[Cryptography] Crypto Standards v.s. Engineering habits - Was: NIST about to weaken SHA3?
John Kelsey
crypto.jmk at gmail.com
Sun Oct 6 11:26:11 EDT 2013
If we can't select ciphersuites that we are sure we will always be comfortable with (for at least some forseeable lifetime) then we urgently need the ability to *stop* using them at some point. The examples of MD5 and RC4 make that pretty clear.
Ceasing to use one particular encryption algorithm in something like SSL/TLS should be the easiest case--we don't have to worry about old signatures/certificates using the outdated algorithm or anything. And yet we can't reliably do even that.
--John
More information about the cryptography
mailing list