Mastodon Feed
Reblogged by nadim@symbolic.software ("Nadim Kobeissi"):
malb@ioc.exchange ("Martin Albrecht") wrote:
Kenny Paterson and I have written a retrospective on “Crypto in the Wild”. This is about some of our work over the last 20 years or so, in which we look “out there” into the wild to see how cryptography is used in deployed systems. Link: https://eprint.iacr.org/2024/532
Stealing Kenny's Twitter thread:
It’s a short piece, intended to be at least a bit provocative. As well as the nuts and bolts of how we do this work, we reflect on our disclosure experiences, dealing with vendors, how we perceive the scientific community thinks about this kind of work, and public comms.
We also talk about the responsibilities of researchers - as we see them: to whom we owe them, and what they are. (Sneak preview: we don’t think our responsibilities are mainly towards vendors.)
And we address the question: Is this science? We think the answer is a hard “yes”, if science is about gaining a deeper understanding of the world around us.
Maybe this part of the article will be a useful reference point for people when writing their next rebuttal about a “Crypto in the Wild” paper. We certainly want to encourage researchers to keep going in this direction.