[tor-dev] New revision: Proposal 295: Using ADL for relay cryptography (solving the crypto-tagging attack)

Jeff Burdges burdges at gnunet.org
Wed Apr 3 08:05:52 UTC 2019

If I understand, proposal 295 looks similar to either BEAR or LION from the LIONNESS.  I vaguely recall both BEAR and LION being "broken" in some setting, although I cannot site the paper.  Anyone?

I suppose the BEAR and LION break originates from using them for authentication while proposal 295’s separate SVer function fixes this?


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20190403/9b16d91e/attachment.sig>

More information about the tor-dev mailing list