[Cryptography] On the Impending Crypto Monoculture

[Ron Garret]

On Mar 24, 2016, at 5:41 AM, Peter Gutmann <pgut001 at cs.auckland.ac.nz> wrote:

> On the Impending Crypto Monoculture
> ===================================
> 
> A number of IETF standards groups are currently in the process of applying the
> second-system effect to redesigning their crypto protocols.  A major feature
> of these changes includes the dropping of traditional encryption algorithms
> and mechanisms like RSA, DH, ECDH/ECDSA, SHA-2, and AES, for a completely
> different set of mechanisms, including Curve25519 (designed by Dan Bernstein
> et al), EdDSA (Bernstein and colleagues), Poly1305 (Bernstein again) and
> ChaCha20 (by, you guessed it, Bernstein).
> 
> What's more, the reference implementations of these algorithms also come from
> Dan Bernstein (again with help from others), leading to a never-before-seen
> crypto monoculture in which it's possible that the entire algorithm suite used
> by a security protocol, and the entire implementation of that suite, all
> originate from one person.
> 
> How on earth did it come to this?

Saying "How on earth did it come to this?” strongly implies that you think that the trend towards DJB’s crypto suite a problem, but you don’t offer much in terms of proposals for how to solve it, or even what a solution would look like.  You seem to agree that a solution would *not* look like the status quo.  So what exactly are you advocating here?

I submit that the impending monoculture in crypto is not necessarily a problem, any more than the monoculture in physics (what?  No alternatives to GR and QM?) or climate science is necessarily a problem.  It’s possible that crypto has a Right Answer, and that Dan Bernstein has discovered/invented it.  If you believe that simplicity and minimalism ought to be part of the quality metric then there may be very few local maxima in the design space, and DJB may simply have found one of them.

rg