On Mon, Sep 7, 2015 at 11:25 AM, Georgi Guninski <guninski@guninski.com> wrote:
This is also on popular? forums:
[0] https://news.ycombinator.com/item?id=10175284 [1] https://www.reddit.com/r/crypto/comments/3jumon/rfc2631_fips_1863_and_openss...
Comments in [0] suggest "formal verification".
The only hope to have a formal verification that extends also to algebraic properties, is to start from formal specifications. A top-down approach in stark contrast with the dynamic, agile, and pragmatic "ship, then test" paradigm [1] and the "don't worry, be crappy" mantra [2], repeated by entrepreneurs innovating the most. We need better security trade-offs. -- Alfonso [1] http://guykawasaki.com/the_art_of_boot/ [2] http://guykawasaki.com/the_art_of_inno/