Derek Atkins wrote:
>> However, Snowden taught us that we must avoid any fancy
>> cryptography strongly promoted by NIST, including all the
>> EC related ones, which may be documented somewhere.
>
> It is unclear to me that ECC as a generic technology is bad, although
> any specific curves create
Nicholas Weaver writes:
> On Nov 1, 2013, at 7:57 AM, Derek Atkins wrote:
>> It is unclear to me that ECC as a generic technology is bad, although
>> any specific curves creates by NIST/NSA are certainly suspect.
>>
>> Having said that, Dual-EC-DRBG is a Random Number Generator, not a Hash,
>>
Masataka Ohta writes:
> Hi, Hosnieh,
>
>> Do you think it will be relevant to this document or it can be
>> another informational document only discuss about the
>> vulnerabilities of cryptographic algorithms?
>
> As I said, it is a known vulnerability. That is, we don't
> need a generic new docu
On Nov 1, 2013, at 7:57 AM, Derek Atkins wrote:
> It is unclear to me that ECC as a generic technology is bad, although
> any specific curves creates by NIST/NSA are certainly suspect.
>
> Having said that, Dual-EC-DRBG is a Random Number Generator, not a Hash,
> Public Key, or Cipher algorithm,
> On 1 Nov 2013, at 06:35, Evan Hunt wrote:
>
>> On Fri, Nov 01, 2013 at 03:29:12PM +0900, Masataka Ohta wrote:
>> TLS is another PKI and is inherently insecure as CAs can be
>> compromised.
>
> True, but Tony's quorum-based approach could be made exhaustive enough
> that the adversary would ha