[cryptography] Fwd: [gsc] Fwd: OpenBSD IPSEC backdoor(s)

Jon Callas jon at callas.org
Wed Dec 15 15:38:50 EST 2010


> That said, I would not recommend people to write their own crypto, as
> cryptography is hard enough to foster any kind of fault, glitch or
> defect. In turn, this may leads to incidents that promise to be no
> less severe than those arising from a backdoor in OpenBSD IPSec stack,
> if any.

Perhaps a bit more succinctly, the best way to eavesdrop on someone is to tell them that their crypto is broken. 

	Jon




More information about the cryptography mailing list