Thanks Esfandiar. I had to run off for an hour and inadevertently sent my message before I had finished composing it, leaving a munged impression. My intended point was that the whole story has quite a bit to it beyond simply tweaking MQV. As you noted, that story has even more to it than what I stated.
aloha, Paul
On Wed, Nov 20, 2013 at 07:03:37PM +0100, Esfandiar Mohammadi wrote:
Am 20.11.2013 um 18:19 schrieb Paul Syverson paul.syverson@nrl.navy.mil:
These authors found a vulnerability in that protocol, improved on it, and proved their protocol secure.
Actually, Ian Goldberg, Douglas Stebila, and Berkant Ustaoglu found the vulnerability in Lasse and Paul's protocol [1], improved it, and proved the resulting protocol ntor secure [2]. We improved the efficiency of ntor and proved the resulting protocol Ace secure [3].
- Esfandiar
[1] Lasse Overlier and Paul Syverson. Improving efficiency and simplicity of Tor circuit establishment and hidden services. In Proceedings of the 7th international conference on Privacy enhancing technologies, pages 134 - 152, ACM, 2007.
[2] Ian Goldberg, Douglas Stebila, and Berkant Ustaoglu. Anonymity and one-way authentication in key exchange protocols. In the journal on Designs, Codes and Cryptography, pages 245-269, Springer, 2012.
[3] Michael Backes, Aniket Kate, and Esfandiar Mohammadi. Ace: an efficient key-exchange protocol for onion routing. In Proceedings of the 2012 ACM workshop on Privacy in the electronic society, pages 55 - 64, ACM, 2012.
tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev