[Cryptography] We need a new encryption algorithm competition.

ianG iang at iang.org
Mon Mar 17 06:28:36 EDT 2014

On 17/03/2014 02:17 am, dan at geer.org wrote:
> Not sure how we got to this discussion, but to synopsize:
>> X is unelected president for life of symmetric cryptography
>> Y is God King of public key cryptography
>> Z is he-who-cannot-break the algorithm
>> Q is he who has approved the proposed usage
>> L,M,N,O are the gang for hashes
>> e,i,Pi are the gang for random number generators
> Ergo, we have the classic problem of governance, that there is no
> more wonderful governance than that of a benevolent dictator, only
> that said wonderfulness is only sustainably wonderful if you can
> solve the succession problem.

Postel was succeeded by ICANN.  Do we take the average?

> (The Matrix is not the answer even
> if a rising fraction of all code is machine written.)
> Perhaps orthogonally,

or there's the market.  I am not sure myself why there needs to be one
*standard* algorithm or suite as an absolute.

People tend to say things such as, "we know it is good because it uses
AES."  But this is just a signal, no more, which means something like
"the author knew something or copied something or something."

As we know, implementation is generally a weaker point than the choice
of alg suite.  A well written RC4 implementation is better than a
schlock AES one.

OTOH, the market is also a defence;  small players rarely get looked at,
and security by obscurity works for them.


More information about the cryptography mailing list