[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Mixmaster message formats

To: [email protected]
Subject: Re: Mixmaster message formats
From: Raph Levien <[email protected]>
Date: Fri, 26 Apr 1996 10:16:21 -0700
CC: "Mark M." <[email protected]>
References: <Pine.LNX.3.92.960425200950.1060A-100000@gak>
Sender: [email protected]

Mark M. wrote:
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> I was thinking about how Mixmaster needs a separate message format so it
> can make messages a fixed size and add a packet ID.  However, couldn't all
> this be done with PGP?  With PGP, the length of the file being encrypted is
> encrypted itself, so it would be possible to append random data to the end
> of the file to make the message a fixed length like Mixmaster.  Also, the
> packet-ID could be implemented by putting a line such as the following in the
> message:
> 
> ::
> Packet-ID: foobar
> 
> The only other thing that would have to be taken care of is chaining.  The
> way I could see this working is to have a header in the encrypted message that
> tells the remailer whether it should de-armor the message at the next layer,
> append random data, then re-armor, and pass it to the next remailer.  Am I
> missing something?

Yes. When an intermediate message is decrypted, the real message becomes
readable, but the random bytes stay random. Thus, your proposal is
secure against attacks on the link, but fails to attacks on the nodes
(i.e. reveals just as information as if padding had not been used).

I was suffering from the same confusion myself until fairly recently. I
even made a proposal for text-based type-3 remailer formats, which
contained this flaw.

Raph

References:
- Mixmaster message formats
  - From: "Mark M." <[email protected]>

Prev by Date: Re: US law - World Law - Secret Banking
Next by Date: Fair Taxiation, credentials, guvmint interference
Prev by thread: Mixmaster message formats
Next by thread: Re: Mixmaster message formats
Index(es):
- Date
- Thread