[Cryptography] SHA-3 FIPS-202: no SHAKE512 but SHAKE128; confusing SHAKE security
ianG
iang at iang.org
Fri Aug 14 23:30:12 EDT 2015
On 14/08/2015 20:15 pm, ianG wrote:
> So if people want to go full IoT, can we ask: what does that mean? Can
> we draw the line and say the OpenPGP offering here is CipherSuiteIoT
> which means x/y/z in numbers and params and no more no less?
>
> PHB:
> > IOT looks set to create a demand
> > for an absolutely minimal cryptographic
> > suite. One signature algorithm, one
> > exchange algorithm, both on the same
> > curve, one authenticated encryption
> > mode, one digest/pseudorandom function.
>
>
> Or are we offering full cipher flexibility to those IoT designers, and
> thus forcing them to implement all the multiples, because they won't
> know what other designers will choose, etc?
>
> My thinking right now is that (assuming we're doing this) we should put
> in the draft a recommendation that precisely identifies a minimum
> most-popular obligatory to implement suite that covers as far down as we
> can get it. And leave the rest up to the market?
Wait - I'm on the wrong bloody list .. this was supposed to be a message
to OpenPGP. Oh well.
iang
More information about the cryptography
mailing list