Notes on Padding

From Pfyshnet

One nuance of symmetric encryption is that it only works on a specific number of bytes at a time. This is called the encryption algorithm's block size, often 16.

For example, if someone wants to encrypt 32 bytes then the algorithm will encode twice. However, if someone wants to encode 31 bytes then he's 1 byte short for the algorithm to work properly. This is usually solved by adding bytes in a specific manner so that a multiple of the block size is achieved. Then once the data has been decoded the extra bytes are recognized as padding and discarded.

Instead of using a standard padding scheme Pfyshnet can take advantage of the fact that we always know the exact size of the data to be encoded. A header indicating the size of the data is added before encoding, then a multiple of the block size is achieved simply by adding more bytes. After decoding, only the number of bytes indicated in the header is kept, the rest are discarded.

As mentioned before, one of Onion Routing's problems is that the size of the data must be controlled. Pfyshnet only allows one of a few different data sizes. The process of decoding data and processing it usually decreases the size of the data. However, because of Pfyshnet's padding scheme, random data can simply be added to the end until an allowed data size is achieved. The next node will not be able to tell the difference between encoded data and the random padding. It simply decodes all of the data. Once the data reaches the final destination the length header is revealed, and the extra padding added along the way is discarded.