[cryptography] Potential funding for crypto-related projects

Nico Williams nico at cryptonector.com
Fri Jun 14 12:39:29 EDT 2013


On Fri, Jun 14, 2013 at 3:43 AM, Eugen Leitl <eugen at leitl.org> wrote:
> On Thu, Jun 13, 2013 at 06:27:13PM +0200, Moritz wrote:
>> Hi,
>>
>> A foundation offered me money for improving, auditing, or implementing
>> crypto-related software and hardware. We could probably also
>> fund/perform usability studies.
>>
>> Any suggestions?
>
> Getting BTNS (opportunistic encryption without authentication)
> into stock Debian would be quite important.

And IPsec channels.  It is critical to have IPsec channels (of one
sort or another) in order to make proper use of IPsec for end-to-end
protection.  If you go with RFC5660-type IPsec channels you also need
some APIs (get/setsockopt(), like Solaris' IP_SEC_OPT, but with a way
to extract peer ID/cert/public key info).

(The alternatives to RFC5660-type IPsec channels would be CGA/HIP,
which work by binding IDs strongly into addresses or address
resolution, but these are hard to deploy, whereas RFC5660 is strictly
local -- no protocol, no bits on the wire, no requirements for
credentials types or issuers.)

Nico
--


More information about the cryptography mailing list