True, but if it's been detected at this level of activity, why wouldn't it have been detected before now at a higher level of activity than this? There are privately operated and often networked sensors all over Europe.
Each interviewer in my experience has their own special algorithm they love to ask. For instance I was asked a question about the Boyer-Moore majority algorithm which is so obscure and rare and hence I messed that interview up. It is usually not the Splay Trees, AVL Trees, Merge Sort it's the logic behind your contextualization of the algo in the problem being asked to be solved
Idk, maybe it's just me but the stakes are so high right now that to hide from political engagement would be downright irresponsible as a citizen of the US/World especially with the power we developers have to affect the world. This community's foundation was built on people wanting to make a better world not hide in our bubbles
Considering how much political discussion is actively going on right now on HN, I'd hardly describe it as "hiding".
Edit to add: You repeatedly bring up comments along the lines of "why was this flagged" or regarding the appropriateness of politics on HN. None of this should be news to you at all at this point. Why do you persist on bringing this up, when you've been around long enough to know the situation on HN and the community's well-established stance on these points?
Just take for example Elliptic Curves which sit at the crossroads of analytic theory, theory of functions, abstract algebra, algebraic geometry and number theory. It is nearly impossible for a single person to bear the cognitive overhead needed just to understand how might one approach attacking Elliptic Curve systems
I disagree, it's hardly impossible. I would say any reasonably gifted maths grad student who has chosen the right combination of subjects (the requisite math, some cryptography, along with a low-level programming course or two), would be able to start working on attacks on EC systems.
Do those people grow on trees? No, because it's a much less common specialisation than most others (like aiming for the financials industry, or statistics/analytics/big data) simply because of the number of paying jobs in each field.
Seriously. It takes something like seven years, not counting undergraduate studies, to become a practicing physician. And once you achieve that, you can still only handle one physician's worth of case load. It takes far less time to learn enough math to become dangerous to a particular subfield of cryptography --- and once you achieve that, you have a decent shot at changing the state of the art for the entire world.
Another point to add to yours is that there are so few people capable of understanding these convoluted protocols and cryptosystems. How many people are actively attempting to find weaknesses in AES, Elliptic Curves, SHA1, DLP, IFP? Also, often times those people currently examining these systems are the same exact people that were performing the state of the art cryptanalysis in the 90's
The ciphers aren't the problem. The protocols are. IPSEC is insanely over engineered, as are most protocols these days.
It's not just in crypto. I was looking at the guts of web sockets the other day and was like WHY WHY WHY WHY WHY. I usually find myself asking "what problem does this solve?" over and over when I look at modern systems.
Of course even with my strong bias against it I am still occasionally guilty of over engineering. I just rewrote a major system to de-engineer it. I just keep thinking I will need it even when I have YAGNI tattooed on the inside of my eyelids.
There's actually lots and lots of people attempting to break these primitives; just take a look at the proceedings of CRYPTO, EUROCRYPT, FSE, CHES, etc.
It's impressive how much progress that field has made since the 1990s. I know there are other criticisms of Applied Cryptography, but we understand so much now that we didn't at the time it appeared.
Something I find a bit disturbing is how much of our understanding of particular issues seems to depend on brilliant individuals. This is a bit like the Bernstein monoculture article that was discussed here recently but I'm also thinking of several of the items from Boneh's RSA attack overview paper, or maybe Xiaoyun Wang's hash function stuff.
Clearly all discoveries are going to be made and published by someone, but something about the academic field of cryptography keeps striking me as "wow, we're really lucky to have that person in this field". And that's a bit concerning because this phenomenon seems to suggest either that the field is still pretty small or still pretty immature, and in that sense may still be missing several important discoveries, for all the progress that it's made since the early nineties.
That's kind of a strange takeaway from Boneh's RSA attack paper, which is a survey of other researchers; IIRC, no two of the attacks in that paper came from the same researcher.
Bernstein is a bit of an odd duck in this regard, but if you look at some of the other "great personages of cryptography", you'll see that they're minting PhDs who are themselves going on to do important work, so the capacity of the field is expanding, not contracting to a single Bernstein monoculture point.
Bernstein's position in the field of practical cryptography is a product of an almost monomaniacal focus on commodity hardware performance and ease of use. The Bernstein monoculture will pass --- probably soon, after CAESAR finishes, or if people start taking pq crypto more seriously.
> That's kind of a strange takeaway from Boneh's RSA attack paper, which is a survey of other researchers; IIRC, no two of the attacks in that paper came from the same researcher.
I think I had that sense about individual items there, like Coppersmith's attack.
> if you look at some of the other "great personages of cryptography", you'll see that they're minting PhDs who are themselves going on to do important work, so the capacity of the field is expanding, not contracting to a single Bernstein monoculture point.
"Bernstein's position in the field of practical cryptography is a product of an almost monomaniacal focus on commodity hardware performance and ease of use. "
It's like a marketing issue to me. He focused on what type of crypto there was a large demand for. His solutions now have the First Mover advantage. Others can still compete although his will stay widely deployed or long-lasting in legacy systems.
It's easy to get this view from outside, but there's lots and lots of people working on this stuff within the field of cryptography that people in software engineering don't hear about because their work doesn't quite have that focus on implementation, that, for instance, DJB's work has.
