[Cryptography] NIST Workshop on Elliptic Curve Cryptography Standards

[Ryan Carboni]

I'm confused by the current discussion. It seems predicated on the
assumption that standards and implementations are equal to each other. Most
implementations are standards cobbled together, and I wish most
implementations were cross compatible (the best form of auditing is to have
two independent attempts), but they aren't. And smart cards don't usually
communicate using the internet, so they'd use a different protocol and
implementation than a desktop.

In any case, XXTEA reduces from 32 rounds to 6 rounds for large blocks, and
it's round function is pretty weak, so the method seems to strengthen small
ciphers applied to large blocks.

In odd news, the US government has to pay private companies for
certificates. You'd think they'd be able to get browser makers to allow a
root certificate that can only verify ".gov" addresses and do some
certificate pinning.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150513/238dbafb/attachment.html>