Eric Rescorla wrote, on July 1:
There's an interesting paper up on eprint now:
http://eprint.iacr.org/2005/205
Another look at HMQV
Alfred Menezes
...
In this paper we demonstrate that HMQV is insecure by presenting
realistic attacks in the Canetti-Krawczyk model
There's an interesting paper up on eprint now:
http://eprint.iacr.org/2005/205
Another look at HMQV
Alfred Menezes
HMQV is a `hashed variant' of the MQV key agreement protocol. It
was recently introduced by Krawczyk, who claimed that HMQV has
very
