Comment by dwaite
3 years ago
> No. I don't think we should rely on formal standards, like FIPS, NIST, and the IETF.
I assume your concerns are with the process of standardization, and not the idea of standards themselves. After all, there are plenty of expert peer-reviews going on in NIST and in the IRTF.
Noise is useful for building your own bespoke kit, but there does need to be an agreement to use it in the same manner if you hope for interoperability. Things like public key crypto are precisely useful because the other side can read the information back out at the end of the process, even if they aren't running e.g. the same email client version.
NIST is procedurally the least objectionable of all of these standards bodies. Contests are better than collaborations. But NIST itself is a force for evil, not for the lurid message board reason of a shadowy cabal of lizard people trying to weaken PQC, but because "NIST standardization" keeps a lot of 1990s-era crypto in use and prevents a lot of modern crypto from being deployed in the industry.