[Cryptography] On the Impending Crypto Monoculture

Peter Gutmann pgut001 at cs.auckland.ac.nz
Wed Jun 29 10:46:13 EDT 2016

Salz, Rich <rsalz at akamai.com> writes:

>> On the Impending Crypto Monoculture
> ===================================
>So, Peter, TL;DR -- is this a good thing or not?

It's not really a comment either way, more of a food-for-thought article.  We
need usable, non-brittle crypto, and Dan et al are filling that gap while at
the same time few others seem to be doing so.  What's even worse is that some
of the currently most trendy algorithms and modes are also the most brittle,
failure-prone ones (AES-GCM springs immediately to mind).

One of the bits of off-list feedback I had helped illustrated this, someone
commented that they needed an efficient post-quantum-safe hash function.
After a bit of poking around they found one.  Guess who created it?

This also gives me a chance to comment on another bit of feedback I had,
apparently some people have felt that the writeup came across as an attack on
Dan.  It was never intended as such, given that I wrote it I may be a bit
biased but I can't see how it could be interpreted as that.  If it has been
then it wasn't intended that way.

>is this a good thing or not?

Go not to the security geeks[0] for counsel, ...


[0] Or lawyers, or psychologists, or several other professions.

More information about the cryptography mailing list