[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [freehaven-dev] Comm Broadcasts / Crypto

At 12:50 PM 3/2/2000 -0500, you wrote:
>In response to Roger's points...
>> I believe we decided earlier that the haven module would be doing the
>> signing, as well as the encrypting?
>From a software design standpoint, I think it's more natural to handle
>broadcasts within the comm object, rather than the haven module.  It
>also significantly decreases the number of necessary socket
>communications between comm and haven.  Of course, than adds a
>dependency for comm on the crypto libs. 
>Personally, I would choose using :broadcast() and letting comm sign 
>and encrypt everything, as there are going to be many broadcasts in
>the system.    Thoughts?

Furthermore, doing encryption/signing in the haven module gives it
mixnet-dependent operations.  We wanted to abstract away what mixnets are
being used from the haven, for fairly obvious software-design reasons (a la
don't expose the rep in 6.170 parlance).   Various mixnets might/can use
different anonymizing method, variations on the layered encryption schemes
(i.e., for onion-routing) of mixnets like Mixmaster or ZKS.

For that reason alone, I submit we should have crypto in the comm module.
I think this also suggests handling broadcasts as I've described above.


  Michael J Freedman

Mail:  mfreed@mit.edu
Web:     griffen.mit.edu
Phone:    617.225.9381