SSK format: Data: 32kB of data
Headers: Plaintext: Symmetric cipher type. (2) Public key. (415) Encrypted headers. (see below) Hash of data. (32) E ( H ( docname ) ). (32) Signature. (on all the other fields). (42) Encrypted: IV. (32) Hash of decrypted data. (32) Data length. (4) Data compression algorithm if any. (2) Is data metadata? (1) Decrypt key for data. (32) Total headers size: 2+415+32+32+42+32+32+4+2+1+32 = 626 To calculate routing key: K = H ( pubkey + E ( H ( docName ) ) ) This can be calculated when fetching, or verified. To verify: Verify the key (as above). Verify the data hash. Compute the hash of all the plaintext fields including the encrypted fields. Verify the signature on that hash. To decode: Use SSK crypto key to decrypt encrypted fields. Use decrypt key in encrypted fields to decompress data. Check decrypted hash. (This proves the decrypt key was correct). Clip data to correct length. Decompress data if necessary. Return data. SSKs do not know in advance whether they are metadata. This is awkward in terms of APIs, since CHKs do. -- Matthew J Toseland - toad at amphibian.dyndns.org Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/tech/attachments/20051118/687d4954/attachment.pgp>
