[Cryptography] On the Impending Crypto Monoculture

ianG iang at iang.org
Sun Mar 27 12:26:51 EDT 2016


On 24/03/2016 12:41 pm, Peter Gutmann wrote:
> On the Impending Crypto Monoculture
> ===================================
...
> What implementers are looking for is what Bernstein has termed boring crypto,
> "crypto that simply works, solidly resists attacks, never needs any upgrades"
> ("Boring crypto", Dan Bernstein).  Bernstein and colleagues offer a silver
> bullet, something that appears better than anything else that's out there at
> the moment.

There is some sort of sex appeal in being able to field and play with 
multiple algorithms.  Terming this as boring crypto gets right to the 
heart of the sort of geeky amusement that you see going on in the 
protocol lists - geeks defending their right to have selection of 
algorithms using all sorts of arcane arguments.

In practice, most of it is just a myth that was inherited from the 1990s.

I want boring crypto.  I want the sex appeal to move up the stack to 
protocols - which still needs work - and into the app which is where 
almost all the security problems occur.


...
> So the (pending) Bernstein monoculture isn't necessarily a vote for Dan, it's
> more a vote against everything else.


Yeah.

What is an issue is, how do we choose the monoculturalist-in-chief?  DJB 
got this one by default because he was the one who created the boring 
set with that goal in mind, in advance of the market realising this is 
the way to go.  But this set - any set - has a shelf life.

In about 5 years we're going to want to choose a new king.  As soon as 
an organistion like IETF adopts this process, we'll be shifting the 
burden to the future prince in waiting.


iang



More information about the cryptography mailing list