Cryptography Reference
In-Depth Information
potent symbol of this renewed disciplinary vigor is the return of David
Chaum. More than any other member of the cryptographic community,
he personified the social and entrepreneurial ambitions of the discipline
in the 1980s and 1990s but retreated from the front lines in the aftermath
of the market demise of DigiCash, the business venture that implemented
his anonymous payment mechanism.
Yet thirty-five years after “New Directions,” there are few signs that the
design methodology that drives these endeavors has been updated. The
business of cryptography still begins with Goldreich's “definitional activ-
ity,” in which “the functionality underlying a natural security concern is
identified, and an adequate cryptographic problem is defined.”8 8 Using the
case of digital signatures, this topic has proposed and provided evidence
that this approach suffers from blind spots that generate significant and
recurring difficulties for the social ambitions of cryptography.
The first blind spot stems from the idea that “natural security concerns”
exist as timeless entities, independent of the cryptographer's own social
and historical world, and that their “underlying functionality” can be
readily identified.9 9 Yet even the requirement for secrecy that seems today
utterly indissociable from the voting process was once a radical innovation
subject to considerable controversy: “It was generally believed that to be
seen to vote, and to be accountable for one's choice, were necessary com-
ponents of citizenship. Conversely, as John Stuart Mill put it very explicitly,
secrecy has something to do with selfishness. 'The spirit of vote by ballot—
the interpretation likely to be put on it in the mind of an elector—is that
the suffrage is given to him for himself; for his particular use and benefit,
and not as a trust for the public.'” 10 Similarly, our needs and desire for
privacy, anonymity, and authentication vary according to time, place, and
purpose, and cryptographers should remain wary of claims to their self-
evident character as “natural security concerns.”
The second issue, abundantly illustrated in this topic, is that the cryp-
tographic modeling of security protocols is not itself a neutral interven-
tion. The design goal of “end-to-end voting,” for example, is a classic
cryptographic move eliminating trust in (corruptible) voting authorities
in favor of trust in (incorruptible) mathematics. Such moves inevitably lead
to infinite regress, however, given the mathematics of cryptography must
be certified by cryptographers, themselves authorized through their train-
ing and degrees, themselves accredited through other social institutions.
Search WWH ::




Custom Search