# [minion-cvs] Added some more details on the information contained in...

Update of /home/minion/cvsroot/doc
In directory moria.seul.org:/tmp/cvs-serv1634

Modified Files:
MixMin-arch-2.tex minion-design.tex
Log Message:
+ Added some more details on the information contained in each sub header.
+ Wrote that we only require to receive of SURBS to remember private keys.
+ Moved stuff from the preamble of "replies" to "Related design..."
+ Anonymized the paper for review.

Index: MixMin-arch-2.tex
===================================================================
RCS file: /home/minion/cvsroot/doc/MixMin-arch-2.tex,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -d -r1.7 -r1.8
--- MixMin-arch-2.tex	1 Apr 2002 19:39:18 -0000	1.7
+++ MixMin-arch-2.tex	6 May 2002 22:42:20 -0000	1.8
@@ -301,16 +301,19 @@
32767 should be registered and well known. Values greater than 32767
can be used freely but could result in clashes.

-The \emph{reuse level} allows an intermediary mix to let through the same
-headers many times. It is important to observe that multiple use
-return blocks offer much weaker anonymity than one use return
-blocks. They allow the server to know that the address is reused and
-link messages together. Server can know where it is on the path. They
-also allow servers to perform message tagging in order to detect the
-message later on the path if it goes through another corrupt
-server. Multiple use reply blocks should be avoided is the
-functionality can be implemented in another way. The Reuse level is
-set to zero if the message is not a multiple use return address.
+% Removed by GD
+% (Since we have not found a way of securing MURBS it is not useful)
+%
+% The \emph{reuse level} allows an intermediary mix to let through the same
+% headers many times. It is important to observe that multiple use
+% return blocks offer much weaker anonymity than one use return
+% blocks. They allow the server to know that the address is reused and
+% link messages together. Server can know where it is on the path. They
+% also allow servers to perform message tagging in order to detect the
+% message later on the path if it goes through another corrupt
+% server. Multiple use reply blocks should be avoided is the
+% functionality can be implemented in another way. The Reuse level is
+% set to zero if the message is not a multiple use return address.

The \emph{return level} field SHOULD be used on the last header of a
return block (usually addressed to the creator of the block) to remind

Index: minion-design.tex
===================================================================
RCS file: /home/minion/cvsroot/doc/minion-design.tex,v
retrieving revision 1.33
retrieving revision 1.34
diff -u -d -r1.33 -r1.34
--- minion-design.tex	6 May 2002 08:21:06 -0000	1.33
+++ minion-design.tex	6 May 2002 22:42:20 -0000	1.34
@@ -27,19 +27,26 @@
%\fi

\title{Mixminion: Design of a Type III Anonymous Remailer}
-\author{George Danezis\inst{1} \and Roger Dingledine\inst{2} \and David Hopwood\inst{3}
-        \and Nick Mathewson\inst{4}}
-\institute{Cambridge
-\and
-The Free Haven Project
-\and
-Independent consultant
-\and
-The Free Haven Project
+
+% Removed for anonymous review
+%
+% \author{George Danezis\inst{1} \and Roger Dingledine\inst{2} \and David Hopwood\inst{3}
+%         \and Nick Mathewson\inst{4}}
+% \institute{Cambridge University
+% \and
+% The Free Haven Project
+% \and
+% Independent consultant
+% \and
+% The Free Haven Project
+\author{Name of Author(s)}
+\institute{Name of Institute(s)}
+
+
\maketitle
\pagestyle{empty}

@@ -233,6 +240,17 @@
next MIX. We describe the behavior of the last MIX in
Section \ref{subsec:delivery-modules}.

+% A bit more detail about waht is contained in the header: -George
+
+ \cite{PKCS1} and are of 128kb each. They contain a secret addressed
+to the node that can be used to generate padding and decrypt the rest
+of the message. They also contain the address of the next node to
+which to message should be forwarded along with its expected signature
+key fingerprint. In order to frustrate tagging attacks (as described later
+in the paper) the sub-header also contains a hash of the header that
+should be checked.
+
% This last paragraph assumes that the audience already knows the
% material well enough to know that Alice encrypts each layer with the
% appropriate MIX's public key. Is this assumption safe -Nick
@@ -367,10 +385,14 @@
\label{subsec:replies}

The rest of this section describes the mechanism for secure replies,
-including some new attacks and how we defeat them. We also discuss using
-link-level encryption with ephemeral keys to provide forward anonymity,
-message types and modules to handle different types of messages, and
-exit policies for advertising what delivery options a node will provide.
+including some new attacks and how we defeat them. The model that
+Mixminion follows in order to implement replies is inspired by
+BABEL \cite{babel}, as it requires the receiver of a reply block to
+keep no other state than it private keys, in order to read the reply.
+All the secrets that are required in order to strip the layers of
+encryption are derived from a master secret contained in the last
+header of the single use reply block that the creator of the block
+addresses to themselves and encrypt under their own public key.

\subsection{Indistinguishable replies}
@@ -414,6 +436,9 @@
% Nope. We're just bluffing. Is that ok? -RRD
% We're not bluffing.  George used to have a way, but we haven't
%   mentioned it here.  Should we?  -Nick
+% The trick is to use the nym servers: you send a normal email to
+% the nym server which takes care of the messsage packaging and
+% injects it in the remailer network. -George

We divide a message's path into two \emph{legs}, and split the header
into two equal-size subheaders, each corresponding to a single leg.
@@ -594,6 +619,11 @@

\section{Related design decisions}

+In this section we discuss how we are using
+link-level encryption with ephemeral keys to provide forward anonymity,
+message types and modules to handle different types of messages, and
+exit policies for advertising what delivery options a node will provide.
+
\subsection{Link-level encryption and what it gets us}