In general, that article seems to be referring to the "Another Look At..." line of work. Many of the papers are collated on this website.
There are a number of "controversies" you could to attempt to summarize.
The main thrust against the notion of "provable security" is that it oversells what it delivers --- provably secure schemes can be attacked for a variety of reasons. A brief summary of the reasons are:
- The scheme is secure under reduction to some hard problem. This hard problem is esoteric and not studied much, and is in fact easy
- There is a bug in the (claimed) proof
- The proof is done in an unrealistic model, and one can still attack the scheme in practice
- The reduction is "non-tight", and does not meaningfully apply for practical parameters that people use.
There are some more esoteric complaints as well (the role of non-uniformity in cryptographic proofs, for example), but the above are at least the "main complaints" with provable security that I tend to hear, and I view as fundamentally valid complaints.
What is the substitution for the provable-security? Is not it sufficient? I think AES does not follow provable cryptography style, am I right?
In general, the substitution is to be more precise in the claims of security made. With the exception of the 2nd point above, all of the above points show something about an underlying scheme. Provided one precisely describes what is being shown, there is not an issue of "overselling" a result.
Which is the accepted/preferred view in the Cryptography community?
Provable security is still the standard setting in cryptography, although since ~1 decade ago arguably the field has collected around more "standard" assumptions (which is good due to the first point in the above list).
Why did it started in the first place, Is not proof something desirable?
A proof is only as useful as the statement being proved, which is essentially the source of the arguments against provable security.
What are the achievements of provable cryptography?
This is really too large to discuss, and highly depends on what one means by "provable cryptography".
At a minimum, provable cryptography tends to tell you that what you are trying to do is not fundamentally flawed.
For example
The worst-case to average case reductions in lattice cryptography tell you that the LWE problem is in a certain sense the "right" average-case distribution to sample hard instances from. Note that these reductions are in a certain sense an example of "bad provable cryptography", as practitioners often do not use parameters that make the reductions valid, and the reductions are not particularly tight. Fully discussing this would take more space though.
Similarly in the realm of lattices, lattice-based signatures were quite difficult to construct initially (they often leaked the secret key), until a paper that made a rather intricate rejection sampling argument. It seems like it would have been difficult to find this rejection sampling argument without pursuing a proof --- incidentally, these signatures have not meaningfully been attacked.
Of course, often authors talk about certain things being "proof artifacts", which typically mean modifications that are made to make a proof go through, but besides that do not obviously seem necessary for security. This can often make schemes less efficient, so the "intricate changes to make proofs go through" can be negative as well.
Where to start cryptography study/research given these controversies?
For the most part, you can ignore the controversies. While there are some useful takeaways (in particular with treating the concrete security of schemes that are going to be concretely deployed), they are of a technical nature that I would not thrust in the face of a beginner to cryptography research.