[tor-dev] prop224: Deprecating SHA1 circuit digests

David Goulet dgoulet at ev0ke.net
Fri Jul 21 14:07:09 UTC 2017

On 22 Jul (00:02:33), teor wrote:
> Hi all,
> At the moment, Tor uses SHA1 for the running digests of circuit cell
> payloads.
> Some of the prop224 code seems to use SHA256 for the digests for
> client to service rendezvous circuits. But that's not in the spec yet
> (see #22995 at [0]).

That is not accurate. It uses SHA3, notice DIGEST_SHA3_256 in

  if (is_hs_v3) {
    digest_len = DIGEST256_LEN;
    cipher_key_len = CIPHER256_KEY_LEN;
    cpath->f_digest = crypto_digest256_new(DIGEST_SHA3_256);
    cpath->b_digest = crypto_digest256_new(DIGEST_SHA3_256);
  }  ...


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20170721/c3e8fbcb/attachment.sig>

More information about the tor-dev mailing list