At 9:50 PM -0500 12/25/00, dmolnar wrote:
On Sun, 24 Dec 2000, Eric Cordian wrote:
Perhaps next year will be better. I'm almost begining to feel that Cryptology has achieved the status of a "Mature Science."
It's my impression that mature sciences don't have the same kind of foundational or engineering problems cryptography does. We still see surprises about what a "definition of security" should be, even in the public-key setting where people have investigated such things for nearly 20 years. Plus even when we figure that out, we'll still have to deal with the fact that the models used in theoretical crypto don't deal with some of the attacks possible in real life -- timing and power analysis come to mind. As does the van Someren and Shamir trick for finding keys because they look "too random."
Parts of cryptology are in math, e.g., number theory. And parts are in economics. And parts are even in human psychology. Some of the foundations are, of course, "mature"...and not very exciting. The core of mathematical crypto is hardly frontier mathematics. (Yeah, I suppose Dave and Eric and a few others could make a case that there's some connection with the proof of Fermat's Last Theorem, stuff about elliptic functions, etc. But we all know that such connections are tenuous. Most of crypto still is built around good old number theory, basically what has been known for dozens of years, even centuries. Euler would not have had a problem understanding RSA.) The "far out" stuff of reputations, multi-player games, digital money, etc., is much less-grounded in theory. More interdisciplinary, more "fuzzy," more prone to hand-waving. Doesn't mean this this isn't the interesting area, just means it's not as "foundational" as math areas are. Reductionists who seek the rigor of a pure science often end up throwing out what's interesting. As many of us have noted over the years, and as Austin Hill recently noted vis-a-vis the ZKS technologies, the status of these things is roughly where mathematical ciphers ("pure crypto") were in, say, 1970. Some interest, some popularizations, some secret work at NSA and related places, but no serious academic coverage. By academic coverage I mean researchers studying weaknesses in various kinds of data havens, digital currencies, reputation systems, etc., in the same way that the "Crypto Conference" folks looked at various ciphers. (And specific digital currency systems, for example.) Crypto systems, using a mix of crypto tools, is only slowly taking off. In fact, the focus keeps moving back to simple encryption, depressingly enough! Someday, more complex systems will be actually deployed. An interesting way to look at such systems is to to think back to many examples of engineered systems. Steel buildings, for example. The "basic science" of steel, its strength and properties, was basically well-understood a century ago. A bit of later science, through understanding of things like martensitic transitioins and dislocations, etc., happened. But most of foundational science was laid a long time ago. And yet buildings collapsed, engineered figured out new ways to bolt together beams, and taller and taller buildings were erected. Crypto systems will be a lot like that. (And, as I have been saying for close to 10 years, the insurance industry will be a driver of new approaches. Newer safes were bought not because store and bank owners were "educated" about security (the precise analogy to security today), but because insurance premiums were lessened with better safes. Discounted present value, DPV, speaks louder than all of the moralizing and lecturing.)
It may be true that this year was a lull in "interesting" cryptographic research (I don't know if that's quite true), but it doesn't seem to be because too many problems are solved. Rather, there are lots of open problems left which no one seems to know how to solve...
I go further: the academic community is largely uninterested in, or unmotivated by, or unable to get funding for, the "Cypherpunkish" areas. Possibly this is because most fields are not interdisciplinary, so a researcher is more likely to study a pure math approach than to mix in economic/market issues. (E.g., our "Hayekian" sensibilities make a lot of sense to nearly every smart person who gets exposed to them, but such approaches smack of voodoo economics, to coin a phrase, to many pure researchers. I cite this is as just one facet of the issue. And, by the way, the Hayekian approach fits right in with "building skyscrapers," though not for the writing of papers about dislocation propagation in high-tensile steels.) In other words, it's time to get crypto out of the math and computer science departments and put it in the engineering departments where it belongs. --Tim May -- Timothy C. May tcmay@got.net Corralitos, California Political: Co-founder Cypherpunks/crypto anarchy/Cyphernomicon Technical: physics/soft errors/Smalltalk/Squeak/agents/games/Go Personal: b.1951/UCSB/Intel '74-'86/retired/investor/motorcycles/guns