Do Cryptographers burn?

Ian Grigg iang at systemics.com
Sat Apr 3 15:19:34 EST 2004 

Hadmut Danisch wrote:
> Hi,
> 
> this is not a technical question, but a rather
> academic or abstract one: 
> 
> Do Cryptographers burn?
> 
> Cryptography is a lot about math, information theory, 
> proofs, etc. But there's a certain level where all this
> is too complicated and time-consuming to follow all those
> theories and claims. At a certain point cryptography is based
> on trusting the experts. Is anyone here on this list who can 
> claim to have read and understood all those publications 
> about cryptography? Is anyone here who can definitely tell
> whether the factorization and discrete logarithm problems 
> are hard or not? Today's cryptography is to a certain degree
> based on trusting a handful of experts, maybe the world's top 100 
> (300? 1000?) in cryptography.


On a related note, this was one of the core premises
behind my paper on Financial Cryptography in 7 Layers.
The notion was that building systems involving the
two key words, finance and crypto, had almost always
failed due to great gaping holes, that amounted
to the designers ignoring one or more disciplines.

In that paper I attempt to map out all the core
areas that are "must dos".  I don't think it's
possible to cover *all* the fields to a professional
level, one would likely need 3 or 4 degrees to do
it.  E.g., within crypto and software, two of the
disciplines that are common on this group, there are
very few people who can crossover and seriously
contribute to the other discipline.  I know of a
handful (and wouldn't include me, as my crypto
knowledge is very basic).

Yet the challenge remains that all these things need
to be considered in an FC application.


> Does this require those people to be trustworthy?


No, it requires their contribution to be simple
and verifiable.  If the crypto goes beyond the
half dozen basics (Hashes, PK, SK, ...), then its
viability reduces rapidly, as the programmers
and others in higher layers will have trouble
dealing with it.


> What if a cryptographer is found to intentionally have given a false
> expertise in cryptography and security just to do a colleague a favor,
> when he erroneously assumed the expertise would be kept secret? Would
> such a cryptographer be considered as burned? Wouldn't he give more
> false expertises once he's getting paid for or asked by his government?


It's much much more likely that when a perfect
crypto algorithm is mated to a perfect protocol
and then mated to a perfect algorithm, the result
is swiss cheese.  That is, errors at the borders of
disciplines are a more likely error.

Security is a top-to-bottom
requirement, and integration is key.  That's why
a complex system is not a good idea, because you
can't mate it into any usable app without breaking
the complex and hidden assumptions.

iang

PS: http://iang.org/papers/fc7.html
_Financial Cryptography in 7 Layers_,
Conference in Financial Cryptography, Feb 2000,
Proceedings are in

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list