[148590] in cryptography@c2.net mail archive
Re: [Cryptography] RSA is dead.
daemon@ATHENA.MIT.EDU (Kent Borg)
Sun Dec 22 18:58:41 2013
X-Original-To: cryptography@metzdowd.com
Date: Sun, 22 Dec 2013 18:31:32 -0500
From: Kent Borg <kentborg@borg.org>
To: Patrick Mylund Nielsen <cryptography@patrickmylund.com>,
Bill Cox <waywardgeek@gmail.com>
In-Reply-To: <CAEw2jfy-9h_HSWeBAU3UXJ2K5+wA4_kfvJn57+2p5Y8zc=dXxA@mail.gmail.com>
Cc: "cryptography@metzdowd.com" <cryptography@metzdowd.com>, crypto@senderek.ie,
Peter Gutmann <pgut001@cs.auckland.ac.nz>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On 12/22/2013 06:17 PM, Patrick Mylund Nielsen wrote:
> You're assuming that, not only will anyone look at your code at all,
> they will have training in cryptography, know to be looking for
> something bad, and spend a large amount of time on finding it.
The NSA should do that.
If the NSA were doing their job, if they really looked that the
landscape and wondered where the risks are...THEY would be doing this
code review. (They probably are.) And publishing the results. (They
are not.) And suggesting good fixes. (I can dream...)
Cyber threats are a place where defense really can work. It is such a
shame the US government chose to militarize the internet instead of
making it safer for everyone. Safer for everyone, they are too jealous
for that.
-kb
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
