[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[minion-cvs] Two small clarifications
Update of /home/minion/cvsroot/doc
In directory moria.seul.org:/tmp/cvs-serv15314
Modified Files:
minion-design.tex
Log Message:
Two small clarifications
Index: minion-design.tex
===================================================================
RCS file: /home/minion/cvsroot/doc/minion-design.tex,v
retrieving revision 1.56
retrieving revision 1.57
diff -u -d -r1.56 -r1.57
--- minion-design.tex 10 Jul 2002 01:06:44 -0000 1.56
+++ minion-design.tex 10 Jul 2002 21:21:57 -0000 1.57
@@ -395,7 +395,8 @@
a message's path into two \emph{legs}, and split the header section
correspondingly into a main header and a secondary header. Each header
is composed of up to 16 subheaders, one for each hop along the path.
-Each subheader contains a hash of the remainder of its header, so we can do
+Each subheader contains a hash of the remainder of its header as
+seen by the appropriate MIX, so we can do
integrity-checking of the path (but not the payload) within each leg.
Each subheader also contains a symmetric key, which is used to derive a
decryption key for decrypting the rest of the message. The MIX also
@@ -871,7 +872,8 @@
Note that this solution does not entirely solve the partitioning problem
--- near the time of a key rotation, the anonymity set of messages will
be divided into those senders who knew about the key rotation and used
-the new key, and those who did not.
+the new key, and those who did not. Moreover, if keys overlap, the above
+delaying attack still works.
Also note that while key rotation and link encryption (see Section
\ref{subsec:link-encrypt}) both provide forward security, their protection
is not redundant. With only link encryption, an adversary running