
One man wrote all your next-gen crypto - dsl
http://www.metzdowd.com/pipermail/cryptography/2016-March/028824.html?
======
api
The main reason this cites is correct: Bernstein's algorithms are simpler and
easier to implement correctly than RSA, DSA, or even AES. They're smaller in
code, easier to port, and easier to understand.

Barring major problems with the algorithms, their simplicity also makes them
inherently more secure. Complexity is anathema to security-- complex code is
hard to audit, hard to understand, and has more "bug surface area." Bernstein
himself calls this "boring crypto": the use of simple easy to understand
constructions in simple predictable and easily auditable ways.

