On Thu, Dec 12, 2013 at 11:11 PM, Nicholas Hopper wrote:
> Your analysis looks correct to me. But what's wrong with using
> threshold crypto or secret sharing? Since you're already assuming
> some sort of bounded delay synchronization, I think we can eliminate
> any advantage in influencing the
On Fri, Nov 22, 2013 at 9:55 AM, George Kadianakis wrote:
> (This message has been sitting in my drafts for a week or so, because
> I fear that it might make no sense. Today I cleaned it up and decided
> to post it.)
>
> Hello Nick and Elly,
>
> we were recently discussing various commit-and-revea
Hello.
> Adversaries who control a
> subset of the authorities should not be able to influence the result
> (except if they control a majority of the authorities; in which case
> Tor is screwed anyway).
If you're willing to live with that then it should be possible to make
a ``perfect'' protocol.
(This message has been sitting in my drafts for a week or so, because
I fear that it might make no sense. Today I cleaned it up and decided
to post it.)
Hello Nick and Elly,
we were recently discussing various commit-and-reveal schemes to
accomplish the unpredictability of HSDir positions in the
