Re: the wisdom of crypto "challenges" (was Re: $100,000 reward)

Matt Blaze (mab@research.att.com)
Mon, 22 Jun 1998 21:59:15 -0400

• Next message: Julian Assange: "Re: snake oil"
• Previous message: Bruce Schneier: "Re: the wisdom of crypto "challenges" (was Re: $100,000 reward)"
• In reply to: Matt Blaze: "Re: the wisdom of crypto "challenges" (was Re: $100,000 reward)"
• Next in thread: Perry E. Metzger: "Re: the wisdom of crypto "challenges" (was Re: $100,000 reward)"
• Reply: Perry E. Metzger: "Re: the wisdom of crypto "challenges" (was Re: $100,000 reward)"
• Reply: Bruce Schneier: "Re: the wisdom of crypto "challenges" (was Re: $100,000 reward)"

cmcurtin@interhack.net writes:
> >>>>> "mab" == Matt Blaze <mab@research.att.com> writes:
>
> mab> Why waste should we
> mab> waste our time on, and give undeserved credibility to, crackpot
> mab> challenges when there's so much interesting work to do right now?
>
> You raise many good points. But I would like very much to play the
> Devil's Advocate, if I may. I'm not entirely convinced that ignoring
> the crackpots is always the best way to deal with them.
>
[...]

Oh, I agree, it's not at all obvious how to best respond to the
crackpots. But I don't think playing by the rules of these
"challenges" is the right answer. Although it may be satisfying to
give a charlatan his or her due by claiming a reward, every
time one of these challenges is taken seriously enough to attract
attention, we (as a community) send an implied message that any cipher
systems for which the reward hasn't yet been claimed are somehow "OK".

Ultimately, the reason we should ignore these contests is that the
crackpots can produce challenges much faster than the world can solve
them. We (the cryptologic community) need to be collectively clear
that these challenges don't prove a think, and in the long run, I
think the best way to do that is to resist the temptation to solve
them. Instead, we should ridicule them by asking why they're afraid
to be judged by long-established standards of analysis.

By the way, I don't think all crypto contests or challenges are
automatically bad or evil, only the "oh yeah? break this!" kind. For
example, Bruce Schneier ran a contest for his Blowfish cipher a couple
of years ago in which he rewarded (with cash and honor) the best
attack or analysis to appear in a given time period, whether or not
the result would mean that the cipher was "broken." This encouraged
genuinely useful, honest analysis. Similarly, the RSA factoring
challenges have encouraged the study of factoring algorithms, and have
helped to motivate some interesting theoretical and practical work.
On the other hand, even reputable companies sometimes play the
cipher-challenge game. I recall a year or two ago there was an IDEA
contest intended to boost confidence in that cipher by giving a reward
for finding a key given a small amount of plaintext and ciphertext.
Shame on them; they should know better.

-matt

• Next message: Julian Assange: "Re: snake oil"
• Previous message: Bruce Schneier: "Re: the wisdom of crypto "challenges" (was Re: $100,000 reward)"
• In reply to: Matt Blaze: "Re: the wisdom of crypto "challenges" (was Re: $100,000 reward)"
• Next in thread: Perry E. Metzger: "Re: the wisdom of crypto "challenges" (was Re: $100,000 reward)"
• Reply: Perry E. Metzger: "Re: the wisdom of crypto "challenges" (was Re: $100,000 reward)"
• Reply: Bruce Schneier: "Re: the wisdom of crypto "challenges" (was Re: $100,000 reward)"