Do Cryptographers burn?

Hadmut Danisch hadmut at danisch.de
Sun Apr 4 10:53:36 EDT 2004 

On Sat, Apr 03, 2004 at 11:49:15PM +0100, Dave Howe wrote:
> 
> If you mean he gave a false assurance of the security of a product for a
> friend - why would he do that? I can't think of any of my friends who would
> want me to tell them sofware was secure if it wasn't.
...
> I suppose that depends on his integrity and how much his reputation and
> skill would be worth to his employers if it became known that he gave false
> assurances - and it would only be a matter of time before some other
> cryptoanalyst found the fault he found and ignored.


Thanks for the opinions.

Maybe I'll explain a little bit more about the background:

As some already may have heard I'm in a legal dispute with a
german University. I wrote a dissertation in 1998, and the supervisor
announced to give a good rate. I then signed off from the job as an 
assistant effectively to the date of the examination. I didn't know
that the supervisor and another professor had made a plan to implement 
a security infrastrukture for the faculty and to found a company, and
that this plan included that I would do the work in the year after the
examination. When I signed off, they couldn't fulfill the promises
they gave to the faculty, and thus canceled the examination to extort 
me to stay at the university and do the implementation. I refused
to pay that kind of "protection money" and thus they rejected my 
dissertation with false expertises. 

The advisor's expertise (who claims to be one of the world's top
cryptographers) is just a concatenation of arbitrary nonsense, and
wrong even in the basics of computer science. E.g. he claims that LZ
and MTF would effectively compress just anything. As an example for
the need to distinguish between payload and control information I said
that when phoning, not only speech is to be transmitted, but also
phone numbers and signals about termination of the connection.  He
rated this as completely wrong and giving wrong information, because
phone numbers would be used with today's ISDN Telephones only. As the
reason he gave an obituary in the London Times saying that Donald
Davies had died. Or he blames me for not citing literature that hadn't
been published when I submitted the dissertation. He claims that
rate-distortion theory and shannon encoding allow to pack n+1
independant bits into a single message of n bits (even with small n or
n=1. Just try to do it.). 

The second examiner said the dissertation would be completely wrong
but denied to give any explanation. I filed a lawsuit.

During the law suit, the university had informed me, that they would
never accept me to succeed in the examination. They would abuse a gap
in german examination law: courts are restricted to cancel bad or
wrong examinations, but they cannot give a positive examination
result. All they can do is to sentence the University to repeat the
examination. The University informed me that they had decided that
they do not wish me to work in science and thus I had to accept to
fail in the examination. I would have to modify my dissertation and to
include those mistakes the examiners had falsely claimed in order to
confirm that their rejection was correct. If I do that I would be
allowed to have a second try with a new dissertation and would receive
a bad grade which would keep me out of science. If I do not agree,
they announced to keep me in an endless loop of false
expertises. Every single one will take me years to sue against. I
refused that "deal".

I won both at the administration court and the appelate administration
court. The latter one found that the second examiner could never have 
read the largest chapter and didn't even open the pages of the
dissertation. This was already sufficient to cancel the examination 
action. The University then retracted the action to avoid being
sentenced. 

Obviously, this was an extreme disgrace for the University. The 
University had to give a new second expertise. If this expertise could
not confirm what the first expertise said, that the dissertation was
completely wrong, the advisor would face beeing fired, severe
compensation claims, and the ultimate disgrace. 

Within less then two weeks the University managed to get a third rejecting
expertise, this time from a professor outside Germany, who is indeed
known as one of the top cryptographers and a member of the board of
directors of the IACR. I filed a new lawsuit and could easily prove
that this professor had intentionally given a wrong expertise
(obviously to protect the supervisor from legal trouble):

- He wrote the expertise in less than two days. 

- The expertise is less than a page. He does not give any 
  reasons and claims that he cannot be expected to reason his 
  expertise. Reasoning is a strong requirement under german law.

- There is no "link" between the expertise and the dissertation. 
  He obviously didn't read it.

- He didn't find any single mistake. He just says that everything is
  already known and taken from literature.

- He didn't bother to inform himself about the given problem, the
  legal requirements, and the available grades. That's a strong
  requirement in Germany. Obviously, if someone accepts to write an 
  expertise and in advance knows that he won't need grades, then he
  knows that he will reject the dissertation before he has seen it.

- And he erroneously assumed that the expertise would be kept secret. 
  In Germany, the examinee has the right to get a copy of the
  expertise and raise objections. He was not aware of this and 
  based his expertise on the assumption that nobody would see it.


I then raised several technical and legal objections, and cited
literature which explicetly stated that such subjects have not yet
been published.

- He then had to admit that he couldn't prove his statement that all
  this was known in literature, and that he raised this claim to
  reject the dissertation because he didn't like it.

- He couldn't defend against any of my technical objections and
  citations. He is not even claiming that his expertise is correct,
  and obviously was completely surprised by the fact that I have
  access to his expertise (unlike the university where he is working,
  where they keep the expertises secret).

- When I demanded to receive reasons, he denied that and stated that
  he would not agree with the requirent to reason an
  expertise. Instead, he had based his examination on an "international
  consensus" that would free him from the need to give reasons.

  He also stated that it would be illogical to require an examiner to
  give reasons for his expertise, because candidates could succeed
  with empty dissertations then. (???)



So this expertise is just ridiculous and won't have any chance at a
court, except that it will take me again years for the lawsuit.

I then informed the IACR's board of directors and asked them whether
an organization, where such a person can become a director can be
trusted any longer in context of security and cryptography.

Surprisingly, they were not even surprised. The fully tolerate this
and even consider this as normal. It looks as if they consider this
kind of expertise as kind of self-evident. To help a colleague and
protect him from legal trouble seems to be much more important than
giving correct and reasonable expertises.


I discussed that with several friend and colleagues, all working in
security and cryptography, and they were all shocked. Everyone would
have bed that they would kick everyone out known to have given a false
expertise. But they don't. 

Very similar with the supervisor and the former second examinor: 
It is more than obvious that both had given intentionally wrong
expertises and were claiming technical nonsense. But everyone seems to 
silently accept this and to consider this as normal. 

When preparing for the lawsuit, I read several other dissertations in
order to compare them. I found several of them to be really wrong or
to contain nothing but citations from literature. One of these
dissertations would never have been published if I hadn't asked for a
copy. It was then published around two years after the examination and
contained just citations from literature. 

So what I found is fraud, extortion, false expertises. 

But not a single one of those cryptographers burns.

Maybe it's a minority writing false expertises. But it's a majority
accepting that.

So my doubt is not so much about that someone found the magic way to
factorize. It's about someone intenionally selling snake-oil or
backdoors and other's keeping their mouth shut and tolerate this as
they do it here.

I have three expertises proven to be intentionally wrong. One from
someone who is known to have no clue about security. One from someone
who is known as a cryptographer and once claimed to be one of the "top
four". And one from someone who is a director of IACR. And no one
cares about. Nobody told me I'd be wrong. Nobody doubted my claims,
objections, and technical arguments. I could easily show that all of
them have intentionally given wrong expertises. Some people even
explicetely confirmed that my dissertation is correct and the
expertises are wrong. This just doesn't matter in any way.

Isn't that spooky? What kind of business is cryptography?


regards
Hadmut

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list