The microblog: 2023.10.06 11:02:01

2023.10.06 11:02:01 (Mastodon 111187730179118875, Twitter 1710248940484890938) from Daniel J. Bernstein:

For people who haven't had time to read the full analysis, here's something much shorter: I sent a message to NIST's mailing list spelling out how NIST's "40 bits of security more than would be suggested by the RAM model" claim fails a simple sanity check.