MJ wrote:
On 17 Jan 2014, at 17.30, Christian Weisgerber <na...@mips.inka.de> wrote:
As guenther@ has pointed out, refusing all crypto covered by that
definition is silly. But even if you limit yourself to the
specification part, you should be very disappointed about the newly
added Curve25519 key exchange and Ed25519 signing in OpenSSH, because
as implemented both rely on SHA-2 cryptographic hashes, which were
not only specified by NIST, but in fact designed by the NSA.
Of course mainstream cryptographers don't think that SHA-2 is
insecure, much less backdoored, but that again raises the question:
What do mean by that "NIST crypto" you want to avoid?
--
Christian "naddy" Weisgerber na...@mips.inka.de
Hi,
Consider for a moment the difference between objective thinking and
> objective feeling, then you might consider my point of view.
That's called being emotional and isn't objective in the least.
paranoid != security conscious
You are right, mere involvement has not tainted reality. But it has
left me suspicious, and that’s something that needs to be satisfied.
> It’s a fuzzy logic, and it wasn’t enough to get me past the doorman
inthe Umverschämft.
-mike
Since we have to use those ciphers anyway (to communicate with everyone
else on the internet not wearing a tin-foil hat), why don't we just
audit the code implementing those ciphers? We have the source, so any
one versed in cryptography (I'm sure there are more than a few lurking
around here) can check it out. This would help a lot more people than
just us.
-CMA
