Talk:Cryptology/Draft

From Citizendium, the Citizens' Compendium
Jump to: navigation, search
This article has a Citable Version.
Main Article
Talk
Related Articles  [?]
Bibliography  [?]
External Links  [?]
Citable Version  [?]
 
To learn how to fill out this checklist, please see CZ:The Article Checklist. To update this checklist edit the metadata template.
 Definition The theory and practice of protecting the content of communications, and of defeating the protective measures [d] [e]

Proposed structure

This is a proposal for a structure for present and planned articles; I'm not sure if it should be titled "Cryptology" or "Communications security" -- are steganography and covert channels, for example, part of cryptology? Clearly, they are COMSEC.

There may be other background besides random numbers and information theory.

Howard C. Berkowitz 11:45, 4 August 2008 (CDT)

At least in my circles, usage has shifted and "cryptography" has replaced "cryptology" as the name of the field as a whole. For example, at least two of the standard references — Schneier's "Applied Cryptography" and Menezies et al "Handbook of Appled Cryptography" — use it in their titles. On the other hand, a major archive of papers is at International Association for Cryptologic Research. [1]. How do others see this, and how should we handle it in articles? I'm resisting the urge to rewrite the terminology section of cryptography until I hear from others. Sandy Harris 17:03, 4 August 2008 (CDT)
Actually, for a broad term, communications security may be the broadest term, although you have things such as the journal Cryptologia. There are certainly a variety of ways to protect information that do not require encryption (but may also use it), such as steganography, spread spectrum frequency agile transmission, covert channels, etc. Howard C. Berkowitz 18:27, 4 August 2008 (CDT)
I'd say the terms overlap massively, but not completely. We could include spread spectrum stuff in cryptology, or disk encryption in commsec, but I doubt either is a good idea. That said, I'll happily leave the sorting out to the editors. Sandy Harris 22:24, 4 August 2008 (CDT)
I'm coming rather late to this discussion, but as a longtime member of the International Association for Crypto...let me check...logic Research, I think I've discerned two patterns: (1) Most people don't care about the distinction and use the first word that comes to mind, which is almost always cryptography. (2) Among those who distinguish, "cryptology" is used for academic studies (the most practical branch being cryptanalysis, the rest being far removed from quotidian concerns), while "cryptography" is closer to practical concerns. Note that the titles "Applied Cryptography" and "Handbook of Applied Cryptography" share not only the word cryptography but also applied.
The present situation seems pretty reasonable, with a Cryptography article that will catch most queries, and a Cryptology article that will explain the terminology for those who wonder. Peter Pearson 20:18, 16 February 2009 (UTC)

Categories?

A related question is what tags we need for the group of related articles under discussion. On Wikipedia, the Cryptography article (to which cryptology is a redirect) has 10 tags and other articles have categories such as "Cryptographic algorithms", "Cryptographic attacks" and "Espionage techniques". What do we need here? Sandy Harris 22:48, 4 August 2008 (CDT)

Again, Wikipedia should not serve as an example. In this particular case, I revised or wrote much of the material on professional intelligence analysis, SIGINT, etc. Apparently, some people who had been well-trained by comic books started linking almost everything intelligence-related to espionage.
Citizendium has much coarser categories, essentially at workgroup level. Now, there are sections about clandestine human-source intelligence operational techniques and commuications intelligence, It would not be inappropriate to have specific links, for example, between one-time pad and clandestine operational methods, or from generic SIGINT to traffic analysis, and from COMINT to cryptanalysis.
Now, are unintentional electromagnetic emanations properly cryptology, MASINT, or COMINT? The answer, I believe, is It Depends. If improper shielding causes leakage of both the unencrypted and encrypted text, the collection method is radiofrequency MASINT, but the analysis of the data is COMINT. It applies to cryptology insofar as analyzing the transformations can give insight into algorithms. If the cryptomachine designer were aware of the problem, such that the processing time varied with the plaintext, he wouldn't know he had created a covert channel.

Links make sense. I rarely found CZ categories to be especially helpful. Howard C. Berkowitz 23:34, 4 August 2008 (CDT)

Cryptography article

Howard, my biggest concern here is that this article may become enormous. Can we keep Cryptography as a separate article? It has, at present, a quite different set of subsections; I added some of the practical things on one-way and two-way encryption and would like to keep them, somewhere, once it becomes clear where the material would best fit. I am far from an expert in theory, so I'm probably not going to be very helpful with the theoretical aspects of this topic.Pat Palmer 20:09, 5 August 2008 (CDT)

Oh -- sorry if it suggests that would be one article. If anything, that would be something like what I did on convergence of communications, although I have to understand Larry's concerns about an "article" that's mostly annotated links to sub-articles.
There are lots of articles that should be under this, and those articles are going to have articles below them...to borrow from Stephen Hawking's story of being lectured that the world is on the back of a giant turtle, who stands on the back of another turtle, and was told firmly, "Don't argue, young man. It's turtles all the way down." For the record, I have known giant tortoises that variously seemed to be able to recognize me (or at least the food I was carrying), and another tortoise that engaged in activities that were both futile and would violate the CZ family-friendliness policy. :-)
Howard C. Berkowitz 21:08, 5 August 2008 (CDT)

Article development page

Hi Howard, the article at present simply is not an article--it is a set of notes and outline. I would prefer that on our article pages we adhere to CZ:Article Mechanics and start with definitions, write full paragraphs, etc.--even for articles that are under construction. The talk page is a fine place to put outlines, lists of definitions, and so forth, that are helpful to you in constructing an article. A related but separable concern: I also have to reiterate my dislike of putting outlines, particularly detailed outlines, on the article page. This is not unlike planting a flag on terra incognita, declaring it yours, and asking anyone who comes onto the land to follow your outline. --Larry Sanger 22:42, 27 September 2008 (CDT)

I've put something outline-ish at Talk:Cryptography#Quasi-outline. I'd like Howard's outline (perhaps updated?) to re-appear either here or there. We see some things rather differently and I suspect something useful might come out of discussion/argument/compromise/synthesis, especially if others join in. Sandy Harris 04:04, 4 December 2008 (UTC)
Let's revisit this, as we now have no entry at all for cryptology, a critical core technology in computing and telecommunications. I've moved the old outline to the link above. Howard C. Berkowitz 16:38, 1 February 2009 (UTC)

What next?

We currently have fairly well-developed articles at cryptography and cryptanalysis, but the main article here is a one-liner without even a subpages tag. I'm more-or-less happy with that; I wrote the one-liner to replace a blanked page. However, I'd like to add tag.

Do others think we need a full article here?

Howard's outline had some good stuff, most of which I do not think we currently cover. Does it belong in History of cryptography, History of cryptanalysis, or where? Sandy Harris

On reflection, I'd prefer one History of cryptology article with the others as redirects. The histories of cryptography and cryptanalysis are so intertwined that they should be discussed together. If at some later point we find the article getting too big to be manageable, we can split it then. Sandy Harris 06:34, 8 January 2010 (UTC)
Can this article be approved as it is? Someone added the subpages tag, so it is complete as it stands. Sandy Harris 13:11, 29 May 2010 (UTC)
Sandy, that's a really good question, which I'll broaden to "can articles that legitimately are core or top-level, even if short, be approved?" Tentatively, I'd say the answer should be yes if their Related Articles page is exhaustive (even with some redlinks) and is part of the Approval.
As far as this article, I wonder if cryptology is only cryptography and cryptanalysis. This will get blurry with information assurance and some intelligence techniques, but are some of the following part of cryptology?
Intuitively, physical and personnel security for the cryptographers is in there somewhere.
The article might touch upon these in only a few paragraphs, then detail with R-templates.
Thoughts? --Howard C. Berkowitz 18:05, 29 May 2010 (UTC)
I don't really know. Somewhere there's a distinction to be drawn between the science (cryptology?) and the engineering and policy aspects too.
There are also things like using a random number generator to drive a frequency-hopping system. Secure RNG design is part of cryptography, and f-hopping is intended to be secure, but I don't know how to classify the overall system.
Cryptography does have a brief section on steganography and a link. Cryptanalysis#Non-mathematical_methods has a subsection on traffic analysis and a link. Are more links needed? Where? Sandy Harris 01:30, 30 May 2010 (UTC)

Is it enough to just expand from the current one-liner to two, with something like: "Cryptology is a critical part of signals intelligence and information security, providing the scientific background for many activities in those areas."? Sandy Harris 01:54, 30 May 2010 (UTC)

Related articles

I think this may be ready for approval, but I have some concerns about the "related articles" page.

Friedman, Kerchkoffs & Turing are subtopics, but Shannon is in "other related topics". Shouldn't they all be in one section, perhaps a new "Prominent cryptologists" section.

Similarly, we have many signals intelligence agencies listed, since they all do cryptology. Do they need their own section?

I think the page is far too long. I'm inclined to think things like DES do not belong as subtopics here, but as subtopics of Cryptography or even block cipher. Same for the cipher machines. If DES and AES belong here, why not RSA or ULTRA or brute force attack or ... Or the parent topic of both DES and AES, block cipher? Or anything about hashes?

Isn't nine parent topic excessive? I'd have only mathematics and signals intelligence. Sandy Harris 13:43, 11 June 2010 (UTC)

I agree with you, Sandy. My view is that Related Articles should guide the reader where to look next if he wants to learn more about the subject, not to list everything remotely connected. Cryptologists are not a subtopic, but rather a certain type of related topics (to history). But since we need not include the subpages into approval, this can be worked on independently. --Peter Schmitt 14:34, 11 June 2010 (UTC)
Let me reread it a little later, but here are first thoughts. I'd rather approve more articles that are accurate on what they cover than have slower approval of longer, hard-to-check articles.
As far as Related Articles, consider subheadings under the three main topics. "Prominent cryptologists" would be a perfectly reasonable "subtopics" heading. It's not the time to open past arguments about the Related Article format perhaps being artificially hierarchical; we'll have to wait for the EC.
Nine sounds like too many, but information security really should be there as well.
Possibly -- I want to think about it -- things like AES and DES might be replaced by a catalog of cipher or catalog of block cipher entry. With more coffee or a search, I can confirm there's already a list of worldwide intelligence agencies including SIGINT. Since most such agencies also have information assurance responsibilities, perhaps that's an additional catalog. I'm going to be starting CZ: Signals intelligence subgroup, as I have CZ: Measurement and signature intelligence subgroup, both as a tool for finding such things and also for recruiting people interested in the topic. Howard C. Berkowitz 14:48, 11 June 2010 (UTC)
Ooops, I did not look, and therefore not notice, that the page is only a definition ...
As I said above, I overlooked that there is no article. But this does not change my opinion about Related Articles.
However, I think that this page provides an opportunity to give a brief summary of cryptology "in a nutshell": What is cryptology? How did it develop (history)? What are its (sub)fields? What fields are needed for it? What are the main terms?
No details (in particular: no technical details). This would be helpful to all those who do not want to read rather long articles like cryptography. --Peter Schmitt 23:20, 11 June 2010 (UTC)
Good suggestion! Sandy Harris 01:31, 12 June 2010 (UTC)

(undent) We could be breaking new ground in Approvals here, but I'm certainly willing to work with Peter in experimenting to Approve what might be called both a nontechnical quick introduction and a top-level article. It may be that we will decide to expand a version 2, but this is a good trial. Is it the idea that the technical scope, or even outline, will be in Related Articles?

As I experiment more with subgroups, I'm using the test: would a top-level article be a reasonable "main article" for, in this case, a hypothetical CZ: Cryptology group? That main article doesn't need to detail any of the technologies, but it has to scope cryptology (e.g., the arguments between theoretical "cryptology" (and information theory? Where does information theory fit?), cryptography, cryptanalysis, signals intelligence, and other forms of secrecy (e.g., steganography)? Howard C. Berkowitz 04:11, 12 June 2010 (UTC)

(A general remark, not specifically connected with this page)
Howard, I agree that CZ needs a good system to classify ("categorize") articles ("structure knowledge", "subject classification"), but I do not think that the Workgroup and Subgroup system provides the solution. It makes no sense to have (sub-)workgroups when there are no authors who collaborate. And guiding readers via Related Pages is also another purpose than classification. --Peter Schmitt 12:30, 12 June 2010 (UTC)
Howard asks: "Is it the idea that the technical scope, or even outline, will be in Related Articles?" That is not what I would think.
We are dividing up the world of knowledge in various ways, in particular into articles, but also workgroups, perhaps in other ways. This is necessary for both writer and reader, but any such scheme is of course flawed. Articles will overlap and there will be gaps in our coverage. Things will be hard to find, especially when the reader's notions of how things are or should be organised differ from what we've done.
As I see it, Related Articles pages are mostly a safety mechanism so the reader can still get where he needs to go, even when the primary mechanisms — search and wikilinks — do not get him there.
Cryptography (approved) and cryptanalysis (needs work) are large articles with broad technical scope. Each has many sub-fields and lots of links. I therefore do not think we need those links here, either in article text or Related Pages.
We now have a stub-ish history of cryptography. I suggested above moving it to History of cryptology and expanding it, in particular incorporating stuff from Howard's old outline. Should we maake that move and link to it from here? Or link without moving?
On the other hand, should that expansion happen in this article instead? Sandy Harris 14:11, 12 June 2010 (UTC)
My suggestion was that the article should be a brief outline of the whole field, but that extensive coverage should go to separate articles. This holds for history, too. As for the title, I prefer History of cryptology because it seems difficult (or impossible) to separate cryptography and cryptanalysis in a historical context. (There may come an opportunity to deal with the history of subfields, but only if this arises naturally.) I agree with you on the Related Articles. --Peter Schmitt 17:58, 12 June 2010 (UTC)

Next steps

I made a pass through Cryptology/Related_Articles: added new headings, added some entries, moved things around. I did not remove anything, though I think most of the topics I moved from "parent topics" to "other related" should go. Could someone else (Howard?) please take a look; I think I've improved it, but not finished the job.

Can we move History of cryptography to History of cryptology and add a link in this article?

Once those are done, I think this would be ready for approval. Or does someone want to expand this to the "brief outline of the whole field" suggested above? I'm inclined to think that is a good idea, but not necessary. WP just has "cryptology" as a redirect to "cryptography"; we should not imitate that mistake, but I do not think we need expend a lot of effort here either. Better, at least for now, to put effort into History of cryptology and/or some of the major sub-topics like Hash (cryptography) where existing articles are weak. Sandy Harris 00:21, 1 August 2010 (UTC)

As the result of a first look: I agree that all the "other related" topics need not be mentioned here. And since in a history it will hardly be reasonable to separate -ology from -analysis a move would be fine. As for expanding the article: This needs some thought ... --Peter Schmitt 00:49, 1 August 2010 (UTC)
You can get rid of the see history by piping "History of cryptology" in the preceding system.
I have some thoughts on expansion, but I'm not sure I want to interfere with my nominating authority. Perhaps I'll try a sandbox version that you, Sandy, can take or leave. Howard C. Berkowitz 08:31, 19 October 2010 (UTC)

Approval Process: Approval certified

Call for review: Sandy Harris 04:27, 19 April 2012 (UTC)

Call for Approval: Anthony.Sebastian 20:22, 23 May 2012 (UTC)

Approval Notice: Set for 21 June 2012, Anthony.Sebastian 21:50, 5 June 2012 (UTC)

Certification of Approval: Anthony.Sebastian 01:06, 22 June 2012 (UTC)


Please discuss the article below, Cryptology/Approval is for brief official referee's only!

Comments

I think the current form, with just a very little text here and links to lots of related material is reasonable. On the other hand, it is possible to argue for change in either direction; certainly a long complex article could be written on the topic, but on the other hand WP have it as just a redirect. What do others think? Sandy Harris 04:27, 19 April 2012 (UTC)

What should be done about the bibliography? Currently, the approved cryptanalysis article has none (oops! (?)) and the one at Cryptography/Bibliography includes some cryptananlysis titles. I would say there should be only one bibliography, attached to the higher-level term cryptology, and bibliographies for -ography & -analysis should link or redirect to that. Sandy Harris 04:39, 19 April 2012 (UTC)

Sandy et al, I am completely against approving any of these cryptography-related articles. Howard did a lot of writing on them, and I never approved the direction they have taken. I had quit working on them because I felt interfered with. They are not mature, not complete, and "approving" them will just make it more difficult to straighten them out someday. Can we just let it go for now?Pat Palmer 08:41, 20 April 2012 (UTC)
Pat, with Howard gone, will you be willing to/interested in helping to bring to potential approval the articles you refer to? —Anthony.Sebastian 20:37, 22 April 2012 (UTC)
There seems to be some misunderstanding. The current text of this article (Cryptology) has been completely written by Sandy. I think that it is a good idea to treat this only as an extended disambiguation pointing to cryptanalysis and cryptology. I would slightly revise it and then support approval in this (restricted) sense.
As far as I can see, the (approved) cryptography was started by Pat, later Sandy joined in who -- after a brief "interference" by Howard -- completely revised and enlarged (size doubled) the article.
The (also approved) cryptanalysis was started by Howard who moved part of (Pat's and Sandy's) cryptography article there. It was only Sandy who revised and enlarged (size tripled) the article before it was removed.
Active attack is completely by Sandy, and passive attack almost completely. Therefore I cannot see how Pat's remark applies here. --Peter Schmitt 21:28, 22 April 2012 (UTC)
Peter is correct on my role in all the above. I could add that Cryptanalysis was approved before I thought it was entirely ready; there is so much more one could say there. Sandy Harris 01:37, 23 April 2012 (UTC)
I had put this in the wrong place--sorry for the churn! I am interested in reviewing these articles in depth, but my time is limited and I work very slowly. I definitely hated the revisions and additions which Howard made. I felt that the caused the structure to be lost in a myriad of (confusingly written) detail. If you all can hold off a bit, I will try to look at the articles in their current condition and see what might be done. But with Howard's stuff still in there as he originally put it, I doubt I would want to approve. As you see, I haven't had time to read it all again. I am not a deep expert (but do have a good overview) of these topics, and I read it very slowly. If you want to approve it without me, then I will have to work on revisions. Don't know how strongly you feel about it. I will not roadblock, but personally feel no rush towards approval.Pat Palmer 21:31, 24 April 2012 (UTC)

(undent) Pat, this particular article is only four sentences, entirely written by me. One sentence (the third) was written to take account of one of Howard's suggestions, but other than that he has not been involved.

At one point, Howard had a long outline on the article page (now preserved at Talk:Cryptography/Archive_1#Quasi-outline) but Larry made him delete it. That left us with no article on the topic, so I wrote a short one. I think the questions for approval are whether such a brief article is enough (I'd say yes) and what to do about the bibliography, related links, etc. (I'm not sure) Sandy Harris 01:18, 25 April 2012 (UTC)

I've just read through the related articles page again, and I'd say it needs work. I reorganised it a while back, but did not delete anything. It is still very long and I think some things should go. On the other hand, there are things that might be added, such as steganography.
Does anyone want to comment or, better yet, edit the page? 02:47, 29 April 2012 (UTC)
According to Merriam-Webster unabridged, 'steganography' now considered 'archaic'. Seems wrong in view of this_article. I would wait on commenting on Steganography until Sandy calls for for its review. We can consider adding it to Cryptology/Related Articles after approval of Cryptology. —Anthony.Sebastian 23:05, 30 April 2012 (UTC)
Merriam-Webster is definitely wrong; stego is not exceedingly widespread but it is certainly alive and well. Here are a few of the better-publicised examples. laser printers Osama movies. Sandy Harris 01:03, 24 May 2012 (UTC)

+++++
Requested review by mailing lists: Computers; Mathematics; Military.
Requested review through forum posting, 'Content issues' board. —Anthony.Sebastian 19:40, 24 May 2012 (UTC)

+++++
No further comments posted since requests for comments went out over a month ago. I know Pat Palmer wants to comment, and has been told there's no rush. To keep the approval process moving along, however, I will set a notice for two weeks hence. If the article receives approval by then, any substantive changes to the article that occur later, in response when Pat has time to review the article, will make it eligible for facilitated re-approval. Anthony.Sebastian 15:09, 5 June 2012 (UTC)