Talk:Snake oil (cryptography)

Quality improvement and better linking to related articles

I'm concerned that this article quickly appeared, after I questioned some comments in cryptography, without any wikilinking from that article. The lack of such wikilinking makes it harder to give editorial reviews to a group of related articles and the structure among them, as well as specifics in this article. I now see propagation of problems in this article, cipher, and cryptography; I'm making some comments in the talk page of the last, and observe here as well that there is a sudden burst of articles that could be more useful with more of an idea of overall outline (multi-article) and appropriate wikilinking.

For this article, let's start at the beginning. First, I'd observe that while this is a vivid and potentially useful phrase and article, it's not widely used in the industry.

It is a standard term among cryptographers. One quick check. Searching an archive of a well known crypto list gives 262 hits for "snake oil". http://www.mail-archive.com/search?l=cryptography%40metzdowd.com&q=snake+oil Sandy Harris 17:22, 3 August 2008 (CDT)

May I ask who runs that mailing list? I've never run across the term on an IETF or NANOG list -- maybe I missed it. Could it be that it is well accepted in a certain community? I hesitate to call anything a "standard term among cryptographers" until I see it in a peer-reviewed journal, widely used textbook, or even a NIST/NSA glossary. It doesn't appear in the index of Scheier's 2nd edition Applied Cryptography, Mitnick's The Art of Deception (where it would seem apt), Meyer and Matyas' Cryptography, Steel-Nagappan-Lai Core Security, Kaufman-Newman Implementing IPSec, or Scheier's Secrets and Lies.

When I did a search on IETF (Internet Engineering Task Force) +"Cryptographic snake oil", I got 8 hits, most of which either referred to S/WAN, or to the FAQ. Do I understand correctly that you wrote S/WAN? There were no hits on "Cryptographic snake oil" with NANOG (North American Network Operators Group), RIPE (Réseaux IP Européens, the European IP forum), APRICOT (Asia Pacific Regional Internet Conference on Operational Technologies). There were 8 hits on SANS, again coming back to S/WAN or the FAQ.

Just looking for "cryptographic snake oil", I got 193 hits on Google. To put that in perspective about "well-known", I got 178,000 hits on "stream cipher", 13,300 on "index of coincidence," 366,000 on "Diffie-Hellman", 56,400 on "KG-13", 8,000 on "Feistel cipher", and 32,300 on "Zero-knowledge proof". How random a group is the mailing list you searched? Howard C. Berkowitz 18:22, 4 August 2008 (CDT)

As Larry says below, the actual term is "snake oil", not "cryptographic snake oil" and the article should probably be retitled the way Wikipedia does it, as "Snake oil (cryptography)". My error, there.

Googling "snake oil" gets 1,730,000 hits, only a small fraction of which relate to crypto. Adding "cryptography" cuts it to 23,200. Restricting the search to ietf.org gives 327 hits. On Sans, 111 but mostly in one thread. Oldest use I've found is in PGP documentation dated 1994 [1].

The list I referred to is run by Perry Metzger. It is cryptography@metzdowd.com; one archive is here: [2] Regulars include quite a few well-known people: offhand, I can think of Steve Bellovin, Matt Blaze, John Gilmore, and Peter Gutmann.

Second, the opening sentence

In Cryptography, the term "snake oil" is often used to refer to various products which do not offer anything like the security their marketing claims.

is not attributed, although there's a general comment about a 2001 book mentioning it.

Policy CZ:Article_Mechanics#Citations says "Citations are not usually needed for information that is common knowledge among experts." There are exceptions, but I cannot see that they apply. Sandy Harris 12:08, 4 August 2008 (CDT)

While I only did a quick search, the 2001 book (online 1st edition) by Ross Anderson,^[1] which has a URL rather than an inline citation and any commentary on the work, does not appear to be the first coining of the term. I found a 1999 Bruce Schneier webpage on it^[2].

It's been a relatively recent development, as in the last two or three decades, where cryptology has come out of the NSA closet, and many associate that coming-out party with the publication of David Kahn's first edition of The Codebreakers in 1967 ^[3]. I call attention to Chapter 21 (second edition, but Kahn didn't revise earlier chapters but appended a chapter on the British ULTRA disclosures), "Heterogeneous Impulses", which, while it does not use the term "cryptographic snake oil", extensively discusses the history of amateur-developed "unbreakable codes", which goes back for centuries.

Comments on introduction/lede

After my contributions to Internet Protocol Suite/Signed articles and Compartmented control system/Signed Articles, I am the last person to insist on encyclopedese. Nevertheless, I'm concerned about style here. I don't disagree with some of the opinion stated, but I might like to see a bit more formalism. As to the optimism of programmers, there might be some synergy here to a developing article on Brooks' Law, as well as some decent references to Weinberg.^[4]

I suspect the article would not lose quality if some of the adjectives, such as "incurable optimism" or "extravagant claims" were lost, and perhaps more specific examples or citations were given.

Also, external reference to peoples' home pages or FAQs, in the main article, don't fit with my idea of good CZ style. In the main article, more explanation, and perhaps a bit of text to show relevance, would improve the value of the article -- the reader should not have to make a jump to an external link without being sure what value would be better there. Alternatively, such things, again preferably annotated, could go into the "External Links" subpage and perhaps be a little less jarring than as they appear in the main article.

At this point, I would ask for community feedback.

Howard C. Berkowitz 10:24, 2 August 2008 (CDT)

The Schneier article you cite says "Further reading: The "Snake Oil" FAQ is an excellent source of information on questionable cryptographic products, and a good way to increase the sensitivity of your bullshit detector. Get your copy at: <http://www.interhack.net/people/cmcurtin/...>." It is on faqs.org and probably other places, but I chose to cite the primary site. I consider that an essential link. Sandy Harris 17:22, 3 August 2008 (CDT)

Again, what problem are you trying to solve? I don't find that FAQ written, or demonstrably reviewed, that it is obviously an authoritative reference. If there are key points being made, then perhaps it would be best to include them in this article, written in a more verifiable style. "Improving the sensitivity of B*llsh*t detectors" may be OK on Wikipedia, but the phrase runs into one of the stated CZ rules of "family friendliness". I tend to interpret that to mean that unless a profanity is utterly necessary to making a point -- as in a review of Clark Gable's exit line in the movie Gone with the Wind, we don't use it.

I have yet to see anything "essential" that is unique at that site and could not be worked into this article, although I am increasingly of the opinion that this article should not be free-standing, but integrated into cryptography. Please convince me, within the structure of articles on computer/communications security at Citizendium, that an article of criticism of cryptography should be a separate article, with a considerably different writing style, than the main article on cryptography. Howard C. Berkowitz 19:48, 3 August 2008 (CDT)

Keep article or merge into cryptography?

This term is not widely used in the industry. I suggest that the key concepts of misconceptions about cryptography, and specifically one-time pads, be merged into those articles, and this article be deleted.

Perhaps this article could be salvaged with considerably better sourcing and slightly more formal wording. Howard C. Berkowitz 11:02, 3 August 2008 (CDT)

Prose form and naming

Sandy, already, in my completely unexpert, uninformed opinion, this page looks quite useful and talks about something I just never really knew about. I don't think the article necessarily needs to be merged into the parent article (cryptography)--I'm a splitter, not a lumper, so if somebody wants to create a more specialized article, I say let 'em. But don't consider that my official opinion because I haven't looked at the details here. But if we do have a separate article, then there should be some info in the cryptography article about "snake oil," probably (together with a link).

I do have two broader editorial comments:

1. The article should be written in prose paragraphs, not in bullet-point form. The reasons and method of doing this are discussed/explained in some detail on CZ:Article Mechanics (at least, they are in the more detailed version, linked from the top of that page). I would like to point out that anyone may expand/adapt the current bullet-point format into prose paragraph format.
2. If the exact three-word name, "cryptographic snake oil," is not a term of art in cryptography, the article should be moved to another name. But even if it were just commonly used, it is also a term of oppobrium, and even if there is a universal opinion among expert cryptographers that what you call "snake oil" really deserves to be called "snake oil," it does not follow just from that that it is an appropriate name for an encyclopedia article. That would be a fine name for a magazine article, perhaps, but we would prefer something that is not so emotion-laden. The reason for this isn't quite neutrality. It's instead the same reason that we'd call an article Flat Earth hypothesis instead of Flat Earth silliness, even when virtually everyone thinks the Flat Earth hypothesis is completely silly. So, instead of "cryptographic snake oil," one could use something like ineffective cryptography products or fraudulent cryptography products or cryptography product criticism, or something like that.
   • Note: point #2 above assumes (note that it begins with a big "if") that "snake oil" is not a term of art. But doing a Google search, I see evidence that it is a term of art, and not just a term of opprobrium. See here for example: "The term we use for bad cryptography products is 'snake oil,' which was the turn-of-the-century American term for quack medicine." This (and other evidence) seems to indicate that cryptographers really do use "snake oil" as a term of art specific to cryptography. I leave it to you (all) to debate that. Now, if you do decide to keep "snake oil" in the title, then I think I would prefer that you use the encyclopedia article title that Wikipedia uses: "snake oil (cryptography)." This seems better to me because, when you include the adjective "cryptographic" before "snake oil," you seem to imply that the exact three-word phrase is the term of art that you are elaborating. But it isn't. The term of art you are elaborating is only "snake oil," as used in cryptography. Hence snake oil (cryptography).

By the way, thanks for rejoining us, Sandy! --Larry Sanger 12:37, 4 August 2008 (CDT)

Larry, I've posted a draft outline under cryptology, which is a proposal to put in some structure. I have several concerns about this article. This may be a mea culpa, but I wrote fear, uncertainty and doubt (FUD) as a very common practice in the communications and computer industry. Cryptographic snake oil, to me, is FUD as applied to cryptography.

If there is a consensus that warning people about crypto FUD is a good thing, the question is whether such warnings are relevant in other technologies, and, if so, the FUD factor should be a separate article, or a FUD/criticism/snake oil system in the main topic article, where it is more likely to be seen. Believe me, I can come up with a great number of FUD examples for router, virtual private network, and many more computer-related terms. In many of those cases, however, I'd be more prone to describe the FUD as a different substance, more like that which is emitted from the south end of a northbound snake.

Incidentally, it's much harder to do that for military articles, because what might be FUD elsewhere is deliberate psychological warfare, as long as it isn't being foisted on the citizens who pay for it. Howard C. Berkowitz 13:21, 4 August 2008 (CDT)

Howard--I think that a wiki grows more quickly and efficiently if people feel empowered to write about more or less whatever they want to, as long as the topic is encyclopedic, and the topic is not directly redundant with an article already in existence. Generally, I say that if Y is a subtopic of X, especially if it is a small enough subtopic, then even if the X article mentions Y, it's perfectly fine to have an article about Y. That's how the wiki web is built; it does not help but actually hinders progress to propose lengthy outlines for top-level articles and then expect everyone working in the area to add only to that article within that outline. With all due respect, I'm opposed to having detailed outlines on article pages themselves; this is presumptuous. Maybe someone with more time than you will want to work on the article and take it in a direction different from your outline. Better to have the outlines on the talk pages, in my opinion, let everyone work to their hearts' content, and then negotiate about how various articles and article sections should fit together.

It is perfectly fine to have a prominent warning about "crypto FUD" ("snake oil") in the cryptography article too--isn't it? It's not an either-or matter, it seems to me.

Well, when you say that "snake oil" is FUD, you could mean either that when people sell bad cryptography software, they are engaged in FUD, or you could mean that the use of the term "snake oil" itself is FUD. I believe you meant the former. You say, then, that you can find instances of abuse and FUD in all sorts of technical stuff, and of course I don't disbelieve you at all. But you conclude from that that there should be only one article about all these different kinds of FUD. I'll bite--why? Why not an article about the different kinds, but also individual articles about each different kind?

If I implied there is one kind of FUD, I'll need to correct that. No, my point is FUD is a sales technique in a great many technical fields. To take one at random, the devices that forward traffic in computer networks are, in some respects, called router and bridge. At one point, one company made some legitimate improvements to these products, but nothing that fundamentally transformed them. They chose to rename them "Layer 3 switch" and "Layer 2 switch", and then spread FUD with "switch when you can, route when you must". There remains a widespread misconception that there is any significant difference between an L3 switch and a router.

I have an excellent relationship with my primary physician, who isn't bothered by discussing drug choices at the molecular level, and where I initiate a suggestion for risk vs. benefit. Fairly recently, there was a considerable media frenzy about one of two drugs in the diabetic treatment class of TZDs. I had been on the one that had the original alerts, and done very well, although we decided that there were other reasons to change. When I last saw him, he gave me some handouts from two different drug company representatives, laughed, and said "you'll enjoy the FUD the two companies are throwing at one another."

My argument would be that any technology has risks, benefits, and often FUD. In many cases, a brief introduction belongs in the lead, which can then link. Howard C. Berkowitz 14:03, 4 August 2008 (CDT)

Remember: wikis are not paper. You are not limited by space considerations. The web tends to grow best when seeds are planted liberally around the conceptual soil. --Larry Sanger 13:51, 4 August 2008 (CDT)

I've rewritten much of it to paragraphs and added some citations. It could still stand improvement, but I think it is now mostly a decent article. Larry's suggested name change seems a fine idea to me. Any editors care to comment, or make the change?

"Snake oil" security products are a real problem, not FUD (nice article, by the way), and usually not cryptographers with NIH syndrome. However, someone spreading FUD about crypto might call other products snake oil. In fact, as one sign of snake oil the FAQ has subheading under "Warning signs" titled "Algorithm or product X is insecure" [3]. Sandy Harris 16:03, 4 August 2008 (CDT)

I don't know if it should be cryptology or cryptography in parentheses... --Larry Sanger 17:28, 4 August 2008 (CDT)

Cryptology is a superset of cryptography. Now, there's not universal agreement on this, but many experts consider cryptography something that is done to human-understandable messages. The pulse patterns of radars and lasers may go through encryption, which helps them resist jamming. While it's not all that likely that someone who is out to buy a radar with countermeasures against electronic countermeasures will fall for snake oil, I suppose that might be an argument for cryptology.

I can only say I've spent a few decades with cryptology of one form or another, and I had never seen this term before it appeared here. Maybe it's a problem for people buying "consumer" crypto, and I've just never had anyone pull it on me. I've heard crypto salesmen accused of FUD, but, most often, when I've been around such a salesdroid, the audience is apt to drip sarcastic cryptologic theory. Perhaps snake oil is idiomatic for one community? Howard C. Berkowitz 17:46, 4 August 2008 (CDT)

It is idiomatic to me. A Google search in the sci.crypt newsgroup turns up 2510 hits, about twice as many as the 1270 for "traffic analysis" which is certainly a standard term. A web search for it at eprint.iacr.org, an archive of (non-refereed) academic papers, gets 4 hits. Sandy Harris 18:34, 4 August 2008 (CDT)

I am willing to say that it might be idiomatic in sci.crypt, or a archive of, as you put it, non-refereed academic papers. That is significantly different than saying things along the lines of "all cryptologists".

Sandy, I appeal to you that there are multiple views of these topics. Other than for narrowly defined theory or for historical examples, I try not to make flat generalizations that I can't back up. Some things may be true within your experience. I'd have far less trouble with the statements if they had some qualifiers, rather than being made seemingly ex cathedra. Howard C. Berkowitz 18:59, 4 August 2008 (CDT)

OK, if I understand the issue here, it is very simple: should there be an article under the title "snake oil"? Also, if I understand Howard's reason for saying "no," it is that "snake oil" is used primarily online and has no currency among serious professional cryptographers. In fairness to Howard, I would say that this wouldn't be the first time that in online discussions and among amateurs or dilettantes, people had invented their own vocabulary for things, which relevant experts rarely or never use. This has happened, for example, in my experience in philosophy, talking to amateur philosophers online.

This strikes me as an objective question. Either the experts use the term, or they don't. What Howard appears to concede above is that it is used in "non-refereed" academic papers. Howard, do you agree that it is used by some credible cryptography experts? If so, then what's the problem? If not, then what could Sandy provide to you in terms of proof that it is used by credible cryptography experts? After all, we all have something to learn about our fields, and in cryptography it is not unbelievable that some additions to terminology might have originated on the Internet.

Let's try to resolve this in a clear and mutually agreeable fashion. I personally don't have a dog in the fight. --Larry Sanger 09:30, 6 August 2008 (CDT)

"General and specific comments. Take any technology where things get oversold, be it cars or video games or weight-loss diets. All of these get articles about the core topic (e.g., video games), and, in some cases, there are enough examples of bad buying experiences (may be U.S.-specific) that there certainly are books on "how to buy a car". The focus is on the neutral function of buying a car, and a successful book gives suggesting for avoiding snake oil (have the real dealer price in hand, ask for the "fleet manager" and make a best-and-final-offer, go through credit unions or other consumer-oriented groups that have audited relationships with car sellors).

Now, there is an immense amount of snake oil, FUD, fraud, etc., in the U.S. car sales industry. To me, there is still a value in having an article on "car sales", with subheads about things that protect the buyer, and warning signs from the seller.

In this case, what would seem most useful is an article on "selecting a cryptographic section." In doing so, with open source tools with a good reputation, there are still performance-vs-security tradeoffs about key length, key distribution, Kerckhoff's principle, etc. Part of this article could definitely include, in a "criticism" or 'warning" section, things characteristic of "snake oil". The article or articles focus neutrally on pros and cons of the subject, and use a compare-and-contrast style, especially when a given claim is not black and white. For example, "just as good as a one-time pad" is suspect, but if someone said "the source of keying is a BBS algorithm. Here are peer-reviewed citations that this technique, with disadvantages such as needing lots of computer time, is highly secure. There are cited proofs that while it is not as clearly unbreakable as one-time pad, the computational complexity (not just "it produces really big numbers of keys) makes it reasonably certain that it gives protection that is practically immune." I personally haven't decided if this is true of BBS, but I haven't spent days on the math, and there are some authoritative, reviewed, academic sources that say it is.

The choices for high security include a modern implementation of one time pad, a very strong key generator, both of which have real issues of getting the secure keys to the end users. Here and in one-time pad (OTP), it has been said that's it's totally impractical, which simply is not true — even manual, and certainly a careful guarded key on CD-ROM and the like, are useful in niche applications. It remains the standard for short espionage messages when a cryptomachine may be hard to hide. At least originally, and as far as I know today, the Moscow-Washington "hot line" is a niche application where OTP makes sense. It is true that high-security methods exist that do not claim to be "as good as a OTP" or "a generated OTP", exist and are used on networks vetted by experts. Rather than a polemic alone, I'd like to see comments on how to recognize a high-security technique, and the equally important operational techniques on keeping it secure.

If there is are valuable yet informal "BS detector" polemics, they may be perfectly appropriate in a signed article subpage. Coming back to the main subject, it's one thing to have an article of pure criticism, and even unsourced polemics, about something experts agree is pseudoscience, such as the flat earth theory. In a case such as this, a compare-and-contrast discussion of strengths and weaknesses, and indeed warning signs of likely fraud as well as careful substantiation, makes more sense. Have the key issues of snake oil as a subhead, along with subheads on how the method of use can make a strong cryptosystem useless. Have a redirect to the main compare-and-contrast article that uses the term that's characteristic of one online community, but try for a neutral title.

Howard C. Berkowitz 11:07, 6 August 2008 (CDT)

References

1. ↑ Anderson, Ross (2001), Security Engineering: A Guide to Building Secure Distributed Systems, Wiley
2. ↑ Schneier, Bruce (15 February 1999), Crypto-Gram Newsletter
3. ↑ Kahn, David (Second Edition, 1996), Chapter 21: Heterogeneous Impulses, The Codebreakers: the Story of Secret Writing, Scribners p. 763 ff.
4. ↑ Weinberg, Gerald M. (Silver anniversary edition, 1998), The Psychology of Computer Programming, Dorset House

Maybe a good laugh will help...

Some years ago, IBM's computer networks conformed to their proprietary Systems Network Architecture, usually known as an abbreviation. A colleague observed that someone might be trying to suggest its use was sinful -- after all, what were the first three letters of the being, in the Garden of Eden, who misled Eve & Adam?

Right. Probably a source of oil as well. :=)

Howard C. Berkowitz 14:37, 4 August 2008 (CDT)