On Thu, Dec 28, 2000 at 12:01:20PM -0500, Tim May wrote:
Probably the most basic motivation Eric Hughes and I had for calling together a bunch of Bay Area folks in '92 was because, in a 3-day series of talks we'd had earlier in the spring, we concluded that a lot of academic crypto was ripe for conversion into "building blocks."
(Building blocks, protocols, modules, libraries...)
Well, we were half-right.
Tim, I've seen you mention this issue several times, but don't remember if I replied to it before. Being a library writer, I think the main reason there aren't a lot of higher-level building blocks in crypto libraries is that in order to use a higher level crypto, you have to understand it at a fairly low level and know how and why it works in terms of number theory and ciphers and hash functions. This is in contrast to lower-level building blocks like ciphers, where you don't really need to understand a cipher at the bit-twiddling level in order to use it. So you can't really treat higher-level crypto as black boxes. It's also hard to design interfaces to them so they plug in together nicely for all the different purposes you might want to use them for. Finally, if you do understand how they work and have a good low-level crypto library they're typically not hard to implement, espeically if you just want to implement them for a specific purpose and not as highly reusable components. So I think there are several good reasons why we don't have a high-level crypto library.