MQV?

[Watson Ladd]

Could we make the route extension more efficient by using HMQV(hashed
Menese-Qu-Vanstone)? MQV is patented, but I don't know about HMQV.
This would 2/3 the load on servers when doing a negotiation(3
exponentations vs. 2 exponentiations). since most routes are
reletivly-short lived this would reduce load by a significant amount. 
All results against it require leakage of the random nonces used.

Sincerly,
Watson Ladd
--
"Those who would give up Essential Liberty to purchase a little
Temporary Safety deserve neither  Liberty nor Safety."
-- Benjamin Franklin