Hi, > On 17 Mar 2016, at 07:35, Efthymios Iosifides <iosifid...@gmail.com> wrote: > > Hello all. > > I have just found on the ietf archives an email discussion about the > inclusion of the SPECK Cipher > in the tls standards. > It's reference is below > :https://www.ietf.org/mail-archive/web/tls/current/msg13824.html > > Even though that this cipher originates from the NSA one cannot find a > whitepaper that describes it's full cryptanalysis. In the above discussion > Mr. Strömbergson somehow perfunctorily presents two whitepapers that describe > the SPECK's cryptanalysis. Although we shall keep in mind that these papers > describe a limited round cryptanalysis. Also we shall not forget that a > similar cryptanalysis has taken place for the famous AES. Therefore i > personally do not see any actual arguments apart from the facts that concerns > the algorithm's provenance for not including it in a future tls > specification. In conclusion even by this day the SPECK cipher has not been > yet fully cryptanalyzed succesfully.
I don't see any compelling argument for the inclusion of SPECK? Not only would the affiliation with NSA give the TLS-WG a bad rep. in the public, more importantly, it makes one of our main problems worse: combinatorial explosion of possible cipher-suites in TLS. This problem is so bad that it needs multiple blog posts, an effort by Mozilla and bettercrypto.org to get sys-admins to configure their services. Aaron
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
