On 8/8/12, Nick Mathewson <ni...@freehaven.net> wrote: > http://www.infsec.cs.uni-saarland.de/~mohammadi/owake.html
Also, where does this paper specify that the participants must check that public-key group elements are not equal to the identity element? That's rather important, as Tor's relay protocol is likely to break if an attacker can force a server to open additional circuits to an attacker using the same key material that a legitimate client's circuit has. Robert Ransom _______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev