The cr.yp.to microblog: 2011.12.09 11:28:49

2011.12.09 11:28:49 (145087498001985536) from Daniel J. Bernstein, replying to "Matthew Green (@matthew_d_green)" (143698447189553152):

@matthew_d_green Seriously? Whenever you see non-standard crypto, you confidently say it's bad? You claim that Serpent is bad, for example?

Context

2011.12.05 13:44:24 (143672065042558976) from Daniel J. Bernstein, replying to "Pascal Junod (@cryptopathe)" (143590460747821056):

@cryptopathe Let's try an example: the new DTLS security disaster in both OpenSSL and GnuTLS. Do you recommend using DTLS? It's a standard!

2011.12.05 14:19:02 (143680783608053760) from "Pascal Junod (@cryptopathe)":

@hashbreaker While pointing a bad crypto standard is easy, putting all of them into trashcan is too reductive.

2011.12.05 14:28:53 (143683259157581825) from "JP Aumasson (@veorq)", replying to "Pascal Junod (@cryptopathe)" (143680783608053760):

@cryptopathe @hashbreaker OTOH stdness is the cheapest way to figure out which cipher does the job with high probability

2011.12.05 15:29:14 (143698447189553152) from "Matthew Green (@matthew_d_green)", replying to "JP Aumasson (@veorq)" (143683259157581825):

@aumasson @cryptopathe @hashbreaker ... but that I have so much in nonstandards being wrong. (to paraphrase Asimov).