> the IOTA developers had written their own hash function, _Curl_
Did...did they intentionally name it curl, so that when you search for "Is curl secure?" you will find articles saying that curl - the widely used library - is secure, in the hope that people will confuse the two?
I know that you shouldn't assume malice when it can be explained with incompetence, but combined with some of the other points here, I can't help but feel that this was intentional.
To be very honest, when I first heard about IOTA, there was an article that had the phrase "the inventor of curl", I incorrectly assumed for a while that Daniel Stenberg was involved in the project.
I think the insecurity of their function was a mistake. I doubt they would deliberately code something that threw collisions and have a cover up plan that is basically name it curl and hope people get it mixed up with the real curl.
fwiw, was bored and exploring for the first time the (my God) toxic social timelines of these crypto coins and happened to end with IOTA and the story of the home grown hash function. Just posting what I just read about this topic and not an +/- either way on the topic at hand:
Sergey Ivancheglo (@Come-from-Beyond) claims the collisions were intentional and for the purposes of IOTA the hash merely had to be a one way function:
He addresses his base-3 number system design decision as well (by appealing to authority no less :)
> name it curl
In above he references Curl-P and the final letter (see his last gist) also explicitly asks that the MIT security blogger use the full name which she declined.
Kerl is Keccak I.E. SHA-3, the international NSA standard. They called it Kerl for fun in homage of Curl, which is still under active development with the absolute world-leading cryptographers of lightweight cryptography. Curl had to be invented to push LIGHTWEIGHT cryptography which is necessary for the Internet of Things. It's quite astonishing how much misinformation is spread around.
SHA-3 is not an NSA standard. It was invented by Guido Bertoni, Joan Daemen, Michaël Peeters and Gilles Van Assche who are researchers at various companies/universities and are from Italy and Belgium.
I am very curious about what 'LIGHTWEIGHT' cryptography is
defined as. I am also dubious about anyone that claims to have 'absolute world-leading cryptographers' since many strong cryptographers are quietly employed by intelligence agencies and most others are academics.
Also, since we are being pedantic, SHA-3/Keccak is an NIST standard, which is a federal agency of the United States.
I'm not an expert in the field, but there certainly have been efforts here and there to make "lightweight" crypto that needs little computational resources (and therefore battery power). One example would be KASUMI[0].
Did...did they intentionally name it curl, so that when you search for "Is curl secure?" you will find articles saying that curl - the widely used library - is secure, in the hope that people will confuse the two?
I know that you shouldn't assume malice when it can be explained with incompetence, but combined with some of the other points here, I can't help but feel that this was intentional.