[Cryptography] Crypto Standards v.s. Engineering habits - Was: NIST about to weaken SHA3?

John Kelsey crypto.jmk at gmail.com
Sun Oct 6 11:26:11 EDT 2013


If we can't select ciphersuites that we are sure we will always be comfortable with (for at least some forseeable lifetime) then we urgently need the ability to *stop* using them at some point.  The examples of MD5 and RC4 make that pretty clear.  

Ceasing to use one particular encryption algorithm in something like SSL/TLS should be the easiest case--we don't have to worry about old signatures/certificates using the outdated algorithm or anything.  And yet we can't reliably do even that.  

--John


More information about the cryptography mailing list