Expand description
Key derivation functions
Tor has three relevant key derivation functions that we use for deriving keys used for relay encryption.
The KDF-TOR KDF (implemented by LegacyKdf) is used with the old
TAP handshake. It is ugly, it is based on SHA-1, and it should be
avoided for new uses.
The HKDF-SHA256 KDF (implemented by Ntor1Kdf) is used with the
Ntor handshake. It is based on RFC5869 and SHA256.
The SHAKE KDF (implemented by ShakeKdf is used with v3 onion
services, and is likely to be used by other places in the future.
It is based on SHAKE-256.
Structs§
- Legacy
Kdf 🔒 - A legacy KDF, for use with TAP.
- Ntor1
Kdf 🔒 - A parameterized KDF, for use with ntor.
- Shake
Kdf 🔒 - A modern KDF, for use with v3 onion services.
Traits§
- Kdf 🔒
- A trait for a key derivation function.