[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

HCR for key negotiation

To: or-talk@xxxxxxxxxxxxx
Subject: HCR for key negotiation
From: "Watson Ladd" <watsonbladd@xxxxxxxxx>
Date: Tue, 2 May 2006 19:07:56 -0400
Delivered-to: archiver@seul.org
Delivered-to: or-talk-outgoing@seul.org
Delivered-to: or-talk@seul.org
Delivery-date: Tue, 02 May 2006 19:08:06 -0400
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:mime-version:content-type; b=Ni30kqlqR7jaA2gdMyBV2/lGY2CiMl8LUL/xY2gl3CyFOuR96plU+i0SE3JsEHC0IPKWF1nBDodzFJpGUpdEAfodUJVZkt5tJ03EnENX3r4Eru56h/uA1NJ+Z5KFSXpXMj4V2P2BHUdQzmMiwBJhnF1fOKFm9EYSzSILleeGZuM=
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

First some background:
The NSA's Suit B uses a key negotiation mutual authentication method MQV. This method was found to be insecure, and so HMQV was created. HMQV uses a signature protocol called HCR twice in one exchange to generate a key. HCR can prove identy of one endpoint and negotiate a key in a two message exchange with great efficiency for both sides.
In Tor the current key generation method is quite expensive. Would it be possible to change to HCR to improve efficency?

--
"Those who would give up Essential Liberty to purchase a little Temporary Safety deserve neither Liberty nor Safety."
-- Benjamin Franklin

Follow-Ups:
- Re: HCR for key negotiation
  - From: Nick Mathewson

Prev by Author: Re: FreeCap and a Tor server â good combination?
Next by Author: Re: HCR for key negotiation
Previous by thread: Re: FreeCap and a Tor server â good combination?
Next by thread: Re: HCR for key negotiation
Index(es):
- Author
- Thread