[Cryptography] FIPS, NIST and ITAR questions

Faré fahree at gmail.com
Wed Sep 4 12:59:08 EDT 2013

On Wed, Sep 4, 2013 at 11:26 AM, Jerry Leichter <leichter at lrw.com> wrote:
>> Just because it's trivial to produce bogus crypto doesn't mean it's
>> non-trivial to produce good crypto, given a few universal recipes.
> Look, if you want to play around a produce things that look secure to you and a few of your buddies - feel free to go ahead.  If your system is only used by you and a few friends, it's unlikely anyone with the appropriate skills will ever care enough to attack your system, and you'll be "secure".  As always, "security" is mainly an *economic* question, not a purely technical one.
Jerry, if you have good reasons to believe that either HMAC-DRBG or
the standard stream cipher construct are insecure, you should be
publishing a paper, not flaming a nobody.

That said, I readily admit that the cipher to hash transformation
hasn't been widely studied enough, though there are real-world
(enough) systems that use variants of such transformations, e.g.

My main point was that for the sake of circumventing attempts to ban
crypto, either through regulations or patents, you can bootstrap a
pretty secure system out of a good hash function and simple
transforms, that can probably all fit on a t-shirt together, either as
APL or Perl gibberish or as a QR code. Good luck banning that.

While this construct might not give you a best-of-breed system,
especially with respect of performance or interoperability, it is good
enough for Perry's purpose of bootstrapping a secure messaging system,
and using such a system, can trivially bootstrap the best-of-breed
system by downloading the missing bits. Now the thugs have to go sue
millions of users.

Sorry for repeating myself. I won't write on this topic anymore.

—♯ƒ • François-René ÐVB Rideau •Reflection&Cybernethics• http://fare.tunes.org
Anarchism is founded on the observation that since few men are wise enough
to rule themselves, even fewer are wise enough to rule others. — Edward Abbey

More information about the cryptography mailing list