[Cryptography] Crypto Standards v.s. Engineering habits - Was: NIST about to weaken SHA3?

Trevor Perrin trevp at trevp.net
Thu Oct 10 21:36:42 EDT 2013


On Thu, Oct 10, 2013 at 3:32 PM, John Kelsey <crypto.jmk at gmail.com> wrote:
>  The goal is to have an inner protocol which can run inside TLS or some similar thing
[...]
>
> Suppose we have this inner protocol running inside a TLS version that is subject to one of the CBC padding reaction attacks.  The inner protocol completely blocks that.

If you can design an "inner protocol" to resist such attacks - which
you can, easily - why wouldn't you just design the "outer protocol"
the same way?


Trevor


More information about the cryptography mailing list