[Ach] Camellia justification?

ianG iang at iang.org
Wed Apr 23 17:09:06 CEST 2014


On 23/04/2014 12:17 pm, Hanno Böck wrote:
> On Tue, 22 Apr 2014 18:55:15 +0200
> Aaron Zauner <azet at azet.org> wrote:
> 
>>> I wanted to ask if there has been any discussion why most cipher
>>> suites in the bettercrypto docs contain camellia.  
>> Yes, the last discussion can be found over here:
>> http://lists.cert.at/pipermail/ach/2014-April/thread.html#1164  
> 
> Okay, I don't see any convincing arguments, so I'll probably disable it
> on my servers soon.
> 
> Basically, my take on this is - especially since Heartbleed:
> The problem with uncommon algos and features is mainly not the crypto
> part. The problem is attack surface on implementations.

Yup.

> If we have algos laying around that are considered "probably secure,
> but not very interesting due to bad performance and low usage", I think
> this is risky. Because uninteresting code gets less reviews. I think
> it makes sense to just trim down uncommon features, because bugs can
> hide in unused feature code (as we've seen with heartbeat).

Yup.  Get it down to one.  That might be difficult at the moment because
of the EC v. RSA debate, but in the future...



iang



More information about the Ach mailing list