Just wondering, which protocol, TAP or NTor is less computationally intensive for a relay to process and why ?
Thanks Rich
Asked
Active
Viewed 297 times
1 Answers
4
ntor offers reduced computational complexity for circuit setup compared to TAP. Tor circuits are setup one hop at a time with each link using TLS. Diffie-Hellman (DH) is the algorithm used for computing keys to be exchanged and is responsible for what we conceptually know as forward-secrecy.
Notable differences between TAP and ntor
Tor Authentication Protocol (TAP), the original/legacy handshake, will be used where ntor isn't supported.
- Generating a DH key is computationally expensive
- Need to generate DH public/private values, and perform exchange at each node, as the circuit is extended
- DH Keys are encrypted/decrypted with RSA at each node using onion-key
- An analysis of TAP can be found here
ntor is the handshake added in 0.2.4.8-alpha. It will be used where consensus method is at least 16 and an ntor public key is available.
- eliminates the use of RSA encryption-decryption from circuit setup
- uses Curve25519 to reduce DH computational complexity while also preserving forward-secrecy and offering timing-attack resistance
- enables precomputation of values during idle cycles before they're needed
- uses predistributed values (identity, ntor-onion) in computations
- reduces communication and computational complexity during circuit setup
-- leeroy