top | item 46076898

(no title)

ysleepy | 3 months ago

Still, why endorse and practically make everyone implement an algorithm that only the NSA wants, while there is a superset already standardised.

This is about the known bad actor NSA forcing through their own special version of a crypto building block they might downgrade-attack me to.

I pay like 1% overhead to also do ecc, and the renegotiation to the non-hybrid costs 2x and a round-trip extra. This makes no sense apart from downgrade attacks.

If it turns out ecc is completely broken, we can add the PQ only suite then.

discuss

tptacek|3 months ago

Nobody has to implement the algorithm only NSA wants! That's not how RFCs work.