[cryptography] [Cryptography] RSA is dead.

ianG iang at iang.org
Mon Dec 23 13:53:36 EST 2013


On 23/12/13 21:43 PM, Kevin wrote:
> On 12/23/2013 1:04 PM, Greg wrote:
>> On Dec 23, 2013, at 11:13 AM, D. J. Bernstein<djb at cr.yp.to>  wrote:
>>
>>> Peter Gutmann writes (on the moderatedcryptography at metzdowd.com  list):
>>>> Any sufficiently capable developer of crypto software should be
>>>> competent enought to backdoor their own source code in such a way that
>>>> it can't be detected by an audit.
>>> Some of us have been working on an auditable crypto library:
>>>
>>>    https://twitter.com/TweetNaCl
>>>
>>> The original, nicely indented, version is 809 lines, 16621 bytes.
>> ... what is the point of tweeting lines of source code? It's completely unreadable (to me, at least).


It's cool.  It's a demonstration of how small a complete library can be. 
  It's a challenge to OpenSSL, you are the Library of Alexander, hack 
and burn.  It's fun to do over Xmas when promises not to work on code to 
SO are thick and intent.

>> Why doesn't that twitter account link to the "original, nicely indented" version?


If you can't find it, we don't want you to  ;-)

>> Does the original have comments? If not, why not?


Ah.  This debate has yet to start.  Wait till you see OpenSSL or 
BouncyCastle code... :P


>> Please do not email me anything that you are not comfortable also sharing with the NSA.

Oh, that too.

iang



More information about the cryptography mailing list