[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Forward and reply messages



-----BEGIN PGP SIGNED MESSAGE-----

George Danezis wrote:
> Some additional comments would be:
> 1) One has to be careful about the fact the header length is variable and
> that some nodes know it. It would be nice if the total length of the path
> cannot be deduced (so for example we require a minimum size of header
> padded with junk).

Each node obviously knows the header that is addressed to it, and there is
a limit on the sum of the header lengths, but other than that, no information
is leaked about the lengths of headers for other nodes, or the total path length,
or the position within the path. Minimum header sizes are not required for this.

Note that variable-length headers can be used for any of the approaches to
doing reply blocks.

> 2) If we require the message to be encrypted end-to-end we have to specify
> how, and make sure that it looks like a normal encrypted message.

Yes, but that's straightforward, and should be supported anyway whatever
approach to reply blocks we use (it is essential for the "two payloads"
approach).

> In general, while I find the proposal in itself ok, I am still not
> convinced about dropping the requirement about un-distinguish-ability of
> reply and forward messages. If the objective is to avoid the remaining
> tagging attacks that the swap like approach leave I think it is a
> disproportionate penalty.

I'm still undecided. I've reluctantly come to the conclusion that the
optimal approach to reply blocks depends on the path selection and batching
strategies - I'll explain why in another message.

- -- 
David Hopwood <david.hopwood@zetnet.co.uk>

Home page & PGP public key: http://www.users.zetnet.co.uk/hopwood/
RSA 2048-bit; fingerprint 71 8E A6 23 0E D3 4C E5  0F 69 8C D4 FA 66 15 01
Nothing in this message is intended to be legally binding. If I revoke a
public key but refuse to specify why, it is because the private key has been
seized under the Regulation of Investigatory Powers Act; see www.fipr.org/rip


-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQEVAwUBPM39eTkCAxeYt5gVAQHOaggApBVTTYhm1VjNVfhyQOOOSi1gOu2kVLSw
VELBC9oW2J0COOPAQnnZJy2+ZETiiQ3IDLjIPc2lR1fjheun5XjxjXg42h011OWZ
JLjZ7f6dDePWpWKWGeWir3+yVaY56KYcQCeXqnRqzCNuKV0aFJLzp44MnyyRAUy0
M5i+oy/tTg/LmNwu2aoUXuknMcLRNt7MxdwVwfxxfrGLVWMyvGYHGC3GRhJY+tAa
PF3YYGUHyNW9+vaIp9ED12CDCFj/vMYWzxkA6TlL09fz3eEl5zMI+6SlrIjUqjbs
sNPyEep/TX2fI4G74lQF9zIRCq//YbnKryavHwGDEdowiM6okzkFhQ==
=dB5T
-----END PGP SIGNATURE-----