On Wed, Sep 26, 2007 at 09:04:26PM +0200, Juliusz Chroboczek wrote: > > Router twins did start in the day of onions to lay circuits, but > > they lived at least for a while into the onion skin (incremental > > path) era. > > Could you please clarify? What's an onion, how does it differ from > the current design? >
In the early days of onion routing, roughly the first two generations, paths were built by a data structure called an onion that comprised several layers: each one was public-key encrypted for one node in the path. Within each layer was session keying material to be used once the actual data started flowing and the identity of the next hop in the path. The whole thing was just layers with nothing in the middle, which is why I called it onion routing (aside: although later people seemed to apply the phrase to anything that had a layered data structure. To me the central aspect making it onion routing is that the public-key actions are used to lay a cryptographic circuit. Then the data flows over that. I regard anything else as a misuse of the term. Note that 'onion' was used to refer to layered data structures independently at about the same time as we were inventing onion routing, e.g., in the Babel paper. However, they were talking about data in a mix network, not onion routing.) Nowadays, we extend the path one hop at a time: each node does a DH key exchange with the client to get the session keys, which are used when data starts flowing, but also to encrypt the one-layer onion (the "onion skin" as I called it above) to extend to the next hop. This has a few drawbacks from the old design but some major advantages: the largest are probably that there is no need to keep digests of onions around at nodes to guard against replay and forward secrecy once a circuit is closed. More about the earlier designs and other info can be found at http://www.onion-router.net/ Graphic depiction of onions is in the slides is at http://www.onion-router.net/Publications.html#old-slides These describe mostly generation 0 onion routing, but some aspects of generation 1 are mentioned, e.g., separating clients from server nodes. There is also a brief description of the points I make here together with graphics at http://www.onion-router.net/Publications.html#new-slides These slides mostly describe generation 2 onion routing (Tor) as of c. late 2003. HTH, Paul