On Thu, 7 Jul 2022 at 01:08, Timothy Sipples <sipp...@sg.ibm.com> wrote:
> The U.S. National Institute of Standards and Technology (NIST) has announced > four algorithms as new NIST standards in quantum-safe cryptography. [...] > The significance of this NIST announcement is that you can (and should) start > evaluating your systems and software for quantum safety if you haven't > started already. There's still some more work on the standards front (such as > an update to TLS) that's expected, but NIST's announcement is big news. And of course everyone's completely forgotten the Dual_EC_DRBG debacle and are *so* sure it couldn't happen again. There's an interesting paper “Dueling Over DUAL_EC_DRBG: The Consequences of Corrupting a Cryptographic Standardization Process“, albeit from an extremely US-centric perspective, at https://harvardnsj.org/wp-content/uploads/sites/13/2022/06/Vol13Iss2_Kostyuk-Landau_Dual-EC-DRGB.pdf . Why anyone still trusts NIST after NSA's subversion of Dual_EC_DRBG pretty much seems to come down to "we don't trust them, but we can't trust anyone else more". Tony H. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN