[PATCH] sm3: implement SM3 hash algorithm

Andre Amorim andre at amorim.me
Fri Oct 20 11:25:17 CEST 2017


On Tue, 17 Oct 2017 20:48, r030t1 at gmail.com said:

> >This is not xenophobia. The algorithm is suspicious and looks like it is
> >backdoored.

>May I suggest that you take your concerns to cryptography [1] so that we
>have a public record of them?  In contrast to gcrypt-devel many
>cryptographers are reading cryptography at .


>Shalom-Salam,

 >--Werner

Indeed.I will borrow Bruce Schneier's quote on his book

"Cryptography Engineering: Design Principles and Practical Applications"

In this field, we make a very strict distinction between attacking somebody's
work and attacking somebody personally. Any work is fair game. If somebody
proposes something, it is an automatic invitation to attack it. If you break one
of our systems, we will applaud the attack and tell everybody about it.2 We
constantly look for weaknesses in any system because that is the only way to
learn how to make more secure systems. This is one thing you will have to learn:
an attack on your work is not an attack on you. Also, when you attack a system,
always be sure to criticize the system, not the designers. Personal attacks in
cryptography will get you the same negative response as anywhere else

Shalom-Salam
--Andr{`'{e}}





[1] This is cryptography at metzdowd com (formerly known as the
coderpunks list)

On 19 October 2017 at 12:43, Werner Koch <wk at gnupg.org> wrote:
> On Tue, 17 Oct 2017 20:48, r030t1 at gmail.com said:
>
>> This is not xenophobia. The algorithm is suspicious and looks like it is
>> backdoored.
>
> May I suggest that you take your concerns to cryptography [1] so that we
> have a public record of them?  In contrast to gcrypt-devel many
> cryptographers are reading cryptography at .
>
>
> Shalom-Salam,
>
>    Werner
>
>
>
> [1] This is cryptography at metzdowd com (formerly known as the
> coderpunks list)
>
> --
> Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
>
> _______________________________________________
> Gcrypt-devel mailing list
> Gcrypt-devel at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gcrypt-devel
>



More information about the Gcrypt-devel mailing list