Tuesday, May 24, 2022

1/5 Theoretical vs. Real-World Cryptography (David Wong)

David wong author of the book real world cryptography with manning publications david one of the first things you explain in your book is the difference between theoretical cryptography and real world cryptography what's that that's actually a very good question um .

So so i somebody coined these terms um real world cryptography often called applied cryptography and theoretical cryptography where it's mostly researchers researching cryptography for the sake of cryptography um and and in that world there's .

All sorts of problems being researched research encryption how to hide your data how to have more privacy how to be able to compute a function securely with some other people without revealing the input to your function like plenty of different functions like that .

And problems that people are making up mostly problems where you have malicious participants this this is all about this is purely the definition of cryptography you're you're always in the presence of adversaries uh otherwise there's no no real points um yeah and in the real world or applied .

World or whatever this is where things impact you right as a person so every day you use your laptop or your mobile phone or or your browser or all these devices and applications and they all use cryptography and and that's what i call this this .

Applied or real world cryptography that's what the book is about um and so as as a normal person this is what impacts you as a practitioner if you want to impact the world uh directly or very quickly usually you will work in that um that part of the the world .

Um and there's these two worlds are are sort of um kind of segregated in the way that things don't always make their way from the theoretical world to the real world of cryptography um perhaps they're not practical they're too slow uh maybe they're not that useful .

Or at least they haven't found a use case yet and these kind of things and and there's this kind of uh thread a thin connection that happens from times to times when something makes its way to to the other side so that's that's the difference between these two worlds .

And your book focuses on real world cryptography yeah uh that's that's most of my uh career i've been working in applied cryptography or real world cryptography um trying to break uh real world applications or studying them or or researching them .

Or building new ones and and that's why i focus there to me that's also what's more interesting there are other books that are more on the theoretical side and it it's actually usually difficult to find a book that's really a real world actually i i used to give a .

Course on applied cryptography and my students would come and ask me okay okay like what are good books that i can read and i always struggled to find good answers because they were either very outdated or too theoretical for them and they would complain this is too theoretical and so on so .

That's why i i wanted to write this book also it's because i never had it when i wanted to read it and so i sort of wrote it for myself as well that's a very good reason to write a book how fast did this field evolve so when will your book become outdated do you think that's that's a that's .

A very good question also that's um cryptography has been attacked by these cryptanalysts who focus more on attacking cryptography and sometimes in the past we've had to change algorithms meaning that for example we we had an algorithm called md5 .

Which is not gonna get too much into the details but it's it's a cryptographic algorithm an md5 was broken and broken so bad that we had to move away and unfortunately so much applications out there was using it that the deprecation process was very very .

Painful and so you have a number of books out there that people are still reading that explain to you how md5 works and and treat it as a as an algorithm that you can use today but that's not true like you shouldn't use that anymore so i mentioned some of these algorithms .

In my book and i also mentioned what could break the more modern algorithms that i spend more time explaining in the book um and one example for uh is is quantum computers you might have heard of quantum computers and how they will affect cryptography and they might break a lot of the algorithms that .

We use today um so i have a chapter on that but it's not sure yet if it's going to become really a thing and replace maybe maybe half of the the algorithms that i talk about about in the book so my book might become outdated as soon as quantum .

Computers become a thing if it ever becomes a thing otherwise i think it'll stay up to date for for quite some time as we have a lot of confidence in the algorithms that we use nowadays


Most Popular