Re: [tor-dev] Improved circuit-setup protocol [was: Re: Designing and implementing improved circuit-setup protocol [was: GSoC 2011]]

On Thu, Apr 7, 2011 at 6:04 PM, Ian Goldberg iang@cs.uwaterloo.ca wrote: [...]

The phrase that jumps to mind is, "Danger Will Robinson!".  ;-)  If we're redesigning the AKE (authenticated key agreement) bits, we probably shouldn't just make up our own stuff.

Indeed! I am hoping that by threatening to do so, I can get the cryptographers on the list to take an interest and tell us what to do instead. ;)

(For background on why we would want to do crypto migration at atll, see https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/ideas/xxx-cry... , for which there was never really enough comment. See also proposal 176, which is totally Made Of Crypto.)