And the goal-posts keep moving. You have to keep well-read and very objective.
You can say this about mainstream programming, but its a bit of a stretch. There is plenty of mainstream programming using the equiv to bubble sorts and nobody should care. You can get away with being a bad programmer.
Because the risks are higher, and you can't get away with being mediocre, is why crypto is hard.
PS: not a tarsnap user, but love your work and your thoughtful posts :)
People using bad algorithms is exactly the sort of thing I was thinking of. People write horribly broken code in every context; but instead of a bug making software slower than it should be, when an "equally dumb" bug happens in crypto code it probably reveals your keys.
A lot of crypto is unintuitive.
And the goal-posts keep moving. You have to keep well-read and very objective.
You can say this about mainstream programming, but its a bit of a stretch. There is plenty of mainstream programming using the equiv to bubble sorts and nobody should care. You can get away with being a bad programmer.
Because the risks are higher, and you can't get away with being mediocre, is why crypto is hard.
PS: not a tarsnap user, but love your work and your thoughtful posts :)