[cryptography] the spell is broken

James A. Donald jamesd at echeque.com
Thu Oct 3 08:37:31 EDT 2013

On 2013-10-03 21:56, coderman wrote:
> On Thu, Oct 3, 2013 at 4:28 AM, James A. Donald <jamesd at echeque.com> wrote:
>> ...
>> He does not believe that AES and SHA-2 rest are necessarily broken - but
>> neither does he believe that they are not broken.
> there is a significant difference between avoiding a cipher on principle,
>   or association, or abundance of caution, or to avoid proving a negative,
> and avoiding a cipher because it is "broken".

"To avoid proving a negative"

Means "to avoid the need to prove it is not broken"

And why do we need to prove it is not broken?  Because we do not trust 
the people who issued it.

More information about the cryptography mailing list