undefined | Better HN

0 pointsmsla2y ago0 comments

The problem with developing your own cryptography is that it's easy to make something you can't crack but which has holes an experienced cryptographer could drive a bus through. A false sense of security is worse than no security at all. Plus, of course, most people who claim to have a Bold New Encryption Algorithm are selling the absolute worst kind of snakeoil, like XORing the input with a single fixed-length key over and over again, because they know most of their victims will be even less knowledgeable than they are. The outright frauds poison the make-your-own cryptography field for the honest ignoramuses.

The field isn't closed off, either. It's just founded on mathematics that's beyond what the average untrained or semi-trained person reaches, especially the ones who feel entitled have Big Opinions on the subject. However, if some can't grasp the mathematical underpinnings of contemporary cryptography, their opinions of how cryptography ought to be done are worth less than nothing. Mathematics isn't a democracy, ignorance doesn't get a vote.

0 comments

5 comments · 3 top-level

keepamovin2y ago· 2 in thread

This is the old Schneier textbook defense that anyone can make a cipher they themselves can’t break, therefore don’t try, yet doesn’t hold water here.

Not that it’s not true when applied to a certain group of oil de serpenthe salesmen, or to noobs making toys, but it obfuscates the reality of outsider talent by unhelpfully conflating complete frauds with budding learners with enthusiastic amateurs with experienced amateurs.

And reinforces the notion of a priest class, upon which amateurs, encountering the same, should abandon their labors and despair.

It’s also a surprisingly hostile way to treat interested budding cryptanalysts and cryptographers. It is a kind of hazing designed not to forge bonds but verily to discourage.

As in: We only want insiders creating crypto and there’s a reason for that; and in the main it’s not about protecting against flawed security; in fact, this reason is about protecting our ability to break.

Protecting this crucial vital main and security mission of the high priests at the top of this hierarchy (who, nevertheless veil their faces in the shadows: the mages’ hood) is the reason for the weird, captured nature of this field.

And because this little aphorism comes from The Book of Bruce, none dare question for fear of being tarred a heretic and cast out. Luckily, for me, an outsider has no such fear: being already on the outside. And hence is revealed a weakness of the little system of forced organization.

Aside from that, such discouraging attitudes and aphorisms, obscure the fact that analyzing new primitives is difficult.

And they conceal the truth that, it’s not so much that tech created by amateurs has no merit, it’s that it may. And this maybe, makes the job that much harder for the code breakers; the mages; The “surveillance state” that this posted HN article, under which I am adding this comment, rails against.

The code mages would much rather everyone stick to a predefined set of spells that follow the designated parameters of good sense and civility, which i suspect coincides not a small amount with the technical exploitation window of the secret code breakers. Indeed some are secretly designed to be broken: one way designs, unbreakable, unless you possess the kernel, upon which a more elaborate design was scaffolded for release. The designer-in-secret retains the secret kernel.

It seems I’ve had to be more direct than I’ve initially desired to explain my point.

It’s hard to do cryptanalysis, and the experts who do it have limited resources, so they don’t want to have to deal with a deluge, so they architect an academic culture empowered with these cutsie aphorisms to further those ends, as well as capture, guide, curtail and direct the fields search from the shadows. Coercive funding withholding is but one means. The strongest is a culture and acolytes with a fanatical devotion to the orthodoxy that sustains this control.

I understand the complexity of the balance that needs to be struck, but i think with these deceptively closed and captured fields, we all lose out.

At least nuclear secrets is open about just how closed it is and why: it’s a weapon a small club of states wield, and no one else.

Crypto in reality is the same. It’s a shield wielded by the state, not by the public. The public gets, not security nor privacy, but what the regulator deems them safe to have.

This situation cannot be admitted because it dispels the illusion that the field is open and not captured. And also the illusion of privacy and security not being monopolized by the state.

I’m not sure of the exact best balance, but I don’t think the current system is the best.

Perhaps a better balance is crypto being more like nuclear secrets, where it’s open about how closed it actually is rather than deceptively, in the vein of the snake oil salesman, posturing a security that is not, in fact, delivered.

If not ignored this notion will, unfortunately, provoke, understandably, furious reactions from both those who depend on the belief and the security, as well as those in the captured industry, who would rail against it, but cannot do so, thus turn their frustrated expression towards any who expose their embarrassing constraint.

I have no vested interest either way, except in the good of everybody…and I think it’s high time for this discussion to be advanced in a better direction. Government transparency, and accountability depends on clarity with, and consideration towards, the public who depend on them.

pravus2y ago

> And reinforces the notion of a priest class, upon which amateurs, encountering the same, should abandon their labors and despair.

The priests are mathematical algorithms and their judgements are based purely on the ability of candidate algorithms to perform at the current standard or higher. There are no "code mages" in crypto. Anyone is free to contribute.

What you need to understand as an amateur coming into the field is that there are already rigidly tested standards that people depend on and have spent many, many hours thinking very critically about to ensure they are mathematically sound. At this point there are extremely high expectations for minimum levels of entropic distribution.

This is not an art project. New ideas must absolutely perform at a higher standard before anyone will even consider it. You are competing with what exists today and it will be 100% on you to prove that you are setting a higher standard. Everyone will follow you if you can prove this, I assure you.

keepamovin2y ago

That’s not really true, the priests are people.

This confuses (or may just respond to only one of) two things I’m saying: field is kept artificially weakened by the priests; and new designs by outsiders are deliberately kept out. These are connected.

What you’re talking about it seems is just genuine competence and performance. I’m fine with that. I’m okay to compete. But it’s not just competition we’re dealing with, it’s artificial bias, designed to keep the field weak.

With crypto hashes it’s more than just entropy: there’s many hashes that sit at the top of good entropy performance regarding smhasher results, but that’s not enough for crypto: you need analysis. And for analysis you need experts.

But if i was worried about just competing on performance, which I’m not (many of my hashes have excellent entropy results), then your piece world be encouraging, it’s a good pep piece! Well done!

1 more reply

eru2y ago

Oh, and even trained mathematicians have a hard time coming up with good new cryptographic primitives. Many of the candidates fail.

russfink2y ago

We call such a system “secure against the chosen cryptanalyst.”

j / k navigate · click thread line to collapse