[Cryptography] [FORGED] Re: On the Impending Crypto Monoculture

Peter Gutmann pgut001 at cs.auckland.ac.nz
Sun Mar 27 06:18:30 EDT 2016


Phillip Hallam-Baker <phill at hallambaker.com> writes:

>I would like us to get to the point where we have two algorithms for each
>primitive that are implemented for every active IETF protocol. These are a
>current algorithm and a backup in case of problems.

That's pretty much what I've done with TLS-LTS, exactly two algorithm groups
chosen from different families (e.g. DH vs. ECDH, RSA vs. ECDSA), a fixed set
of algorithms and parameters, no variants and optionally negotiated parameters
and eight different types of sauces and so on.

Peter.


More information about the cryptography mailing list