Comment by josh2600
3 years ago
I see. So maybe what you’re really saying is “why are you writing a system that has cryptographic primitives if you’re not a cryptographer/mathematician?”
3 years ago
I see. So maybe what you’re really saying is “why are you writing a system that has cryptographic primitives if you’re not a cryptographer/mathematician?”
No, that is not at all what I am saying.
Let me ask this another way. I know how we determined noise was a good standard and that was talking to a lot of people who had built sophisticated crypto systems and then doing the research ourselves, but that’s only because we had the people on staff who had the capacity to evaluate such systems.
If we didn’t have those people, how would you suggest figuring out which system to implement?
Peer review is a good start. Noise, and systems derived from it like WireGuard, are peer reviewed (check scholar.google.com for starters), and NIST had nothing at all to do with it.
3 replies →