
The Philosophy of Computational Complexity - matt_d
https://ristret.com/s/qk8wpt/philosophy_computational_complexity
======
Eridrus
I'm still with Feinmann here.

If we somehow got a constructive proof that was useful, in anything less than
Polynomia, it would probably have the effects being discussed.

But if the proof is not constructive, and doesn't really shed any light on how
to concretely attack real cryptosystems, then it basically doesn't matter
because it's still basically dependent on whether anyone can come up with a
groundbreaking advance and keep it secret.

I think it also over-estimates the value of unbreakable crypto over
unbreakable by your average criminal organization crypto. While we have good
crypto, our computing systems are woefully insecure, and you can't have
meaningful secrecy if your client is hacked, and yet we're largely doing fine.
We have breaches and outbreaks, but they're nowhere near so bad that we're
rethinking this whole tech thing. So if we can keep crypto to the level of
breakage we have now with security, well, we're no worse off than we are
today.

And practically, I think we'd be far better off than compared to today's
security where we have tonnes of monthly patches by every vendor.

I think the difficulty of creating cryptosystems is a bit exaggerated in this
piece; I think we haven't seen much diversity in the past, because diversity
was bad for public cryptanalysis, but there are six different approaches
listed on the wiki for post-quantum crypto:
[https://en.wikipedia.org/wiki/Post-
quantum_cryptography#Algo...](https://en.wikipedia.org/wiki/Post-
quantum_cryptography#Algorithms)

One of which is pure-symmetric crypto infrastructure.

It was certainly interesting reading about the different worlds we could be
in, and knowing this would be worthwhile, but I don't really feel like the
pure knowledge of what world we live in by itself would have much impact.

~~~
throwawaymath
_> I think the difficulty of creating cryptosystems is a bit exaggerated in
this piece; I think we haven't seen much diversity in the past, because
diversity was bad for public cryptanalysis, but there are six different
approaches listed on the wiki for post-quantum crypto_

The difficulty is not really exaggerated, and diversity is still bad for
public cryptanalysis. The main approaches of post-quantum cryptography utilize
very advanced mathematics _and_ very different algebraic structure. We can use
basic probability theory and game theory for basic modeling, but it's very
hard for us to compare and contrast relative security for algorithms variously
built over polynomial rings, modules, Galois groups, lattices, supersingular
elliptic curves and error correcting codes. There is some linear algebra
featured in all of this, but very few people are sufficiently well trained in
all of these mathematics to consider them on equal footing.

Researchers don't like this diversity. It's hard to competently analyze the
advantages and disadvantages of systems with wildly different mathematical
underpinnings, and you have to keep up with a lot of new material just to stay
competitive. In contrast the literature for hashes, block ciphers and stream
ciphers is relatively sane and unified; and at least for classical public-key
cryptography you only really have to wade into number theory. The result is
that the research landscape of post-quantum cryptography is pretty fractured
into tribes of mathematical lineage.

~~~
Eridrus
I'm not saying diversity is good, I'm saying that the community's preference
for a single strand of work does a lot to explain why real crypto systems are
based on a very small number of problems.

But, if these problems were found to have solutions that resulted in practical
attacks, I don't think we would have as much difficulty finding a new problem
to hang crypto on. Or at least not as hard as this article makes out by
suggesting there are only 2 mathematical problems underpinning all of public
key crypto.

------
Sharlin
See also this fascinating paper by Scott Aaronson [1].

[1] Aaronson, Scott. Why Philosophers Should Care About Computer Science.
[https://www.scottaaronson.com/papers/philos.pdf](https://www.scottaaronson.com/papers/philos.pdf)

~~~
ttctciyf
That is linked in the article, where it says:

> First, computational complexity is not well-understood outside of computer
> science, and this is a pity. Philosophers in particular should pay more
> attention to computational complexity!

~~~
Sharlin
Thanks, somehow I totally missed that link.

------
feynmanistheman
Fascinating stuff. Wonder if one could decisively prove that the world matches
one of Impagliazzo's possibilities if and when P != NP is proved. Question for
another time, I guess, but important nonetheless.

------
AlexCoventry
> I'll bet you twenty one million bitcoin that we live in Cryptomania or
> Minicrypt!

It doesn't count if it's your own fork...

Great post. I never saw much point in the question, before. I'm still
skeptical, but at least it gives a plausible scenario.

------
hinkley
> an appeal to that favorite jackass of armchair physicists, Richard Feynman:

I’m not sure quite how to parse that. Especially coming from what appears to
be an armchair physicist.

------
tranchms
The most meta philosophical analysis I’ve ever read. Like wow.

