[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[minion-cvs] Checked the processing of the extended address with Has...
Update of /home/minion/cvsroot/doc
In directory moria.seul.org:/tmp/cvs-serv14482
Modified Files:
minion-spec.tex
Log Message:
Checked the processing of the extended address with Hashes.
Clarified some more issues (reply fields, application information...)
Issue of end to end encryption of the message body is open.
Index: minion-spec.tex
===================================================================
RCS file: /home/minion/cvsroot/doc/minion-spec.tex,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -d -r1.13 -r1.14
--- minion-spec.tex 30 May 2002 06:04:33 -0000 1.13
+++ minion-spec.tex 31 May 2002 13:51:04 -0000 1.14
@@ -73,6 +73,11 @@
could violate the all-or-nothing properties of LIONESS,
we use the same keyed-hash construction for all 4 keys. -NM]
+ [XXXX From a security point of view I think that what you do if
+ optimal. On the other side it imposes 2 additional Hash
+ operations per encryption/decryption. I will think about it a
+ bit more -GD]
+
- SPRP_DECRYPT(K1,K2,K3,K4,M) (Len(M) bytes) Inverts SPRP_ENCRYPT.
We also define SPRP_DEC(K,P,M) as the inverse of SPRP_ENC.
@@ -158,6 +163,8 @@
headers. Instead, let me suggest that the extended headers be
hashed along with the rest of the header, and encrypted with the
same key. (See changes below, marked with XXXX-EXT) -NM ]
+[XXXX This is very important, both for correctness and tagging
+ prevention. I checked the code and it also seems fine -GD]
We will formally refer to the subheader structure as:
SHS(V, SK, D, F, A)
@@ -199,6 +206,9 @@
[XXXX That's not what I meant: Is a server's RSA key that it uses
for decrypting headers, the same RSA key as key it uses for
MMTP (as hashed in KeyID.)? I still say yes... -NM]
+[XXXX The hashed KEY ID is the verification key that is used to sign
+ both the MMTP Ephemeral keys and (if we want) the long term
+ decryption keys of the mix. -GD]
A SWAP routing type tells the node to exchange headers as described below.
@@ -218,9 +228,8 @@
with the LOCAL field but I would prefer to have it specified as a
separate type in the standard.
-0x0101 RTRN (HOPS: 1 byte , KEY: 20 bytes) : 21 bytes
+0x0101 RTRN (HOPS: 1 byte , KEY: 20 bytes) : 21 bytes -GD]
--GD]
[XXXX Hm. I'd rather not have 2 types that do exactly the same thing.
Perhaps RTRN should behave differently, or LOCAL should have a
type field of its own.
@@ -229,6 +238,12 @@
either of SMTP or LOCAL; neither is more "returny" than the other.
Would it solve your concerns to add a type field to LOCAL? -NM]
+[XXXX Ok, here is my real concern: I do not want every differen client
+ to implement their own version of the stateless reply block, in
+such a way that they cannot interoperate. So I would rather have some
+standard fields containing the HOPS and KEY information along with any
+other variable information. -GD]
+
\subsection{The header structure}
@@ -299,6 +314,7 @@
to be sound, or simplify it, that would be keen.
-NM]
+ [XXXX Looks good -GD]
\subsection{The Payload of messages}
@@ -320,7 +336,7 @@
and only the final receipient can decrypt it (need to include a
nonce and a digest in the body of the payload as well). BUT we
have the problem that the key can be changed by the adversary in
- the reply block ...]
+ the reply block ... -GD Any comments?]
Size: 2 bytes
Data: (Variable)
@@ -384,6 +400,7 @@
H2 = SPRP_DEC(SK, ``HEADER ENCRYPT'',H2);
....
Will this work? -NM]
+[XXXX I think it should work. -GD]
PROCEDURE: Process a message M
SHS(V, SK, D, F, A) = PK_Decrypt(PK,H1[0:128]);
@@ -408,6 +425,10 @@
Give (A, H(SK,``APPLICATION KEY''), (H1, H2, P)) to
Module manager.
[XXXX Why does the application need H1 and H2? - NM]
+ [XXXX In the previous designs the application needed
+ H1 to find out if it was a reply or a forward
+ message. With the new design A, and P should be
+ enough. -GD]
\section{Single Use Reply Block exchange formats}
@@ -549,7 +570,9 @@
RSA Long Term Verification Public Key of server: e, n, timestamp,
hash(e, n, IP, Port). (next key hash)
RSA Short Term Encryption Public Key: e, n, timestamp, Hash(...)
-Network Services: SMTP Support flag, address restrictions.
+Network Services: MixMinion Protocols supported.
+ MMTP Protocols supported.
+ SMTP Support flag, address restrictions.
LOCAL Support flag, mailbox restrictions.
IP addresses it will accept and send to.
Modules: Modules supported, configurations.