commit fc441790ab61435430b482438b7cba4102d6442e Author: Nick Mathewson <nickm@torproject.org> Date: Tue May 26 09:57:53 2015 -0400 Remove a needless nonce from secret_input in prop224. The salt serves the same purpose as 'nonce' did in secret_input, by ensuring that the KDF does not produce the same output twice even in event of accidental revision counter replay. Pointed out by DonnchaC. --- proposals/224-rend-spec-ng.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/proposals/224-rend-spec-ng.txt b/proposals/224-rend-spec-ng.txt index 9ee628c..0b6fde2 100644 --- a/proposals/224-rend-spec-ng.txt +++ b/proposals/224-rend-spec-ng.txt @@ -852,7 +852,7 @@ Status: Draft salt = 16 random bytes - secret_input = nonce | blinded_public_key | subcredential | + secret_input = blinded_public_key | subcredential | INT_4(revision_counter) keys = KDF(secret_input, salt, "hsdir-encrypted-data", S_KEY_LEN + S_IV_LEN + MAC_KEY_LEN)