{% trans -%} This page specifies the low-level details of the cryptography in I2P. @@ -363,10 +363,6 @@ As such, we do not know if the prime chosen is a 'strong prime'. If a larger prime is chosen for future purposes, this should be a strong prime, and we will document the construction process. {%- endtrans %}
-{% trans -%} -The vulnerability of the network to a DSA attack and the impact of transitioning to longer keys is to be studied. -It may be quite difficult to make any change backward-compatible. -{%- endtrans %}
{% trans -%} +As of release 0.9.12, the router supports additional signature algorithms that are more secure than 1024-bit DSA. +The first usage is for Destinations; support for Router Identities will be added in a future release. +Support for migrating existing Destinations from old to new signatures will be added in a future release. +The supported signature types are as follows. Additional signature types will be added in future releases. +{%- endtrans %}
+{% trans code='https://github.com/i2p/i2p.i2p/tree/master/core/java/src/net/i2p/crypto/SHA256Generator.java' -%} diff --git a/i2p2www/pages/site/docs/how/elgamal-aes.html b/i2p2www/pages/site/docs/how/elgamal-aes.html index 9c44a9c3..6ab23d51 100644 --- a/i2p2www/pages/site/docs/how/elgamal-aes.html +++ b/i2p2www/pages/site/docs/how/elgamal-aes.html @@ -1,7 +1,7 @@ {% extends "global/layout.html" %} {% block title %}{% trans %}ElGamal/AES + SessionTag Encryption{% endtrans %}{% endblock %} -{% block lastupdated %}{% trans %}February 2011{% endtrans %}{% endblock %} -{% block accuratefor %}0.8.3{% endblock %} +{% block lastupdated %}{% trans %}March 2014{% endtrans %}{% endblock %} +{% block accuratefor %}0.9.12{% endblock %} {% block content %}
{% trans -%}
@@ -328,6 +328,18 @@ If the tag is not found, the message is assumed to be a New Sessi
+ {% trans i2cp=site_url('docs/protocol/i2cp#options') i2cpp=site_url('docs/spec/i2cp#msg_SendMessageExpires') -%}
+As of release 0.9.2, the client may configure the default number of Session Tags to send
+and the low tag threshold for the current session.
+For brief streaming connections or datagrams, these options may be used to significantly reduce bandwidth.
+See the I2CP options specification for details.
+The session settings may also be overridden on a per-message basis.
+See the I2CP Send Message Expires specification for details.
+{%- endtrans %} {% trans -%}
There are many possible areas to tune the Session Key Manager's algorithms;
@@ -335,21 +347,6 @@ some may interact with the streaming library behavior, or have significant
impact on overall performance.
{%- endtrans %} {% trans -%}
@@ -210,11 +210,16 @@ and all LeaseSets would have to be published to the network database, as explain
{%- endtrans %} {% trans commonstructures=site_url('docs/spec/common-structures') -%}
-In the current implementation, the Delivery Status and Database Store Messages
+ {% trans commonstructures=site_url('docs/spec/common-structures') i2cp=site_url('docs/protocol/i2cp#options') i2cpp=site_url('docs/spec/i2cp#msg_SendMessageExpires') -%}
+By default, the Delivery Status and Database Store Messages
are bundled when the local LeaseSet changes, when additional
Session Tags
are delivered, or if the messages have not been bundled in the previous minute.
+As of release 0.9.2, the client may configure the default number of Session Tags to send
+and the low tag threshold for the current session.
+See the I2CP options specification for details.
+The session settings may also be overridden on a per-message basis.
+See the I2CP Send Message Expires specification for details.
{%- endtrans %} {% trans -%}
@@ -222,6 +227,11 @@ Obviously, the additional messages are currently bundled for specific purposes,
and not part of a general-purpose routing scheme.
{%- endtrans %} {% trans -%}
+As of release 0.9.12, the Delivery Status Message is wrapped in another Garlic Message
+by the originator so that the contents are encrypted and not visible to routers on the return path.
+{%- endtrans %} {% trans netdb=site_url('docs/how/network-database'),
diff --git a/i2p2www/pages/site/docs/spec/i2cp.html b/i2p2www/pages/site/docs/spec/i2cp.html
index c142d225..6cb54d7e 100644
--- a/i2p2www/pages/site/docs/spec/i2cp.html
+++ b/i2p2www/pages/site/docs/spec/i2cp.html
@@ -1,7 +1,7 @@
{% extends "global/layout.html" %}
{% block title %}I2CP Specification{% endblock %}
-{% block lastupdated %}January 2014{% endblock %}
-{% block accuratefor %}0.9.9{% endblock %}
+{% block lastupdated %}March 2014{% endblock %}
+{% block accuratefor %}0.9.12{% endblock %}
{% block content %}
@@ -23,7 +23,7 @@ More information is on the I2CP O
The protocol was designed to handle multiple "sessions", each with a 2-byte session ID,
over a single TCP connection.
-This does not appear to be fully implemented.
+This is not fully implemented.
Do not attempt to use multiple sessions on a single I2CP connection.
+Note: The examples below do not show the Protocol Byte (0x2a) that must be
+sent from the client to the router when first connecting.
+More information about connection initialization is
+on the I2CP Overview page.
+{% trans %}Session Tag Configuration Options{% endtrans %}
+{% trans %}Future Work{% endtrans %}
-
{% trans %}Garlic Routing and "Garlic" Terminology{% endtrans %}
{% trans %}Storage to the Floodfill Network Database{% endtrans %}
Overview
Example Message Sequences
+Standard Session Establish
{% highlight %}
Client Router
- ---------------------> Protocol Byte (0x2a)
---------------------> Get Date Message
Set Date Message <---------------------
---------------------> Create Session Message
@@ -62,7 +69,6 @@ Request LeaseSet Message <---------------------
{% highlight %}
Client Router
- ---------------------> Protocol Byte (0x2a)
---------------------> Get Bandwidth Limits Message
Bandwidth Limits Message <---------------------
{% endhighlight %}
@@ -73,7 +79,6 @@ Bandwidth Limits Message <---------------------
{% highlight %}
Client Router
- ---------------------> Protocol Byte (0x2a)
---------------------> Dest Lookup Message
Dest Reply Message <---------------------
{% endhighlight %}