Talk:Cryptography

Template:Featured article is only for Wikipedia:Featured articles. Template:Mainpage date

Cryptography: Computer science Unassessed

This article is within the scope of WikiProject Cryptography, a collaborative effort to improve the coverage of Cryptography on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.CryptographyWikipedia:WikiProject CryptographyTemplate:WikiProject CryptographyCryptography ??? This article has not yet received a rating on Wikipedia's content assessment scale. ??? This article has not yet received a rating on the importance scale. This article is supported by WikiProject Computer science.

Template:CryptographyReader Template:Todo priority

• /archive1 - February-May 2004
• /archive2 - Aug 2004-March 2006
• /archive3 - March 2006-June 2006

Congrats to the editors of this article for the FA status, Great work!--ppm 19:22, 3 July 2006 (UTC)[reply]

Someone run this through a spell check please. 134.193.168.251

someone needs to check this articles image in the top right corner. it displays both a crypto machine (the image it should be) and an adult nude image. If you refresh the page in ur browser or go back and forth from the main wiki page it will show up. seems someone's hidden one beneath the other. Sorry i didn't know where else to report this abuse. Hope it will be removed soon. — Preceding unsigned comment added by 62.254.72.122 (talk • contribs)

I'm back after an absence--congrats on reaching FA, and especially for the revisions of the early sections (intro and history), which are well done. I think we need some more coverage of crypto theory, both in this article and in Wikipedia in general. We have some beginnings but Wikipedia is still nowhere near as strong in this area as it is in (say) general math topics. There's not good reason for that--crypto theory isn't less comprehensible than, say, homology theory. I'll contribute what I can but I'm just a coder. I wish that the real experts here would get more involved in this area, and that more such people would join in. --Phr (talk) 06:33, 10 July 2006 (UTC)[reply]

Phr, I'd object to your self-characterization as being "just a coder". Coders of the world unite, for the world's embedded intelligence toys and other cyber stuff depends on us!!!

More seriously, the problem is not so much the incomprehensibility of crypto theory, it's in the application and vulnerability analysis. The engineering side, if you will. That requires a certain amount of twisted brain wiring, which isn't so common. Probably fortunately, as we cryptiacs are, to tell an uncomfortable truth a la EWD, usually just a little 'different' than the usual run of technical folk. The plenitude of crypto snake oil, not all of it from identifiably Bozo Crypto organizations either, argues that fuller understanding is rather more scarce on the ground than is an understanding of the underlying mathematics and source code. Even Bruce Schneier has come to the conclusion that mechanism is the lesser part of security; see his more recent books, save Practical Crypto which he and Ferguson think is sort of Applied Crypto updated.

All that said, I agree that more coverage of theoretical crypto would be a good thing. But, unlike maths, the surrrounding context (inescapable for serious accounts) is actually hard to convey without leaden prose, which WP should eschew. Non-trivial experience speaks here. Contingency, especially with regard to intention (something everyone has 'strong understanding' of, is quite hard to deal with. ww 15:27, 10 July 2006 (UTC)[reply]

I'm not sure what you mean. Rogaway and Bellare's book is pretty accessible to readers with a reasonable math background. It's a CS theory book, not an engineering book or security book. But anyone working seriously in cryptography has got to know this stuff, and WP's coverage is quite weak. We can't address problems in applying the theory unless we first know the theory. I have Practical Cryptography and am not all that impressed with it, by the way. Phr (talk) 11:06, 16 July 2006 (UTC)[reply]

Phr, Just noticed this, sorry. I agree with much of what you say, but note that WP is not an instructional book. We're not trying to 'address problems in applying the theory' here, just write up knowledge in a somewhat choppy form. So it's not a disaster if the theory isn't presented as a text would, especially since we're writing not for students but for the Average Reader I keep speaking up for.

You know, encyclopdias are a little weird. Chunks with little connection to others; WP improves on thiw with the linking business, but lets just anyone edit anything. Whcih leaves the informed on more or less permanent clean up detail.

As for PC, what's your objection? It seems to me to tell some unpleasant truths (a la EWD's famous note) in the context of some practical advice on design. You don't like the absence of theory? Or what? ww 04:39, 23 July 2006 (UTC)[reply]

In "History of cryptography and cryptanalysis" in reads in part "For instance, early Christians used cryptography to obfuscate parts of their religious writings to avoid near certain persecution they would have faced had they been less obscured; famously, 666, the Number of the Beast from the Christian New Testament Book of Revelation, is sometimes thought to be a ciphertext referring to the Roman Emperor Nero, one of whose policies was [1]persecution of Christians."

I do not believe this conforms to a Neutral Point of View. It clearly takes a side in one of the most fiercly debated books of the Bible, Revelation. For another view, see [[1]]. I propose that this section be deleted, unless in can be rewritten to conform to a Neutral Point of View. And if it can, I don't see the point of even mentioning a minority interpretation of a religious text in a non-religious article. Tmchk 03:23, 23 July 2006 (UTC)[reply]

Do you have a way to make it more neutral without delving into the subject deeply? How about if we said "to be a coded reference" instead of "to be a ciphertext referring to ..."? That is, if we just describe it as a ciphertext without getting into what it's a ciphertext of? Mangojuice^talk 04:02, 23 July 2006 (UTC)[reply]

As it says that some think this way, where's the NPOV? Some do in fact think this way. That others do not is true, but no claim is made here as the actual truth of the meaning meant by the writer. And, in any case, comeone has removed a note that an early variant text has 616, which is also generated by an alternate phrase for Nero. This article is taking no stance on any theological question, so I can't see a problem. All that said, this is an awkward sentence and should be rewirten. The 'famously' is wrongly placed. ww 04:27, 23 July 2006 (UTC)[reply]

That seems to work. Although, I still think the line "early Christians used cryptography to obfuscate parts of their religious writings" takes a theological stance, particularly the word "obfuscate", which means " 1. To deliberately make more confusing in order to conceal the truth[2]. Can that really be said to take a NPOV? This suggests that what the Bible says was deliberately altered to conceal the truth. Whether the Bible is the inspired Word of God to be taken literally or simply a collection of religious writings to be interpreted metaphorically is a theological question. I do think that the article can be rewritten, but how do we mention that "early Christians may have used cryptography to obfuscate parts of their religious writings"? Referencing early ciphertexts to show the progression of cryptography makes perfect sense, as long as they can be substantiated. But what is the reason for referencing the Bible? I know of no primary sources that would indicate that the Number of the Beast was a reference to Nero. Granted, there are many secondary sources, but if it was true that 666 refers to Nero, than why is it that those who believed so(assuming that there were those that believed so), contemporary to the time, just happen to leave no surviving record?Tmchk 03:13, 24 July 2006 (UTC)[reply]

Nothing against Rivest but we've credited the public-key concept to Diffie and Hellman; shouldn't we use their photos instead of Rivest's in that section? Phr (talk) 07:25, 10 July 2006 (UTC)[reply]

Sure, and we should find contrasting photos. Wild man Diffie, and button down Hellman. Anyone have any sources? But what about Williamson and Cocks and Ellis? ww 15:33, 10 July 2006 (UTC)[reply]

DH's contribution was first, but to be fair, Rivest is more important than either of them. However, the picture is a bit boring; I just added it during the WP:FAC b/c of some of the comments, and because we already had the picture and it had a free license. Mangojuice^talk 16:59, 10 July 2006 (UTC)[reply]

There are pictures of Diffie and Hellman in their articles. I think the Rivest picture just jarred me because it was overlarge. I removed the size tag so it shows up at the default size now, which looks better IMO (at least with my default settings). If I go to Crypto 2006, I can shoot some more pictures (D and H both usually attend). I don't see how Rivest is more important; if the RSA algorithm was never discovered or didn't work, we'd be fine; DH turns into a public key algo in the obvious way, and we'd presumably still get El-Gamal signatures a while later, or at worst we could sign with Merkle hash trees. Phr (talk) 22:08, 10 July 2006 (UTC)[reply]

Can we split that issue off into a separate article? E.g.:

Main article: cipher vs. cypher spelling controversy

which could have its own illustrations and subchapters? I really want to remove it from the cryptography overview article. It's just not significant. Phr (talk) 10:55, 16 July 2006 (UTC)[reply]

I really don't think so. Is it even a notable controversy? Some people are adherents of one, some of the other... isn't that the extent of it? I've altered the text so it just says "A cipher (or cypher)..." as the extent of covering this. It mentions the alternate spelling, I think the alternate spelling is important enough to mention, but this article is not about whether people use "cipher" or "cypher". Mangojuice^talk 12:35, 16 July 2006 (UTC)[reply]

Absolutely, it is one of the most vitally important questions of our time. There is going to be a UN resolution about it, I hear. Seriously, I was being facetious, I just thought we had taken the spelling thing out of the article before, and it reappeared and then grew. I just want to get rid of it altogether, but the current version is tolerable. Phr (talk) 18:42, 16 July 2006 (UTC)[reply]

Have to agree with you both. This is the most important Teapot Tempest with which I'm acquainted. But I agree with Phr, we've noted it, and that should be enough to alert our Reader to the whole thing. But perhaps a link to the Project page entry would be reasonable...? Nah...

On another note, Mango, I still haven't gotten my browser to behave and so am quite a good bit behind in looking at changes here. Appeal to technical help here has been unedifying. Perhaps a bug report? ww 20:20, 16 July 2006 (UTC)[reply]

What kind of browser probs? Phr (talk) 04:31, 17 July 2006 (UTC)[reply]

Basically, when looking at a diff, sometimes the width of one side or the other will be unreasonably long, which makes looking at the actual changes difficult. Yeah, maybe a bug report? But really, I don't think it's a bug; you'd be asking for a feature/improvement. Mangojuice^talk 14:34, 17 July 2006 (UTC)[reply]

Mango has it about right save that it's not so intermittent, and makes actually working near to impossible. Thi sis one of the articles it's happening with and it accounts for my having been effectively locked out of reviewing edits ans responding to them. Highly annoying. It's only begun to be common in the last few months, having been much less frequent before that. It's becoming unlivable when it occurs. Adn I haven't been able to make out a pattern sufficient for a responsible bug report. And it would be a bug, because the current satus of the feature is highly user hostile. So much so it's a misfeature (=bug). ww 20:26, 17 July 2006 (UTC)[reply]

See: http://bugzilla.wikimedia.org/show_bug.cgi?id=1438 - it may be one of the issues linked from there, and there are some workarounds described. Phr (talk) 23:28, 17 July 2006 (UTC)[reply]

Some notes on my edits today: (1) "cryptography/cryptology" is not analagous to "biography/biology;" I know of no real analagous example, so I took that part out. (2) removed steganography from the "in recent decades" list since that's also an ancient-times development, (3) rewrote the description of stream ciphers for accuracy, (4) removed the bit about Merkle working on PK encryption to a footnote; not that I doubt it, it's just that (a) there's no source for it and (b) this interesting trivia distracts from the flow. (5) I introduce elliptic curve cryptography a little earlier. (6) Removed the term "cillies" though I kept the link; the name is a little too intriguing, and disrupts the flow, but the example is still worth linking to. Otherwise, just minor phrasing and such. Tomorrow (7/22/06) this article will appear on the main page, so I wanted to do a check over and make sure there was nothing embarassing. Mangojuice^talk 15:58, 21 July 2006 (UTC)[reply]

Oh man, I didn't know about this main page appearance, I guess it's too late to get it postponed, there's really some significant changes I think we ought to do first. (tries to shake off stage fright). I think the biology analogy was strictly with cryptology, and didn't extend to cryptography/biography, but ok. I'll see what quick fixes I can make today. I wish there could have been more discussion beforehand about this main page thing. Phr (talk) 16:13, 21 July 2006 (UTC)[reply]

I too will try to make a last pass, though without much reference to prior posts because I'm still having 'compare' fun. I'll concentrate on small edits and won't change anything large. ww 16:19, 21 July 2006 (UTC)[reply]

Couple things I better ask first before doing: 1) I'd like to remove Cryptonomicon from the further reading section; it's a great novel but cryptography only slightly figures into it. I'm a little worried about that section turning into a spam magnet. 2) I'd like to replace the photo of Rivest in the public key section with one of Diffie and Hellman (I can make a composite image from the separate pics that are in the Diffie and Hellman biographies, so it would still be one thumbnail in the article). Let me know of any objections. Phr (talk) 17:09, 21 July 2006 (UTC)[reply]

I did the photo change. I also rewrote the first paragraph of the public-key section, which previously overstated things somewhat. But the new version maybe isn't strong enough. Please take a look. Phr (talk) 18:22, 21 July 2006 (UTC)[reply]

Actually Cryptonomicon is shot through with crypto (or odd takes on it) and mentions quite a few historical figures. In addition to inventing some. Not sure I'd call it a geat novel... I'd keep it, as spam magnitude is not something we can control at all. If something attracts bad posts, we can have an admin lock it down for a while. ww 18:49, 21 July 2006 (UTC)[reply]

Cryptonomicon should probably remain, as it was something that got added b/c of comments during the FAC process. :) But I also think it's appropriate for the list; there isn't much on the lighter side there. I like the new picture. Mangojuice^talk 19:35, 21 July 2006 (UTC)[reply]

I added a link to Wide Mouth Frog for a lighter tone, and if someone thinks we need more, I nominate either Kerchoff's entire name (it's a mile long) or a sentence or two in the crytpanalysis section about possible origins of the name bombe (as in Engima). ww 22:34, 21 July 2006 (UTC)[reply]

I removed that sentence in my latest revision. Wide Mouth Frog (which I'd never heard of; perhaps Needham-Schroeder would be a better choice?) really belongs under "cryptographic protocols", not in the primitives section. Also, I removed the bit about primitives being used to make cryptosystems and digital signatures, because that kinda misrepresents things; those are other types of primitives, really. Also, I remove the disclaimer about ciphers that may use the same algorithm in both directions. Yes, that's true, but it's too detailed for that part of the article. Mangojuice^talk 02:22, 22 July 2006 (UTC)[reply]

All stylistic points, I fear. We've not time enough to settle out on this stuff just now. I strongly disagree with the point about primitives, but it's a point about classification of items in categories mostly. I think not optional, but you clearly have a different classification in your mind for these things. ww 02:36, 22 July 2006 (UTC)[reply]

Clearly, primitives can be used to build everything. However, I don't think the study of how they build everything falls under the heading of cryptographic primitives. Some are clearly under the heading of cryptographic protocols, for instance. Mangojuice^talk 02:48, 22 July 2006 (UTC)[reply]

We will probably get a lot of new entries tomorrow. Phr (talk) 20:17, 21 July 2006 (UTC)[reply]

The seige has begun. It will take some time to look over them all. Especially with my browser soing the long horizontal with a vengance. Arise, ye editors!! ww 05:14, 22 July 2006 (UTC)[reply]

Try installing Wikipedia:Tools/Navigation popups, then just float your cursor over the "diff" label in the history list. The only change so far that I take much issue with is someone more or less chopped out the 2nd paragraph about all the different kinds of math used in cryptography. I'm so used to that paragraph (because we all worked on it a lot) that I can't tell if the shorter version is an improvement or not. The old version was definitely long-winded, but I felt it conveyed the sweep of the subject. Phr (talk) 05:22, 22 July 2006 (UTC)[reply]

I felt the same way, but they actually moved the paragraph to somewhere further down. I approve of it, FWIW. Mangojuice^talk 05:40, 22 July 2006 (UTC)[reply]

Done; I archived all sections started in June or earlier. Mangojuice^talk 20:20, 21 July 2006 (UTC)[reply]