[Cryptography] What to put in a new cryptography course

[John Denker]

On 06/22/2016 09:33 PM, Phillip Hallam-Baker wrote:

> * Complexity is the enemy of security.

.... and quite a few others seem to agree.

However, I'd say that's true except when it's not true.

Here is a sentiment that has been expressed in various ways by 
Aristotle, Ptolemy, Ockham, Einstein, and innumerable others:

  _Make things as simple as possible, but not simpler._

I suppose in theory, /ceteris paribus/ simpler is better ...
but in reality the ceteris are almost never paribus.

Here's an example I know a little something about, namely random
number generators:
    The simple ones are not good, and
    the good ones are not simple.

A good one requires:
 -- fundamental physics
 -- electrical engineering
 -- computer programming
 -- mathematical cryptography
 -- practical security
 -- user interfaces
 -- explanation and education
 -- et cetera.

And (!) each one of those ingredients by itself has a fair bit
of complexity.

Insofar as the product is complicated, there are lots of ways it
might fail if you make a mistake ... but if you oversimplify
it, that's a mistake unto itself, and the thing will fail for
sure.

Crypto in particular and security in general demand attention
to detail.  Up to a point it helps to reduce the number of
details ... but even so, and the end of the day there still
remain a treeeemendous number of details.

Eliminating complexity is nice work if you can get it, but
the other 99% of the job revolves around inventing systematic
ways of /managing/ the complexity that remains.