Some of you who know me personally may know that I had been working on a research project in Elliptic Curve Cryptography (ECC). This posting is discussing an article “The uneasy relationship between Mathematics and Cryptography”, from which this post got its name, published by the “Notices of the AMS” written by Neal Koblitz~the one who first proposed ECC. You can download this publication for free at AMS website, just google Notices of the AMS to get there. The first part of this article discussed how beneficial the cooperation between mathematicians and cryptographer. The second part examined the different expectations and culture clash that occurred and became downsides in this cooperation. I will point out several of the latter in this writing.
1. For the sake of funding, many mathematicians portraying their research as being somehow related to cryptography.
|“||… sent me a large proposal to review from a group that was led by a prominent mathematician who claimed that the proposed research would be important for cryptography. After reading the project description, it was clear to me that (1) the proposal was strong from a mathematical standpoint, and (2) they didn’t know beans about cryptography.||”|
2. Cryptographer often want to “prove” that their system is secure. However, sometimes mathematicians feel that the use of the term “proof” here is intimidating and mathematically incorrect. Many mathematical results that was considered a proof that guarantee security in actuality can only be used to argue that the system is secure. IMHO, this is also true for many stuffs other than security.
|“||There are two unfortunate connotations of “proof” that come from mathematics and make the word inappropriate in discussions of the security of cryptographic systems.||”|
|“||… it is fallacious to use an asymptotic result as a practical guarantee of security. Rather, one needs to perform a detailed analysis using realistic ranges for the parameters.||”|
I am glad I read this article long ago.. The thing is, my research team also faced these problems similar to these two~none as severe as those explained in the article thankfully. In my case, the one similar to 1, I “actually started with problems from cryptography” (so it’s not only the matter of money :p). As days passes by though, my work somehow is becoming more fun (mathematically) and becoming more useless (cryptographically). Well, in the end, accidentally my friend Fajar and I stumbled upon some concepts from chip designing where our results can be of some use 😀 But yeah, what we consider attractive for us mathematicians may not be attractive for cryptographers and vice versa. While, at the same time, we know we always easily plunge into what we consider more attractive.
What similar to 2 is that, at first, cryptographers in our team also desired that we mathematicians can show them that:
this cryptosystem is safer than that by proving A.. or
that method is computationally faster than this by deriving B..or
the new algorithm is more efficient than the old one by computing C
Because if it’s mathematically proven then it, as a theorem, is a very strong basis for a result. Unfortunately, even proving those may not be able to guarantee the results. Take for example, algorithm X’s running time is exponential while algorithm Y’s is polynomial. Do you think algorithms Y faster than X? Think again.. Yes, Y will eventually be faster than X indeed. But how eventual is this? Is this eventual even practical? I am very glad these research partners of us were really understanding about this when we explained it.
I am writing this article while remembering my good time together with Bu Intan Alamsyah, Pak Budi Rahardjo, Bu Marisa Paryasto, Pak Ahmad Muchlis and Fajar Yuliawan. Hope we can always handle such downsides other people felt with such positivity we had (we never even really saw them as downsides right?). I am taking my leave for now :cry:, looking forward to more cooperations with you fellows in the future.