At 9:50 PM -0500 12/25/00, dmolnar wrote:
>On Sun, 24 Dec 2000, Eric Cordian wrote:
>
>> Perhaps next year will be better. I'm almost begining to feel
>> that Cryptology has achieved the status of a "Mature Science."
>
>It's my impression that mature sciences don't have the same kind of
>foundational or engineering problems cryptography does. We still see
>surprises about what a "definition of security" should be, even in the
>public-key setting where people have investigated such things for nearly
>20 years. Plus even when we figure that out, we'll still have to deal with
>the fact that the models used in theoretical crypto don't deal with some
>of the attacks possible in real life -- timing and power analysis come to
>mind. As does the van Someren and Shamir trick for finding keys because
>they look "too random."
Parts of cryptology are in math, e.g., number theory. And parts are
in economics. And parts are even in human psychology.
Some of the foundations are, of course, "mature"...and not very
exciting. The core of mathematical crypto is hardly frontier
mathematics. (Yeah, I suppose Dave and Eric and a few others could
make a case that there's some connection with the proof of Fermat's
Last Theorem, stuff about elliptic functions, etc. But we all know
that such connections are tenuous. Most of crypto still is built
around good old number theory, basically what has been known for
dozens of years, even centuries. Euler would not have had a problem
understanding RSA.)
The "far out" stuff of reputations, multi-player games, digital
money, etc., is much less-grounded in theory. More interdisciplinary,
more "fuzzy," more prone to hand-waving. Doesn't mean this this isn't
the interesting area, just means it's not as "foundational" as math
areas are. Reductionists who seek the rigor of a pure science often
end up throwing out what's interesting.
As many of us have noted over the years, and as Austin Hill recently
noted vis-a-vis the ZKS technologies, the status of these things is
roughly where mathematical ciphers ("pure crypto") were in, say,
1970. Some interest, some popularizations, some secret work at NSA
and related places, but no serious academic coverage.
By academic coverage I mean researchers studying weaknesses in
various kinds of data havens, digital currencies, reputation systems,
etc., in the same way that the "Crypto Conference" folks looked at
various ciphers. (And specific digital currency systems, for example.)
Crypto systems, using a mix of crypto tools, is only slowly taking
off. In fact, the focus keeps moving back to simple encryption,
depressingly enough!
Someday, more complex systems will be actually deployed.
An interesting way to look at such systems is to to think back to
many examples of engineered systems. Steel buildings, for example.
The "basic science" of steel, its strength and properties, was
basically well-understood a century ago. A bit of later science,
through understanding of things like martensitic transitioins and
dislocations, etc., happened. But most of foundational science was
laid a long time ago.
And yet buildings collapsed, engineered figured out new ways to bolt
together beams, and taller and taller buildings were erected.
Crypto systems will be a lot like that.
(And, as I have been saying for close to 10 years, the insurance
industry will be a driver of new approaches. Newer safes were bought
not because store and bank owners were "educated" about security (the
precise analogy to security today), but because insurance premiums
were lessened with better safes. Discounted present value, DPV,
speaks louder than all of the moralizing and lecturing.)
>
>It may be true that this year was a lull in "interesting" cryptographic
>research (I don't know if that's quite true), but it doesn't seem to be
>because too many problems are solved. Rather, there are lots of open
>problems left which no one seems to know how to solve...
I go further: the academic community is largely uninterested in, or
unmotivated by, or unable to get funding for, the "Cypherpunkish"
areas. Possibly this is because most fields are not
interdisciplinary, so a researcher is more likely to study a pure
math approach than to mix in economic/market issues.
(E.g., our "Hayekian" sensibilities make a lot of sense to nearly
every smart person who gets exposed to them, but such approaches
smack of voodoo economics, to coin a phrase, to many pure
researchers. I cite this is as just one facet of the issue. And, by
the way, the Hayekian approach fits right in with "building
skyscrapers," though not for the writing of papers about dislocation
propagation in high-tensile steels.)
In other words, it's time to get crypto out of the math and computer
science departments and put it in the engineering departments where
it belongs.
--Tim May
--
Timothy C. May [EMAIL PROTECTED] Corralitos, California
Political: Co-founder Cypherpunks/crypto anarchy/Cyphernomicon
Technical: physics/soft errors/Smalltalk/Squeak/agents/games/Go
Personal: b.1951/UCSB/Intel '74-'86/retired/investor/motorcycles/guns