On Sat, Apr 03, 2004 at 11:49:15PM +0100, Dave Howe wrote:
If you mean he gave a false assurance of the security of a product for a friend - why would he do that? I can't think of any of my friends who would want me to tell them sofware was secure if it wasn't.
...
I suppose that depends on his integrity and how much his reputation and skill would be worth to his employers if it became known that he gave false assurances - and it would only be a matter of time before some other cryptoanalyst found the fault he found and ignored.
Thanks for the opinions. Maybe I'll explain a little bit more about the background: As some already may have heard I'm in a legal dispute with a german University. I wrote a dissertation in 1998, and the supervisor announced to give a good rate. I then signed off from the job as an assistant effectively to the date of the examination. I didn't know that the supervisor and another professor had made a plan to implement a security infrastrukture for the faculty and to found a company, and that this plan included that I would do the work in the year after the examination. When I signed off, they couldn't fulfill the promises they gave to the faculty, and thus canceled the examination to extort me to stay at the university and do the implementation. I refused to pay that kind of "protection money" and thus they rejected my dissertation with false expertises. The advisor's expertise (who claims to be one of the world's top cryptographers) is just a concatenation of arbitrary nonsense, and wrong even in the basics of computer science. E.g. he claims that LZ and MTF would effectively compress just anything. As an example for the need to distinguish between payload and control information I said that when phoning, not only speech is to be transmitted, but also phone numbers and signals about termination of the connection. He rated this as completely wrong and giving wrong information, because phone numbers would be used with today's ISDN Telephones only. As the reason he gave an obituary in the London Times saying that Donald Davies had died. Or he blames me for not citing literature that hadn't been published when I submitted the dissertation. He claims that rate-distortion theory and shannon encoding allow to pack n+1 independant bits into a single message of n bits (even with small n or n=1. Just try to do it.). The second examiner said the dissertation would be completely wrong but denied to give any explanation. I filed a lawsuit. During the law suit, the university had informed me, that they would never accept me to succeed in the examination. They would abuse a gap in german examination law: courts are restricted to cancel bad or wrong examinations, but they cannot give a positive examination result. All they can do is to sentence the University to repeat the examination. The University informed me that they had decided that they do not wish me to work in science and thus I had to accept to fail in the examination. I would have to modify my dissertation and to include those mistakes the examiners had falsely claimed in order to confirm that their rejection was correct. If I do that I would be allowed to have a second try with a new dissertation and would receive a bad grade which would keep me out of science. If I do not agree, they announced to keep me in an endless loop of false expertises. Every single one will take me years to sue against. I refused that "deal". I won both at the administration court and the appelate administration court. The latter one found that the second examiner could never have read the largest chapter and didn't even open the pages of the dissertation. This was already sufficient to cancel the examination action. The University then retracted the action to avoid being sentenced. Obviously, this was an extreme disgrace for the University. The University had to give a new second expertise. If this expertise could not confirm what the first expertise said, that the dissertation was completely wrong, the advisor would face beeing fired, severe compensation claims, and the ultimate disgrace. Within less then two weeks the University managed to get a third rejecting expertise, this time from a professor outside Germany, who is indeed known as one of the top cryptographers and a member of the board of directors of the IACR. I filed a new lawsuit and could easily prove that this professor had intentionally given a wrong expertise (obviously to protect the supervisor from legal trouble): - He wrote the expertise in less than two days. - The expertise is less than a page. He does not give any reasons and claims that he cannot be expected to reason his expertise. Reasoning is a strong requirement under german law. - There is no "link" between the expertise and the dissertation. He obviously didn't read it. - He didn't find any single mistake. He just says that everything is already known and taken from literature. - He didn't bother to inform himself about the given problem, the legal requirements, and the available grades. That's a strong requirement in Germany. Obviously, if someone accepts to write an expertise and in advance knows that he won't need grades, then he knows that he will reject the dissertation before he has seen it. - And he erroneously assumed that the expertise would be kept secret. In Germany, the examinee has the right to get a copy of the expertise and raise objections. He was not aware of this and based his expertise on the assumption that nobody would see it. I then raised several technical and legal objections, and cited literature which explicetly stated that such subjects have not yet been published. - He then had to admit that he couldn't prove his statement that all this was known in literature, and that he raised this claim to reject the dissertation because he didn't like it. - He couldn't defend against any of my technical objections and citations. He is not even claiming that his expertise is correct, and obviously was completely surprised by the fact that I have access to his expertise (unlike the university where he is working, where they keep the expertises secret). - When I demanded to receive reasons, he denied that and stated that he would not agree with the requirent to reason an expertise. Instead, he had based his examination on an "international consensus" that would free him from the need to give reasons. He also stated that it would be illogical to require an examiner to give reasons for his expertise, because candidates could succeed with empty dissertations then. (???) So this expertise is just ridiculous and won't have any chance at a court, except that it will take me again years for the lawsuit. I then informed the IACR's board of directors and asked them whether an organization, where such a person can become a director can be trusted any longer in context of security and cryptography. Surprisingly, they were not even surprised. The fully tolerate this and even consider this as normal. It looks as if they consider this kind of expertise as kind of self-evident. To help a colleague and protect him from legal trouble seems to be much more important than giving correct and reasonable expertises. I discussed that with several friend and colleagues, all working in security and cryptography, and they were all shocked. Everyone would have bed that they would kick everyone out known to have given a false expertise. But they don't. Very similar with the supervisor and the former second examinor: It is more than obvious that both had given intentionally wrong expertises and were claiming technical nonsense. But everyone seems to silently accept this and to consider this as normal. When preparing for the lawsuit, I read several other dissertations in order to compare them. I found several of them to be really wrong or to contain nothing but citations from literature. One of these dissertations would never have been published if I hadn't asked for a copy. It was then published around two years after the examination and contained just citations from literature. So what I found is fraud, extortion, false expertises. But not a single one of those cryptographers burns. Maybe it's a minority writing false expertises. But it's a majority accepting that. So my doubt is not so much about that someone found the magic way to factorize. It's about someone intenionally selling snake-oil or backdoors and other's keeping their mouth shut and tolerate this as they do it here. I have three expertises proven to be intentionally wrong. One from someone who is known to have no clue about security. One from someone who is known as a cryptographer and once claimed to be one of the "top four". And one from someone who is a director of IACR. And no one cares about. Nobody told me I'd be wrong. Nobody doubted my claims, objections, and technical arguments. I could easily show that all of them have intentionally given wrong expertises. Some people even explicetely confirmed that my dissertation is correct and the expertises are wrong. This just doesn't matter in any way. Isn't that spooky? What kind of business is cryptography? regards Hadmut --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net [demime 1.01d removed an attachment of type application/pgp-signature]