[Cryptography] recommending ChaCha20 instead of RC4 (RC4 again)
Bill Frantz
frantz at pwpconsult.com
Thu Mar 13 18:43:42 EDT 2014
On 3/13/14 at 6:19 AM, dan at geer.org wrote:
>Let's stipulate that you are entirely correct. How do we react if
>we are to learn the lessons of history, etc.? Can a lack of
>speedups-to-come be itself relied upon enough to factor that into
>design decisions yet to be made, such as to put aside any need to
>design in resistance to a sped-up future or to demand specialized
>chipsets for devices that will have no remote management interface?
First, we get no relief from the danger of exhaustive search. It
is trivial to parallelize.
If we are interested in security, then we must (a) be willing
and financially able to throw away the device, (b) be able to
upgrade it, or (c) be willing to lose security. The cynic in me
says we will always choose the (c), at least until we have been
personally burned.
Cheers - Bill
-------------------------------------------------------------------------
Bill Frantz | The first thing you need when | Periwinkle
(408)356-8506 | using a perimeter defense is a | 16345
Englewood Ave
www.pwpconsult.com | perimeter. | Los Gatos,
CA 95032
More information about the cryptography
mailing list