Only successful cryptanalytic attacks (perhaps on weakened systems) get published. No one publishes attacks that were tried but went no where.
Yet negative results are useful, to show that a given cryptosystem withstood the attack, the human effort spent on it. If you encounter a cryptosystem with no published successful attacks against it, is it because it is very good, or simply no one has tried? Negative results also guide future researchers from wasting their time in the same way.
A dysfunctional scientific culture of not publishing negative results is variously called the decline effect and cargo-cult science.
No comments :
Post a Comment