[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[minion-cvs] Fixes based on comments by Erik Arneson
Update of /home/minion/cvsroot/doc/spec
In directory moria.mit.edu:/tmp/cvs-serv29202/spec
Modified Files:
nym-spec.txt minion-spec.txt
Log Message:
Fixes based on comments by Erik Arneson
Index: nym-spec.txt
===================================================================
RCS file: /home/minion/cvsroot/doc/spec/nym-spec.txt,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -d -r1.5 -r1.6
--- nym-spec.txt 7 Oct 2003 19:56:10 -0000 1.5
+++ nym-spec.txt 20 Feb 2004 21:58:50 -0000 1.6
@@ -497,11 +497,11 @@
4.2. Message Encryption
After synopsizing an email, the nymserver encrypts it immediately
- with the nymholder's private key.
+ with the nymholder's public key.
If a nymserver holds a set of synopses for longer than the
nymholder-specified length of time, it encrypts those synopses with
- the nymholder's private key.
+ the nymholder's public key.
To encrypt an octet sequence, the nymserver first compresses the
octet sequence (as described in E2E-spec.txt). Next, the nymserver
@@ -521,7 +521,7 @@
Let PADDING_LEN = CEIL(LEN(M_C)/P) - LEN(M_C).
Let M_P = M | Z(PADDING_LEN).
- Let K = R(16).
+ Let K = Rand(16).
Let M_Enc = SPRP_Encrypt(K, "", M_P)
Let RSA_LEN = Len(PK_nym) - PK_OVERHEAD_LEN - 16
Let RSA_PART = PK_Encrypt(PK_nym, K | M_Enc[0:RSA_LEN])
Index: minion-spec.txt
===================================================================
RCS file: /home/minion/cvsroot/doc/spec/minion-spec.txt,v
retrieving revision 1.25
retrieving revision 1.26
diff -u -d -r1.25 -r1.26
--- minion-spec.txt 17 Dec 2003 00:44:07 -0000 1.25
+++ minion-spec.txt 20 Feb 2004 21:58:50 -0000 1.26
@@ -278,30 +278,30 @@
Thus, in the notation described below, we encrypt a message M with
a key K as follows:
- K1 = K
- K2 = K ^ [00 ... 01]
- K2 = K ^ [00 ... 02]
- K4 = K ^ [00 ... 03]
- L := M[0:20]
- R := M[20:Len(M)-20]
- R := Encrypt( Hash(K1 | L | K1)[0:16], R )
- L := L ^ Hash(K2 | R | K2)
- R := Encrypt( Hash(K3 | L | K3)[0:16], R )
- L := L ^ Hash(K4 | R | K4)
- SPRP_Encrypt(K, M) = L | R
+ K1 = K
+ K2 = K ^ [00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01]
+ K3 = K ^ [00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02]
+ K4 = K ^ [00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03]
+ L := M[0:20]
+ R := M[20:Len(M)-20]
+ R := Encrypt( Hash(K1 | L | K1)[0:16], R )
+ L := L ^ Hash(K2 | R | K2)
+ R := Encrypt( Hash(K3 | L | K3)[0:16], R )
+ L := L ^ Hash(K4 | R | K4)
+ SPRP_Encrypt(K, M) = L | R
We decrypt a message M with a key K as follows:
- K1 = K
- K2 = K ^ [00 ... 01]
- K2 = K ^ [00 ... 02]
- K4 = K ^ [00 ... 03]
- L := M[0:20]
- R := M[20:Len(M)-20]
- L := L ^ Hash(K4 | R | K4)
- R := Encrypt( Hash(K3 | L | K3)[0:16], R )
- L := L ^ Hash(K2 | R | K2)
- R := Encrypt( Hash(K1 | L | K1)[0:16], R )
- SPRP_Decrypt(K, M) = L | R
+ K1 = K
+ K2 = K ^ [00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01]
+ K3 = K ^ [00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02]
+ K4 = K ^ [00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03]
+ L := M[0:20]
+ R := M[20:Len(M)-20]
+ L := L ^ Hash(K4 | R | K4)
+ R := Encrypt( Hash(K3 | L | K3)[0:16], R )
+ L := L ^ Hash(K2 | R | K2)
+ R := Encrypt( Hash(K1 | L | K1)[0:16], R )
+ SPRP_Decrypt(K, M) = L | R
K must be 20 octets long; M must be at least 20 octets long.