Peter Gutmann (at Monday, November 4, 2013, 1:40:26 AM): > Then it deprecates PKCS #1 v1.5 (which pretty much the entire > planet uses) because it doesn't have a security proof, while recommending a > bunch of exotic alternatives that more or less nothing uses.
what is the purpose of academic research? we don't want the academia to reinforce the public opinion. we want them to speak the truth, whether it is popular or not. they have to give us the goals. and the industry have to decide how fast we want to incorporate knew knowledge in our practices. history shows that many times we opt to continue with the old protocol, and then we burn ourselves. just recently, millions of passwords were stolen from amazon. it was a legacy system kept alive to keep obsolete systems alive. we need to learn the lesson. cryptographers are not tinfoil hat crazy persons. you follow what they praise, or you get hacked in the next month or the next year. you have no excuse. you have been warned. you act now, or face consequences later. moral of the story: math can not be defied. we all bullied that thick glass "idiot savant". but it stopped working after high school. in adulthood, thick glass mathematicians tell you what works and what does not. time to get rid of pride. or fail. _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
