The microblog: 2021.09.09 22:32:18

2021.09.09 22:32:18 (1436064945796370443) from Daniel J. Bernstein, replying to "azet (@a_z_e_t)" (1436045030976798721):

An expert's mental model says that unbroken algorithms A,B,C,D,E have chance 90%, 10%, 20%, 80%, 60% of being secure. This is incredibly useful information. You think the expert wants to be subjected to idiots years later saying "E was broken and you said it was probably safe"?

2021.09.09 22:38:34 (1436066522754011140) from Daniel J. Bernstein:

Force the expert to publicly explain the selection of A? You won't hear the 90%; you'll hear a selection of objective praise for A, things that should have been published earlier. Say that, no, we really want to hear the percentage? You'll end up with a committee of non-experts.


2021.09.09 18:44:44 (1436007677121998853) from "azet (@a_z_e_t)", replying to "azet (@a_z_e_t)" (1436003647985422346):

"Forcing the committee to publish analyses would have discouraged participation, taking resources away from the core job of making judgment calls beyond published analyses." to the best of my knowledge nothing about these judgement calls is public.

2021.09.09 20:46:51 (1436038406258118672) from Daniel J. Bernstein, replying to "azet (@a_z_e_t)" (1436007677121998853):

Did you read the paragraph you're quoting? CAESAR made all this clear at the beginning: we want public analyses, and for the necessary judgment calls we have a committee of top experts. Eliminating the "committee will not comment" rule would have meant not having the top experts.

2021.09.09 20:53:03 (1436039968812638212) from "azet (@a_z_e_t)":

I just don't get why this needs to be mutually exclusive. if you don't want the committee opinions to affect public analysis or contributions it's possible to make them available afterwards in an agreeable format for the public. ok CAESAR choose not to do so. but what's the harm?

2021.09.09 21:13:10 (1436045030976798721) from "azet (@a_z_e_t)", replying to "azet (@a_z_e_t)" (1436039968812638212):

I'd understand saying this can't be public because of members ongoing research or proprietary knowledge but then this brings transparency issues. NSA also told NIST that they just know best and work in their interest.