

Is cryptography engineering or science? - cperciva
http://www.schneier.com/blog/archives/2013/07/is_cryptography.html

======
CapitalistCartr
Talking about the implementation as if the mathematics of it were the only
consideration is silly at best, and mostly dangerous. Tptacek is completely
right: "proven safe" components are not a magic bullet. Until the actual
software, in the field, is proven reliable, its not.

~~~
Someone
Proving an implementation reliable, IMO, is impossible. We can only check them
against known attacks, and surprising new attacks pop up every now and then.
In the extreme, we cannot know about new physics before it is discovered (a
dark matter reciever might be able to peek at encryption keys from miles away.
If it did, our idea about how the universe works would change enormously, but
it is not something we can rule out)

So, I think one can only prove the mathematics safe and there, AFAIK, we are
far from any solid result. This article mentions "AES is known to be immune to
differential cryptanalysis", but again, that is a proof for a known attack. In
a related field, we don't even know whether one-way functions exist. In the
end, there might be a result that shows that cryptanalysis can't be
exponentially harder than encryption (unlikely, but AFAIK, not disproved)

------
bobowzki
Theory; science. Implementation; engineering.

That's how I think about it...

