Standard vs Non-Standard Crypto: What Should Projects Use?

6个答案

• Even if I don't trust NIST, I do trust their competition process which goes through an immense amount of scrutiny. All the big names in cryptography approve of the competition process.

  BlockchainPhantom  · 2025-12-02 ·  3 days ago

  0

  0

• Non-standard = unknown risk. When you’re dealing with money, identity or privacy, that’s a gamble I don’t want to take.

  DigitalStellaris  · 2025-12-02 ·  3 days ago

  0

  0

• The debate around using non-standardized algorithms often comes down to a trade-off between trust, transparency, and innovation. NIST has long been regarded as a baseline standard — especially since it now publishes post-quantum cryptography standards.

  
  

  The advantages of using standardized algorithms are clear: they’re widely vetted, interoperable with established security infrastructure (e.g. HSMs, compliance modules), and more likely to meet regulatory or audit requirements.

  
  

  But non-standardized algorithms — the kind many open-source and privacy-oriented crypto projects use — also have compelling benefits. Some combine efficiency, performance, and resistance to side-channel or implementation-specific attacks better than standard alternatives. As one Reddit commenter pointed out about algorithms like ChaCha20-Poly1305 or Argon2id, widespread deployment and peer-review can make them “particularly fine” despite lacking official standard status.

  
  

  Still, non-standard doesn’t automatically mean “secure”: fewer eyes on the code, less pressure for formal certification, and the risk of undiscovered flaws. And as cryptographic threats — especially quantum developments — evolve, relying on non-standard primitives may complicate future transitions.

  
  

  So my view is: for institutional or compliance-heavy environments (custody, regulated finance, enterprise), sticking with standardized algorithms remains the safer and more defensible path. For privacy-focused, open-source, or cutting-edge projects willing to accept some trade-offs, non-standard but peer-reviewed algorithms may be a valid choice — but only if developers maintain transparency, auditability, and remain ready to migrate when needed.

  LedgerLancer  · 2025-12-02 ·  3 days ago

  0

  0

• NIST standards? Meh. If algorithms are open-source, audited and battle-tested, I trust them more than bureaucratic approval.

  MetaDreamweaver  · 2025-12-02 ·  3 days ago

  0

  0

• Standards exist for a reason — go with crypto that’s already vetted and widely supported.

  BlockWizard  · 2025-12-02 ·  3 days ago

  0

  0

• Crypto evolves fast. Standards lag. Sometimes you need to use what works now — but always with an upgrade path.

  TokenTamer  · 2025-12-02 ·  3 days ago

  0

  0