATA cell payload onion data is known as the responder header and contains the following fields in<br />
the DATA cell payload:<br />
Field Name Length (bytes) Description<br />
Version 4 bits The version of the onion network software<br />
Flags 4 bits Flags for circuit options<br />
Protocol 1<br />
The application protocol that this circuit will be using<br />
depending on the protocol the user is using (i.e. the<br />
application proxy protocol)<br />
Retry Count 1<br />
How many times the responder proxy or reply onion<br />
processor will attempt to connect to the connection<br />
acceptor<br />
Table 2.4E - Responder Header Payload Data Fields<br />
The structure of the DATA cell payload having a responder header is as follows.<br />
3 2 1<br />
1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0<br />
Version Flags Protocol Retry Count Reserved<br />
Table 2.4F - Structure of a DATA Cell Payload containing a Responder Header<br />
There is currently only a single valid flag and that is the reply circuit indicator. When this flag is set it indicates<br />
that the circuit is a reply circuit.<br />
For reply circuits only the version & flag fields of the responder header apply.<br />
b) The second piece of data that can be sent is a destination host address including the port. This is the IP address<br />
and port of the destination host specified in the format delineated in the responder header. This address info<br />
appears after the responder header in non-reply circuits and after the reply onion processor header in reply<br />
circuits.<br />
c) The third piece of information is the reply onion processor address and port. This information appears for reply<br />
circuits only. This is the address and port of the appropriate reply onion processor that this circuit should be<br />
assigned to, in the format specified in the responder header.<br />
d) The fourth third piece of information is the key seed material for the keys used in a reply connection. This<br />
enables the reply onion proxy to obtain the keys to the anonymous circuit without having to store them for an<br />
indefinite period of time.<br />
e) A fifth piece of information is the reply onion processor header. This only appears in reply circuits and contains<br />
the following fields:<br />
22