[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[minion-cvs] minor changes.
Update of /home/minion/cvsroot/doc
In directory moria.seul.org:/tmp/cvs-serv15767
RCS file: /home/minion/cvsroot/doc/minion-spec.tex,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- minion-spec.tex 15 May 2002 14:40:23 -0000 1.1
+++ minion-spec.tex 17 May 2002 14:18:06 -0000 1.2
@@ -15,7 +15,7 @@
how the full message is structured but starting with the smallest
+Definitions & cryptographic primitives
- if B is a byte array, B[i:j] (j bytes) is sub array starting at
byte i with length j.
@@ -39,6 +39,10 @@
- PRNG(K, n) (n bytes) Produces n bytes of pseudo-random numbers.
PRNG(K, n) = Encrypt(K, Z(n))
+RSA encryption and decryption is used with OAEP padding, using the
+mask function MGF1 and SHA1 as the hash function. The security
+parameter P is set to be the hash ... .
The sub-header structure and address extensions.
The sub header contains all the information that a node needs to know
@@ -53,7 +57,7 @@
Digest: 16 bytes
Flags: 1 byte
Address Size: 2 bytes
-Address Type: 2 bytes
+Address Type: 2 bytes - total 39 bytes
Address: [Address Size] bytes
* The Version is present to manage concurrent versions of the
@@ -86,9 +90,11 @@
The sub header fields are encrypted using RSA after having been padded
using OAEP (or should it be OAEP+ or Anonymous OAEP?), using a 1024
bit key which results in a size of 128 bytes. The OAEP padding allows
-86 bytes to be used. In case an additional block is added to fit the
-address it should be a multiple of 128 bytes and should have the
+86 bytes to be used. If the address is longer than 86-39 bytes then
+additional blocks have to be added.
+In case an additional block is added to fit the address it should be a
+multiple of 128 bytes and should have the following structure:
@@ -122,6 +128,15 @@
0x0002 SMTP (EMAIL ADDRESS: Variable): Variable bytes
0x0003 RTRN (NUM: 2 bytes, MASTER SECRET: 16 bytes): 18 bytes
+A TCP/IP4 address type indicates that the messge has to be transmitted
+using the custom Type III remailer transport protocol. The IP field of
+represents the IP v4 address in network order. The KEYID field
+represents the hash of the public verifucation key with which the
+ephemeral D.H. key has to be signed.
+The EMAIL field in the SMTP type of address should be a valid email
The address type RTRN should be used in conjunction with stateless
reply blocks, to remind the recipient the master secret used to
derive the keys distributed to all the intermediate nodes, and their
@@ -249,6 +264,8 @@
SHS(V, SK, D, F, A) = RSA_OAEP_Decrypt(PK,H1[0:128]);
If there is any problem with the OAEP padding discard the message.
+ If the address spans accross many blocks extract them and
+ decrypt it.
Check that D = H(H1[128:15*128]);
H1 = H1[128:15*128] | PRNG(HASH(SK, ``RANDOM