On 17 Jan 2014, at 06.05, Philip Guenther <guent...@gmail.com> wrote: > Ah, so if NIST looked at work done by someone completely unrelated to > NIST and said "looks good, we'll standardize exactly what you did", > you think that it's now contaminated by NISTs talking about it? For > example, AES, which was designed by europeans and standardized after a > massively public competitive process that even the losing competitors > think was legit with no funny games, should be excluded by your > clarified criteria. That sounds like you're interested in a political > statement and not a security goal. >
Hi Phil, Thanks for your response. I am, indeed, more interested in a security goal than a political goal, though political goals are not foreign to my train of thought. My feeling is thus: NIST is strongly advocating the cryptographic primitives that NSA finds feasible to circumvent. This is the thing that is disturbing me. The fact is that none of us, unless you are working for NSA crypto team, know what their capabilities are. But we do know that they are spending a shitload of money and working night and day to establish a functional quantum computer which would render all of our current state of the art crypto invalid. That is their goal number 1. I don’t trust NIST at all, and I also don’t trust ICANN. Here are a list of people I trust when it comes to running their code, in order of importance: RMS DJB (and his proteges by proxy) Theo | Henning Now, if DJB has been recruited than I will forever hang my head in shame. I don’t trust Eric Allman, and I don’t entirely trust Kirk McKusick though I would like to. -mike
