[cryptography] the spell is broken

Jeffrey Goldberg jeffrey at goldmark.org
Fri Oct 4 19:55:44 EDT 2013

On 2013-10-04, at 5:19 PM, Nico Williams <nico at cryptonector.com> wrote:

> There's a lesson here.  I'll make it two for now:
> a) algorithm agility *does* matter; those who say it's ETOOHARD should
> do some penitence;

Mea culpa! (Actually I never spoke up on this before)

But I do think that difficulty of implementation matters enormously
in what gets adopted. There are plenty of application developers who
will respond to too high demands with, “ah, I don’t need all of that
stuff; I’ll write my own based on Enigma.”

ETOOHARD is an errno that has a lot of impact on a lost of software
that people use, and so should be given some respect.

> b) algorithm agility is useless if you don't have algorithms to choose
> from, or if the ones you have are all in the same "family”.


And even though that was the excuse for including Dual_EC_DRBG among the
other DBRGs, doesn’t take away from the what you say.

I would add a third.

c) The set of suites need to be maintained over time, with a clear way to
signal deprication and to bring new things in. If we are stuck with the
same set of suites that we had 15 years ago, everything in there may age



More information about the cryptography mailing list