[cryptography] Intel RNG

Jack Lloyd lloyd at randombit.net
Mon Jun 18 17:02:06 EDT 2012


On Mon, Jun 18, 2012 at 01:21:20PM -0700, Jon Callas wrote:

> > I am not in any way suggesting that CRI would hide weaknesses or
> > perform a lame review.
>
> But that is *precisely* what you are saying.
>
> Jon Stewart could parody that argument far better than I can. You're
> not saying that CRI would hide things, you're just saying that
> accepting payment sets the incentives all the wrong way and that all
> companies would put out shoddy work so long as they got paid,
> especially if giving a bad review would make the customer mad.
>
> Come on. If you believe that this report is not worth the bits its
> written on because it was done for-pay, at least say so. If you
> think that they guys who put their names on the paper have
> prostituted their reputations, have the courage to say so.

Of course maintaining reputation (and self-respect, for the people
there) are large incentives for a company like CRI and that is why I
explicitly stated is that "the only reason I would place credence with
it is my impression of the professionalism of the CRI staff", echoing
Matt's comment that "This is CRI, so I'm fairly confident nobody is
cutting corners."

> In other words, only grad students are qualified to make an
> independent review

No, merely that the incentives are somewhat better aligned between
the reviewers and the end user.

> and universities are not tainted by money.

Not sure where I said that.

> I think sharp grad students are among the best reviewers possible. I
> think they do fantastic work. But there isn't a single paper from
> them that I've ever seen that didn't essentially stop abruptly
> because the funding ran out, or time ran out, or they decided to do
> something else like graduate.

I am not familiar with any security review process that has unlimited
time and money.

> *All* reviews are limited by scope that is controlled by
> resources. *All* reviews have a set of perverse incentives around
> them. The perverse incentives of professional review are indeed out
> of phase with the perverse incentives of academics.

Yes. I agree entirely.

> >> Un-reviewed crypto is a bane.
> >
> > Bad crypto with a rubber stamp review is perhaps worse because someone
> > might believe the stamp means something.
>
> So we shouldn't bother to get reviews, because they're just rubber stamps?

Of course not, if the review is a good one done by someone who knows
what they are doing it has enourmous value. Very likely the reviews
CRI does are of this form.

Thus my phrase 'rubber stamp review', meaning to imply a distinct
thing from a review of depth conducted with care by people skilled in
the relevant areas.

> To suggest that professionals are inherently corrupt is insulting to
> everyone in this business

The incentives in a pay-for-review model are misaligned in terms of
producing a non-optimal result for end users. Pointing out this fact
is not a personal attack on anybody.

> To suggest that academia is somehow free of bias shows a blind spot.
> To go further and suggest that only academia has pure motives shows
> how big academia's blind spots are.

Let me repeat: "Those incentives again are not perfect (what is),
especially given how academic publishing works"

-Jack



More information about the cryptography mailing list