On 23/12/13 21:43 PM, Kevin wrote:
On 12/23/2013 1:04 PM, Greg wrote:
On Dec 23, 2013, at 11:13 AM, D. J. Bernstein<d...@cr.yp.to> wrote:
Peter Gutmann writes (on the moderatedcryptogra...@metzdowd.com list):
Any sufficiently capable developer of crypto software should be
competent enought to backdoor their own source code in such a way that
it can't be detected by an audit.
Some of us have been working on an auditable crypto library:
https://twitter.com/TweetNaCl
The original, nicely indented, version is 809 lines, 16621 bytes.
... what is the point of tweeting lines of source code? It's completely
unreadable (to me, at least).
It's cool. It's a demonstration of how small a complete library can be.
It's a challenge to OpenSSL, you are the Library of Alexander, hack
and burn. It's fun to do over Xmas when promises not to work on code to
SO are thick and intent.
Why doesn't that twitter account link to the "original, nicely indented"
version?
If you can't find it, we don't want you to ;-)
Does the original have comments? If not, why not?
Ah. This debate has yet to start. Wait till you see OpenSSL or
BouncyCastle code... :P
Please do not email me anything that you are not comfortable also sharing with
the NSA.
Oh, that too.
iang
_______________________________________________
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
