Some criticisms also apply to Koblitz's paper, but I couldn't fit them in the context of the drive-by shooting above. Here's one:
Maybe mathematics is so conveniently peaceful as to support an academic tradition, but why is it that on the first page, he waxed longingly and generously on the invention of public key cryptography, but without mentioning the authors of the paper? He might say that Diffie and Hellman did not include any mathematics in their paper, but I say "tosh!"
Posted by Iang at September 9, 2007 11:16 AMHey,
I have noticed that your blog doesn't read right on my Feed Reader . There are no space, no block divisions etc., its just one long paragraph. Maybe you could fix that?
Regards,
duryodhan
Thought the following would be of (some?) interest.
"Someone writes in with the following question:
I've been studying Information Technology risk for some time now and so your work is of great interest. In IT risk we have several problems that a Bayesian approach would seem to help us address. Namely:" Further in the link.
http://www.stat.columbia.edu/~cook/movabletype/archives/2007/09/bayes_and_risk.html
Posted by Darren points to risk at September 11, 2007 10:33 AMI enjoyed Koblitz's personal perspective on the fast paced cryptography "development" as part of computer science a lot. But that doesn't necessarily mean that he's right in every way.
> > As perhaps everyone knows, it's mostly about money, and Koblitz
> > identifies several threads:
> > * bandwagon effect
True, it's difficult to restrain yourself from profiling and selling your work to the industry when strapped for research funds.
> > * NSA-supplied money
Bof, US-specific situation. The crypto world is bigger than work done in the US alone.
> > * "the power that an aura of mathematical certainty can have over
> > competitive solutions" a.k.a. provable security
Sigh, mathematicians appear to beter salespeople than one would expect. Well, if you want to fool yourself, go ahead.
> > * the unfortunate effect of computer science on cryptography
> >
> > We've certainly seen the first three, and Koblitz disposes of them
> > well. Definately well recommended reading.
- snip -
> > the number of things that can go wrong far exceed the numbers of
> > cryptographic friends on the planet, we would generally suggest that
> > computer scientists should write protocols, so as to avoid the
> > Alice-Bob effect.
Well, that is interesting as I agree completely with you. But as I wrote above, Koblitz's outlook is limited. There is interesting research going taking the problems with the Dolev-Yao abstraction at the horns!
Look for recent work by Backer, Pfitzmann and Waidner. This team recognizes the neglect of the lower levels of a protocol representation and instantiation.
For example the Dolev-Yao abstraction can't deal with the peculiarities of an XOR as encryption function as it crosses from abstractions to the actual bit representation of protocol message instances.
Therefore Koblitz's generalisation is not completely warranted. Besides the intrepid trio BPW themselves say that they are just beginning and don't claim to have solved the problem (as good researchers should do to protect their jobs and funding ;-)
> >
> > Just to square that circle with yesterday's post, it is OK to talk
> > about Alice-Bob protocols, in order to convey a cryptographic idea.
> > But it should be computer scientists who put it into practice, and as
> > early as possible. Some like to point out that cryptography is
> > complex, and therefore you should employ cryptographers for this part.
> > I disagree, and quote Adi Shamir's 3rd misconception. Eventually your
> > crypto will be handled by developers, and you had better give them the
> > simplest possible constructions they can deal with.
ok
I wish I had the time to respond to the remainder.
Oh boy I wish I had the time to write so much text ;-)
May my comments will be continued, if I'm granted time.
Posted by Twan at September 11, 2007 04:41 PMThe habit of academic papers to cite only other academic papers is a huge problem, similar to the tendency of patents to only cite other patents.
The excuse in both cases is that writers need some way to prune their research. With Google is that any longer a viable excuse?
Of course, blogs often don't cite the academic papers or anything else they are based on, so the problem is mutual.
Posted by nick at September 20, 2007 09:58 PM