Abstract
The history of cryptography from ancient times to the present is full of tales of blunders and oversights, typically occurring when an over-confident encryptor is outwitted by a patient and clever cryptanalyst. In contrast, mathematics (if properly peer-reviewed) is perfect. There is never error, because by definition one cannot prove a theorem if it is false. So in order to remove the contingent and subjective elements from cryptography there have been concerted efforts in recent years to transform the field into a branch of mathematics, or at least a branch of the exact sciences. In my view, this hope is misguided, because in its essence cryptography is as much an art as a science.
I will start by describing a setting (taken from a recent paper written with Alfred Menezes and Ann Hibner Koblitz) in which the conventional wisdom about parameter selection might (or might not) be wrong. Then I will illustrate the pitfalls of working in cryptography by giving a (far from exhaustive) survey of the many misjudgments I have made and erroneous beliefs I have had over the course of 25 years working in this field. I will then describe a few of the embarrassing moments in the history of “provable security”, which is the name of an ambitious program that aims to transform cryptography into a science.
Chapter PDF
Similar content being viewed by others
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Koblitz, N. (2010). Getting a Few Things Right and Many Things Wrong. In: Gong, G., Gupta, K.C. (eds) Progress in Cryptology - INDOCRYPT 2010. INDOCRYPT 2010. Lecture Notes in Computer Science, vol 6498. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-17401-8_1
Download citation
DOI: https://doi.org/10.1007/978-3-642-17401-8_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-17400-1
Online ISBN: 978-3-642-17401-8
eBook Packages: Computer ScienceComputer Science (R0)