The Crypto Gardening Guide and Planting Tips

Peter Gutmann pgut001 at cs.auckland.ac.nz
Tue Feb 4 23:08:17 EST 2003


After much procrastination I recently put the Crypto Gardening Guide and
Planting Tips online at
http://www.cs.auckland.ac.nz/~pgut001/pubs/crypto_guide.txt, this may be of
interest to readers.  From the introduction:

  There has been a great deal of difficulty experienced in getting research
  performed by cryptographers in the last decade or so (beyond basic
  algorithms such as SHA and AES) applied in practice.  The reason for this is
  that cryptographers don't work on things that implementors need because it's
  not cool, and implementors don't use what cryptographers design because it's
  not useful or sufficiently aligned with real-world considerations to be
  practical. As a result, security standards are being created with mechanisms
  that have had little or no security analysis, often homebrew mechanisms or
  the standards editor's pet scheme.  The problem is a lack of communication:
  Cryptographers often don't seem aware of the real-world constraints that
  their design will need to work within in order to be successfully deployed.
  The intent of this document is to cover some of those real-world constraints
  for cryptographers, to point out problems that their designs will run into
  when attempts are made to deploy them.  Also included is a motivational list
  of extremely uncool problems that implementors have been building ad-hoc
  solutions for since no formal ones exist.

Peter.


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com



More information about the cryptography mailing list