[Cryptography] On the Impending Crypto Monoculture
Ron Garret
ron at flownet.com
Sun Mar 27 15:35:02 EDT 2016
On Mar 27, 2016, at 9:26 AM, ianG <iang at iang.org> wrote:
> But this set - any set - has a shelf life.
The right way to deal with this is by versioning the entire crypto suite. So NaCl is Comprehensive Tool Chain version 1. When some problem is identified with NaCl, the community can work on CTC version 2. Maybe there could be two versions active at any one time, a standard suite, and a backup that is “in the bullpen” in case something goes wrong with the primary. A backup for NaCl would probably look just like NaCl but with Curve25519 replaced with Curve448-Goldilocks.
It’s very rare that a weakness is discovered in a core crypto algorithm without a lot (like several years) of warning so a single backup should cover even the most catastrophic of circumstances.
rg
More information about the cryptography
mailing list