What is the mainstream cryptography?

Question

I am always hearing the term "mainstream cryptography", I am looking forward to more clarification on this concept.

What I the mainstream cryptography?

Is its definition subjective?

Is symmetric cryptography within the mainstream cryptography?

Are there good cryptography out of the mainstream? (Aside: If so, how can we judge snake-oil cryptography being out of the mainstream?)

why have you changed your handle from "the prince"? none of my business but it's a little curious. — kodlu, Oct 10 '21 at 22:51
@kodlu for fun. at least it made you respond to my questions, again. I wish you continue and do not get annoyed by them. It was not my intention to get anyone annoyed. I am looking forward to having your engagement in my questions. I am sorry if my questions are a little weird. (This comment is to be deleted) — Crypt01, Oct 11 '21 at 03:56
@user2357 I don't think anyone will get annoyed by a user and ignore their questions, or at least not enough people to make a difference (especially not over something as trivial as a username). — user, Oct 11 '21 at 14:53
Fun fact: when Merkle invented public-key cryptography, it was rejected for not being mainstream https://www.merkle.com/1974/ — Conrado, Oct 11 '21 at 16:36

score 8 · Accepted Answer · answered Oct 10 '21 at 19:46

What [is] mainstream cryptography?

I would define mainstream cryptography as "the kinds of papers that get published at IACR venues" (Crypto, Eurocrypt, Asiacrypt, TCC, PKC, CHES, FSE, Journal of Cryptology). The IACR is the main professional society for cryptography research.

BTW, I'm not trying to say that these are the only legitimate venues for cryptographic research. There are many other excellent venues, but the cryptography papers published there would also be largely suitable for IACR venues too.

Is its definition subjective?

The norms and conventions of any scientific community are established by the humans that practice that science. Humans suffer from all sorts of biases. There is always an element of arbitrariness to what is considered mainstream practice and what isn't.

I seem to recall that Mihir Bellare's distinguished lecture discusses some of these elements in the context of cryptography. For example, the choice between asymptotic vs concrete statements of security is arbitrary and socially constructed by the community -- so is the choice of which problems are popular at any given time. Bellare references Kuhn's Structure of Scientific Revolutions as a resource that outlines the concepts more generally.

Is symmetric cryptography within the mainstream cryptography?

Yes, there are proposals for new symmetric cryptography and attacks on existing symmetric cryptography, at almost every IACR conference. Additionally, I would guess that the vast majority of cryptography papers use at least some symmetric-key cryptographic building blocks somewhere.

Within symmetric cryptography, there are mainstream approaches and non-mainstream approaches. For example, basing a hash function on a wide public permutation is mainstream -- most new hash functions use this design paradigm. Justifying your designs by showing resistance to linear/differential cryptanalysis is the mainstream expectation. Basing a hash function on "chaotic systems" is not mainstream, and I cannot recall seeing this kind of work published at IACR venues.

Are there good cryptography out of the mainstream?

Almost certainly.

If so, how can we judge chaos-based cryptography being out of the mainstream?

It is reasonable to be skeptical if someone dismisses an area simply for being outside the mainstream. You should ask why it is outside of the mainstream. In the case of chaos-based cryptography, many such reasons have been given here on stackexchange.

nice answer. one could add venues like Designs Codes and Cryptography. — kodlu, Oct 10 '21 at 22:50
Thanks. I have tried to not attempt an exhaustive list of mainstream/quality venues. As you yourself suggest in this response, Google Scholar's list of top security/cryptography venues is a good place to start. — Mikero, Oct 11 '21 at 02:14
AES is the most widely used cryptographic algorithm in the world. Most modern processors have special instructions to accelerate AES. Improving the known attacks on AES would make someone's career. If that's not mainstream, I don't know what is. — Mikero, Oct 11 '21 at 06:07
If there is a good cryptography out of the mainstream, is it a matter of time to be within mainstream? Do you have examples of this cryptography that is good and out of the mainstream? — Crypt01, Oct 11 '21 at 10:57
I'd like to think that all good work eventually makes its way into the mainstream, but I have no idea whether it's inevitable. I'm not an expert on scientific revolutions. I am also deeply embedded in the mainstream of cryptography, so have a hard time thinking of good work outside of the mainstream. — Mikero, Oct 11 '21 at 14:15

Paul Uszak · Answer 2 · 2021-10-29T00:02:45.413

0

And of course quantum key distribution (QKD), using either classical symmetric encryption for speed, or pure one time pads for complete security.

Whilst unpopular, QKD is probably the largest area of cryptographic research at the moment in terms of spend. So I simply offer this link to NATO, this to current research, and the following map of partners working on QKD. And this is only in the continent of Europe. Similar exists in the US and Indochina:-

If that's not mainstream given other 1 billion EURO budgets like this, I don't know what is.

edited Oct 29 '21 at 00:02

answered Oct 11 '21 at 12:49

Paul Uszak

15,390
2
28
77

Kudos for changing to "unpopular". I wish QKD can be discussed here! – fgrieu Oct 11 '21 at 13:44
8

I do believe that this answer is incorrect. I don't dispute any of the facts you state. A lot of money and time is being thrown at QKD. However, crucially not from the cryptographic research community. Now, you may argue that the community is in the wrong there and should spend their time on it, but they don't. So the majority of (at least academic) cryptographers would not think of QKD as "mainstream". In fact many would probably point to it as an example of non-mainstream. And as I understand the question, it asks what cryptographers mean by the term, not what they ought to. – Maeher Oct 11 '21 at 14:20
I assume the opening line is meant to answer "Are there good cryptography out of the mainstream?" If so, it should probably be edited to not assume the reader is thinking of question 4/4. – bmm6o Oct 12 '21 at 00:47
Picture is from OpenKQD material, which attracted 15M€ from EU out of 18M€ of funding over 3 years. Is this "largest"? Research can be useful in unexpected ways, but IMHO KQD itself won't be largely used unless Cryptographically Relevant Quantum Computers happen and Post-Quantum Cryptography fails. See the spec of available gear: 120 km, 300 kbit/s, extending that requires trust in intermediary nodes, and we still need a trusted courier at each link setup. – fgrieu Oct 12 '21 at 06:18
@Maeher I think that you've hit the nail on the head. Cryptography doesn't have to be performed by cryptographers any more. Engineers and scientists can now partake in secure QKD. So I guess the reason they hate it so much is that it's going to make legacy cryptographers obsolete. Which I can understand as it's their rice bowl. Doesn't change the facts though... – Paul Uszak Oct 29 '21 at 00:07
3

"Cryptography doesn't have to be performed by cryptographers any more": I guess you meant "solely" by crypto researchers? As far as I know, cryptography was never exclusively the field of researchers, far from it (and of course, that's a good thing). "So I guess the reason they hate it so much is that it's going to make legacy cryptographers obsolete": afaik, crypto researchers don't hate QKD, they find it useless-ish. Did you consider that perhaps, the many good reasons to think QKD is not currently useful (while still interesting) are a better explanation than fear of loosing their job? – Geoffroy Couteau Oct 29 '21 at 07:30

What is the mainstream cryptography?

2 Answers2