[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Forward and reply messages
-----BEGIN PGP SIGNED MESSAGE-----
Roger Dingledine wrote:
> David Hopwood wrote:
> > Roger Dingledine wrote:
> > > Somewhere in here, if it's the instructions for constructing any onion,
> > > should be "attach your payload if you've got one". I would guess it's
> > > step 2b?
> >
> > Since the headers are variable-length, the payload can just be part of the
> > innermost header. When constructing a reply, the innermost header for the
> > forward part of the path is the reply block (encrypted in a way that depends
> > on the payload) followed by the random-looking payload.
>
> Can you clarify this a bit? Why is the reply block encrypted
> with a function of the payload?
I've no idea why I said that. It doesn't need to be for this design.
(Reply blocks do, however, need to be stored secretly so that they can't
be linked to later messages.)
> Also, why is the payload random-looking? (Wouldn't the payload be in
> plaintext at the point where the reply starts, and then get successively
> wrapped by each hop in the reply block?)
It has to be random-looking because it will appear on the wire at the point
where it is sent to the first reply hop. So it should be encrypted to the
recipient, who will first undo all the wrapping, and then decrypt it.
- --
David Hopwood <david.hopwood@zetnet.co.uk>
Home page & PGP public key: http://www.users.zetnet.co.uk/hopwood/
RSA 2048-bit; fingerprint 71 8E A6 23 0E D3 4C E5 0F 69 8C D4 FA 66 15 01
Nothing in this message is intended to be legally binding. If I revoke a
public key but refuse to specify why, it is because the private key has been
seized under the Regulation of Investigatory Powers Act; see www.fipr.org/rip
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQEVAwUBPMgNETkCAxeYt5gVAQGGpQf9EW2vM+a/X8l38aztrEvnxJ+eP4UIJy9R
yGlnY9fuGfJ2UsdOQ0rksAP7B0F3AZvaWBluVOyv81cUnWmfauEDLv/d4uBX2/dR
YTxiBkPMGXi+fE3YurdPmoVEcObphi/0g+G1q1bsqJxzPmmvg8aJRTAiQ3Tn4Vc1
9Oyewkl/AY8DjYOF1bnKirwBWBbVarAGvEu/PcY1xf2DoQ5m/t74gIWeahu36vgf
cL46V4xeSLn6dh8rpWynPoG11to3wn33EjWuOZUwVTyYJaRegSjJamv/T3EQ4ZYx
L2HfHoAc4ZaEwJ800eQRQSn4bdEn6DQOXl3FiP2iCMc4PZB5GSNWKQ==
=I9VW
-----END PGP SIGNATURE-----