
The History of Alice and Bob - quinndupont
http://cryptocouple.com/
======
_d4bj
>In the history of cryptology, women tend to be either systematically excluded
or reduced to objects.

This is probably true, but cryptography/theoretical computer science might be
one area where women have better representation than in other subfields of
hard sciences.

[https://en.wikipedia.org/wiki/Shafi_Goldwasser](https://en.wikipedia.org/wiki/Shafi_Goldwasser),
who invented a huge portion of modern crypto (zero-knowledge, set lower bound,
doubly-efficient proofs, etc.)

[https://en.wikipedia.org/wiki/Irit_Dinur](https://en.wikipedia.org/wiki/Irit_Dinur),
who basically invented property testing as well as a novel proof of the PCP
theorem that wasn't hundreds of pages long

[http://www.cs.utexas.edu/~danama/](http://www.cs.utexas.edu/~danama/), also
known for her work on the PCP theorem (wife of Scott Aaronson)

[http://elaineshi.com/](http://elaineshi.com/), several papers on making ORAM
and secure multiparty computation practical

Probably notable that the first three listed are all from/at the Weizmann
Institute in Israel.

~~~
tptacek
Anecdotally, crypto conferences have noticeably more women than other areas of
computer science.

From the data, women are better represented in virtually all fields of
science, from molecular biology to astronomy to pure mathematics, than they
are in computer science. Computer science and physics are the two worst STEM
fields for gender parity.

My guess (that's all it is) is that cryptography is an intersection between CS
and mathematics, and the mathematics draws more women into the field.

~~~
JoachimSchipper
My personal impression is that you're right: there's quite a lot of women
cryptographers (thinking of "attendees of crypto conferences", but of "top
figures in the field"), but these women are disproportionally from a
mathematics background.

------
cocktailpeanuts
They used to say "Sex sells", but in 2017 it's "Sexism sells" (or "Diversity
sells").

This is a perfectly well-written article with great content, but I don't know
why the author has to bring up sexism etc.

If we didn't have "Alice and Bob" and instead had "Albert and Bob", the trolls
would say "oh look at this there's no diversity! they are oppressing people by
getting rid of female names from examples!".

But we DO have "Alice and Bob". Alice even comes BEFORE Bob. But look at how
people make up sexism stories about how this is an "oppression", and Alice and
Bob are a couple.

I have never thought of Alice and Bob as a couple. Maybe it's your sick mind
who want to monetize sexism, that came up with that imagination.

~~~
graphitezepp
The idea of "Sexism sells" is probably a concise explanation of why the whole
modern SJW (for lack of a better term) thing bothers me despite the fact I
agree with what they are saying for the most part.

~~~
cocktailpeanuts
It's not just about social justice warriors IMO, it happens everywhere you can
translate politically correctness into money.

I would even go further to say social justice warriors are rather cute because
all they have to gain is 15 minutes of fame. What's really dangerous is the
mainstream media, because they have a lot to gain from using this theme to
bring down entities. A lot of controversy => A lot of page views => A lot of
ad revenue. And they are desperate for more ad revenue as content becomes more
and more commoditized.

There's a serious conflict of interest. While these clueless public bash on
other people for being "politically incorrect" after reading these
intentionally provocative articles, they don't realize that from media's point
of view they're nothing more than vegetable being farmed. This is why I have
no sympathy for the dying media companies.

------
Ar-Curunir
The article's thesis might or might not be true (I don't think it is in the
field of cryptography), but the article certain it doesn't provide anywhere
near enough evidence to conclude that the trope of "Alice and Bob" is used to
oppress people.

The article cites one presentation that a single researcher used as evidence
that Alice and Bob are viewed as a couple, but I've seen enough crypto
presentations to assert that most researchers don't view Alice and Bob as a
couple in any way (in fact, many crypto presentations use Bob the builder and
Lewis Carroll's Alice to represent Alice and Bob, and they certainly don't
make a couple).

~~~
amelius
I'm curious what character is typically used for eavesdropper Charles.

~~~
stock_toaster
I thought Eve was the eavesdropper.

~~~
dullgiulio
She is. Maybe the parent wonders why A, B is not followed by C. E could stand
for eavesdropper or just evil.

~~~
amelius
And who is the man in the middle?

~~~
CameronBanga
Mallory, the malicious man in the middle.

~~~
m-watson
Aw, you beat me to it. I had a meeting to run to and didn't respond. But
adding to that there is a whole wiki (of course there is) about this.
[https://en.wikipedia.org/wiki/Alice_and_Bob](https://en.wikipedia.org/wiki/Alice_and_Bob)

------
jgrahamc
I remember meeting Bob Morris from NSA back in 1990. He was with his wife. I
was bitterly disappointed that she was Anne and not Alice, but at least we got
to play croquet.

------
dullgiulio
I am not too happy with the timeline of the article. It seems to conflate RSA
and DH exchanges, which are foundamentally different, although can (and are)
used together.

If one doesn't know this already, it seems to imply that DH exchange led to
inventing RSA... Mathematically and also practically they are independent.

Edit: To clairfy further: RSA and DH exchanges are not even that commonly used
together as they serve two different purposes.

With RSA you have a key-pair (public and private) and you can write something
with someone's public key that only the owner of a private key can read. This
is called asymmetric encryption.

With a DH exchange you can establish a shared secred (usually, a shared key)
on an untrusted channel without needing any previously shared data. The shared
key can then be used to encypt further communication with symmetric encyption.

~~~
tptacek
The most important and widely used cryptosystem on the Internet uses them
together: DH to derive a key, RSA to sign the DH parameters.

------
taneq
I find it weird that 'heteronormative' is now lumped in with 'sexist' when a
hetero world view is literally 'normal' (as in, held by a significant
majority).

~~~
lstyls
By definition, "normative" means there exists an imperative to conform to the
majority condition.

[https://en.m.wikipedia.org/wiki/Normative](https://en.m.wikipedia.org/wiki/Normative)

~~~
taneq
Huh, I didn't realise it had that connotation. Although I feel better about
having missed its meaning, given:

> Normative is sometimes also used, somewhat confusingly, to mean relating to
> a descriptive standard: doing what is normally done or what most others are
> expected to do in practice. In this sense a norm is not evaluative, a basis
> for judging behavior or outcomes; it is simply a fact or observation about
> behavior or outcomes, without judgment.

------
kelnage
Shame the article doesn't mention [1] - a relatively recent piece from a
leading cryptographer, which contends that the use of Alice and Bob
(especially with the usual caricatures) makes light of the impact of
cryptographic vulnerabilities, and in doing so, makes them less obviously
important. I'm not sure whether I fully agree with that viewpoint, but it does
seem like an important question to discuss.

[1]
[http://web.cs.ucdavis.edu/~rogaway/papers/moral.pdf](http://web.cs.ucdavis.edu/~rogaway/papers/moral.pdf)

~~~
quinndupont
Author here: I've never enjoyed the basic premise of the Rogaway article, but
that would require its own engagement to properly discuss. That said, I had
forgotten about his engagement with Alice and Bob, so I ought to include it.
His argument against cutesiness, however, misses the deeper political point,
and unfortunately comes off as politically superficial.

~~~
tptacek
That's surprising. What do you perceive to be the basic premise of the Rogaway
article? It's certainly not about cutesiness. "Politically superficial" is not
how I'd choose to describe it.

~~~
quinndupont
If I recall the gist of the Rogaway article, from memory, (again, it's an
important enough article that it really does merit serious attention):

he argues 1) cryptographers (and computer scientists in general) should be
more political (good!), 2) cryptography needs a new framing (good!), 3)
privacy and exception from government search is an unalloyed right (not so
good), 4) better crypto will solve privacy issues (not so good).

In sum, the article does a lot of good work, and more than anything, it
contains some important and refreshing rethinking of the field of crypto. This
is all very important. Nonetheless, it ends up taking for granted a number of
political positions that should, I think, _also_ be contested (Rogaway takes
the first step!). More crypto does not equal a better world.

~~~
tptacek
Also from memory, but I recall the biggest takeaway from that article being
that cryptographers should be mindful that the direction the research
community pulls the field to is not necessarily congruent with the public
interest. The field of cryptography is fascinated with tricky hard problems,
but some of those problems may be more useful to those who would harm privacy
than to those who would protect it. So, for instance, if we stipulate an
actively hostile signals intelligence community and a polity that is being
pushed towards weakening end-to-end crypto, we ought not to be spending much
research time making key escrow more effective, which we might accidentally be
doing.

I don't think "Alice" and "Bob" have really much to do with it.

------
bluedino
Didn't Alice and Bob have a hardware column in Computer Shopper in the old
days?

------
macygray
I've created a pretty nice combination of these names. "trevalmabo"
(Trent,Eve,Alice,Mallory,Bob) - it reads "trust eavesdropping on man in the
middle"

