[Cryptech Tech] Fwd: [cryptography] [Cryptography] RSA is dead.
Warren Kumari
warren at kumari.net
Mon Dec 23 17:43:04 UTC 2013
I thought that this was potentially interesting — an auditable crypto library.
W
Begin forwarded message:
> From: "D. J. Bernstein" <djb at cr.yp.to>
> Subject: Re: [cryptography] [Cryptography] RSA is dead.
> Date: December 23, 2013 at 11:13:40 AM EST
> To: cryptography at randombit.net
>
> Peter Gutmann writes (on the moderated cryptography at metzdowd.com list):
>> Any sufficiently capable developer of crypto software should be
>> competent enought to backdoor their own source code in such a way that
>> it can't be detected by an audit.
>
> Some of us have been working on an auditable crypto library:
>
> https://twitter.com/TweetNaCl
>
> The original, nicely indented, version is 809 lines, 16621 bytes. The
> Python script to print tweetnacl.h is 1811 bytes. The accompanying paper
> (to be posted soon) says "Of course, compilers also need to be audited
> (or to produce proofs of correct translations), as do other critical
> system components"---but there's progress on that too. In general it
> seems that Peter's fatalist view consists entirely of "nobody has done
> this yet" rather than "it's impossible".
>
> TweetNaCl's speed doesn't match the asm in NaCl, but if you can tolerate
> OpenSSL's 4.2 million cycles for RSA-2048 decryption then you should be
> able to tolerate TweetNaCl's 2.5 million cycles for Curve25519.
>
> ---Dan
> _______________________________________________
> cryptography mailing list
> cryptography at randombit.net
> http://lists.randombit.net/mailman/listinfo/cryptography
>
--
The duke had a mind that ticked like a clock and, like a clock, it regularly went cuckoo.
-- (Terry Pratchett, Wyrd Sisters)
More information about the Tech
mailing list