Dan Brown writes, on the semi-moderated c...@irtf.org list: > I agree with your multiple PK algs suggestion, for parties who can afford it. > What about sym key algs? Maybe too costly for now? > By the way, this kind of idea goes back at least as far as 1999 from > Johnson and Vanstone under the name of resilient cryptographic schemes.
What Dan Brown carefully avoids mentioning here is that his employer holds patents US7797539, US8233617, USRE44670 (issued just last month), and CA2259738 on "Resilient cryptographic schemes". Presumably this is also why he's so enthusiastic about the idea. Of course, the idea of using multiple cryptographic algorithms together has a long history before the 1999.01.20 priority date of the patent (see, e.g., http://link.springer.com/article/10.1007%2FBF02620231). The idea also has very little use, for several obvious reasons: * We have enough problems even getting _one_ algorithm deployed. * For applications with larger cost limits, we obtain much more security by pumping up the key size, rounds, etc. of a single algorithm rather than by combining algorithms. However, no matter how minor the idea is, it's interesting to see how Dan Brown pushes the idea on a standardization-related mailing list without mentioning his employer's related patents. There's a common myth that security is the primary design goal for cryptographic standards. In reality, security might be somewhere on the list of goals, but it certainly isn't at the top---it's constantly being compromised for the sake of other goals that have more obvious value for the participants in the standardization process. ---Dan _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
