Removing 1 modular exponentiation
watsonbladd at gmail.com
Tue Feb 20 03:21:56 UTC 2007
James Muir wrote:
> You may already know that the current scheme has a security reduction
> (Goldberg, PET 2006), so I imagine there would have to be a comparable
> argument before the powers that be would consider a new scheme.
> Out of curiosity, what is it about your scheme that makes you say it is
Mike Perry had an MITM attack. It wasn't due to a problem with my proof
but a problem in that what I proved wasn't sufficient to insure
security. Basically Alice was performing DH with y the generator. So Eve
could easily perform an MITM attack. And Eve can connect to Ricky
easily. Still, a more efficient and still *secure* protocol would be a win.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 249 bytes
Desc: OpenPGP digital signature
More information about the tor-talk