logoalt Hacker News

adrian_btoday at 6:19 PM0 repliesview on HN

He did not claim that ML-KEM is not fine.

The use of dual algorithms is without doubt the prudent decision for a transition period.

ML-KEM is still too new for anyone to be able to claim that no way to break it will be discovered in the next few years.

This is supported by the fact that one of the algorithms previously proposed for standardization has already been broken, which was a surprise.

Because ML-KEM is significantly more expensive than the current algorithm, using both does not increase much the cost.

The arguments of DJB are perfectly valid, which is why at the previous meeting most people have voted like him.

I know very well everything that DJB has published during the last 30 years, many of which have been important advances in cryptography. Some of his work has been very influential in the development of "post-quantum" cryptography and he was one of the main promoters of the idea that such cryptographic algorithms must be standardized ASAP.

Moreover, I have also run continuously on my servers, 24/7, for about a quarter of century, various programs written by DJB, which unlike the majority of the programs that I have ever seen, have done very well whatever they were intended to do, without ever needing any updates for security problems or other bugs. Very few programmers, even among the best, can present such a resume.

I do not believe that "crank" is the right word to describe DJB. It is true that he has distinguished himself by an unwillingness to accept compromises, even when he was for various reasons in opposition with the US government, but I do not think that this is crazy. On the contrary, I believe that the world is how it is right now precisely because most people go with the flow and they are eventually willing to accept almost anything when opposing that appears to be too difficult. Things would have been much better if there had been more such "cranks".