ECDSA is almost universally used. It's deeply suboptimal in a variety of ways. But that's because it was designed in the 1990s, not because it's backdoored. This isn't a new line of argumentation for Bernstein; he has also implied that AES is Rijndael specifically because it was so commonly implemented with secret-dependent lookups (S-boxes, in the parlance); he's counting on a lay audience not knowing the distinction between an engineering principle mostly unknown at the time something was designed, and a literal backdoor.
What's annoying is that he's usually right, and sometimes even right in important new ways. But he runs the ball way past the end zone. Almost everybody in the field agrees with the core things he's saying, but almost nobody wants to get on board with his wild-eyed theories of how the suboptimal status quo is actually a product of the Lizard People.
Is he claiming that it is a literal backdoor though? Couldn't Bernstein have a point that the NIST picked Rijndael as the winner of the AES competition because the way it was usually implemented was susceptible to timing attacks? Even if it the engineering principle was mostly unknown at the time, one might guess that e.g. NSA was aware of it and may have provided some helpful feedback.
> he's counting on a lay audience not knowing the distinction between an engineering principle mostly unknown at the time something was designed, and a literal backdoor.
When you discount his theories with that argument, your own reductio ad Lizardum (?) doesn’t help. There’s a world of distinction between NSA inserting backdoors, for which there’s good evidence but maybe not every time, and whatever you’re trying to paint his theory as by invoking the Lizard People.
You haven't explained how my argument discounts his theories. You're just unhappy that I used the term "Lizard People". Ok: I retract "Lizard People". Where does that leave your argument?
I don't care about his theories. What matters that US export controls on encryption were reduced due to his previous lawsuit and he has offered alternative encryption in the public domain.
ECDSA is almost universally used. It's deeply suboptimal in a variety of ways. But that's because it was designed in the 1990s, not because it's backdoored. This isn't a new line of argumentation for Bernstein; he has also implied that AES is Rijndael specifically because it was so commonly implemented with secret-dependent lookups (S-boxes, in the parlance); he's counting on a lay audience not knowing the distinction between an engineering principle mostly unknown at the time something was designed, and a literal backdoor.
What's annoying is that he's usually right, and sometimes even right in important new ways. But he runs the ball way past the end zone. Almost everybody in the field agrees with the core things he's saying, but almost nobody wants to get on board with his wild-eyed theories of how the suboptimal status quo is actually a product of the Lizard People.
Is he claiming that it is a literal backdoor though? Couldn't Bernstein have a point that the NIST picked Rijndael as the winner of the AES competition because the way it was usually implemented was susceptible to timing attacks? Even if it the engineering principle was mostly unknown at the time, one might guess that e.g. NSA was aware of it and may have provided some helpful feedback.
> he's counting on a lay audience not knowing the distinction between an engineering principle mostly unknown at the time something was designed, and a literal backdoor.
When you discount his theories with that argument, your own reductio ad Lizardum (?) doesn’t help. There’s a world of distinction between NSA inserting backdoors, for which there’s good evidence but maybe not every time, and whatever you’re trying to paint his theory as by invoking the Lizard People.
You haven't explained how my argument discounts his theories. You're just unhappy that I used the term "Lizard People". Ok: I retract "Lizard People". Where does that leave your argument?
I don't care about his theories. What matters that US export controls on encryption were reduced due to his previous lawsuit and he has offered alternative encryption in the public domain.