Academic vs. commercial cryptographers

Luther Martin has a post on the difference between academic andcommercial cryptographers. You should read the whole thing, but I wanted to add my $.02 on this part:

I don’t have any firsthand experience with this, but I’ve heard stories of how people in the academic world who try to approach cryptography from the point of view of commercial cryptographers also encounter problems. The places where they work typically put more value on inventing new things, so practical implementations are often considered not as good as less practical, yet new, inventions.

I do have some firsthand experience with this. And Luther’s basically right.

I’m fortunate to have a foot in both the commercial and academic worlds. On the one hand, this means that I get to spend my days working with real products, which is fascinating because, well, it’s fascinating. And it’s relevant.

Unfortunately, from a technological point of view, commercial crypto doesn’t exactly set the world on fire. Once in a while you get to work with a company which is doing something interesting, like Voltage or PGP. But for the most part you’re playing with the same basic set of tools.

Therefore, when I have a chance to do research, I tend to gravitate to the purely academic. This includes protocols that enhance user privacy — stuff like this.

I will cheerfully admit that there’s about a 1% chance that any of my academic work will be deployed in this decade. And I’m ok with that! I enjoy solving problems, and I like that in crypto research, at least, we’re not slaves to the immediate practical.

But maybe as academics, we take this too far.

I advise some grad students, and one of my sad duties is to inculcate them with this understanding: you can do whatever you want in your career, but if you want to get published, the absolute worst thing is be too practical. Don’t kill yourself implementing some cryptosystem that’s practical and deployable, unless there’s something extremely sexy and new in it. And if that’s the case, try not to waste all that time implementing it in the first place! The reviewers (mostly) don’t care.

This is problematic, since in my opinion there’s a huge gap between commercial work and academic crypto. This includes a big category of technologies that we need in order to make (secure) crypto easier to deploy. But none of the incentives are there to support this kind of research.

Despite this, I’m trying to shift some of my work in that direction. This means a whole lot of time-consuming work writing tools like this one. Building this kind of tool is a pre-requisite to doing real research. Unfortunately it requires a lot of scut work, and that’s not going to get anyone a ton of sexy research publications. Still someone needs to do it.

I’m not really sure what to do about this, and I sure hope it changes at some point.

2 thoughts on “Academic vs. commercial cryptographers

  1. Such a great post Matthew! I’m just recently reading all of your posts, and this one has been particularly interesting.

    You mentioned that “I’m fortunate to have a foot in both the commercial and academic worlds”. Indeed, you’re fortunate! I’m a grad student involved in Cryptography and accordingly to what I’ve seen so far, people are either on the academical or on the practical side of cryptography, they’re rarely on both.

    My background is on Mathematics, which comes in handy when dealing with “academical” crypto (and also post-quantum, which is even more academical), but it has been really hard for me to get a grasp on how Crypto really works today, in the real world. I’ve noticed it’s easier for people that come from Computer Science or related fields to be involved with academical crypto than for us, the people from Mathematics or related fields, to get involved with the practical aspects of crypto. Unfortunately, judging from publications found out there and the researchers I’ve interacted with, it seems you can live all your life as a (academical) cryptographer without even knowing which primitive is used today (and exactly how), but when you’re not willing to do this things become difficult!

    May I ask you, what is your background Matthew? how did you become involved in both aspects of cryptography? I will be always working towards that direction, but maybe it’s my destiny to be in the theoretical side of the wall (just kidding, I’m just saying it’s hard to learn it, there’s no better method than reading a lot of stuff like cryptoengineering blogs for instance -is it?)

Comments are closed.