Score:2

# Is finding an encryption (or hash) algorithm science, or is it art?

I'm not into cryptography, but I read a bit about it. I wonder:

AFAIK all encryption (decryption) and hashing routines are built using some very primitive functions (let's name them "atoms" for now) with specific properties.

As the set of atoms is probably rather small, a suitable algorithm consists of "combining" such "atoms" to (let's name them) "molecules" in a way that produces "suitable" molecules. Maybe there are also additional "glue" functions that are used to combine "atoms" to "molecules", but for simplicity, let's assume there is just one set of "atoms".

Now I wonder: Is building arbitrarily large "suitable molecules" a science, or is it an art?

I mean: If it's science, is there an algorithm to build arbitrarily large "suitable molecules" from a given set of "atoms" (and "glue")? Such an algorithm would also find out if it's not possible, of course.

However, if it's an art, there is some genius needed who provides a "molecule" (using "atoms" and "glue"), claiming (until proven otherwise) that it has the properties demanded.

Currently, it seems to be an art; otherwise, it would be so easy to construct better and safe algorithms, right?

(I'm not sure whether I should have replaced "science" with "mathematics" in this question, because "science" may also include some "intuitive" components, that mathematical solutions do not need)

I also wonder whether the strength of a cryptographic algorithm has to do with the fact (I think) that there is no reasonable (means: not "trial and error") algorithm to build arbitrarily strong algorithms automatically. Would such an algorithm (if it existed) mean that breaking such functions is just as easy? If not, what part of the maths make the difference?

This should be on [Philosophy.SE]
However I doubt that they know how cryptographic algorithms are built.
As it now stands, _the question is likely to be answered with opinions rather than facts (…)_, a standard reason to close it. Perhaps this could be improved if a criteria to distinguish "science/mathematics" from "art" was [added](https://crypto.stackexchange.com/posts/104158/edit). Ideally, the modified question should have a clear-cut answer if we replace "encryption (or hash) algorithm" by other things, like "CPU", "engine", "bridge".
Perhaps it would be interesting for you to consider that it is practically impossible to prove that any *practical* encryption algorithm is secure. Then perhaps one can say that the *criteria* by which we choose to design the practical algorithms are necessarily a form of art: they have to walk a tight rope between mathematical rigor and practicality. This by no means answers your question, but perhaps recasts the question in a new light, namely the "art" may be found in how we convince ourselves that the algorithms are secure "enough" without ever being able to prove it.
Humans try to understand the universe by simplifying it, for instance by grouping things and defining boundaries. However, I strongly suggest you are trying to overdo it. You could look up the dictionary definitions of art and science, but I'm pretty sure something can be both. I mean, a building is also made from "atoms", so a building cannot be art? And that's taking that very weird definition of "science" that you are using by face value.
@MaartenBodewes It's also interesting that etymologically 'art' just means 'skill' :)
Score:6

Without getting into the weeds of "is modern cryptography art or science", one can pretty conclusively say that classical cryptography was an art, and was not particularly secure. The history of cryptosystems people might still consider secure goes back to the 1930s at the earliest, despite hundreds of years of previous military interest in cryptography.

This is to say that the design of cryptosystems is definitely more scientific than the previous design of cryptosystems, and our cryptosystems now are more secure.

OTPs were/are pretty secure though, no?
OTP was by Shannon, in the 40s, and is a prime example of the difference between modern (mathematical) cryptography and classical cryptography.
I was referring to your 1st sentence: _"and was not particularly secure."_ :-)
yes, but OTP occurred after the 30s, when the mathematization/"scientific" approach to cryptography began
I was referring to your 1st sentence: "and was not particularly secure." And now in the Enlightenment/NSA era OTPs are insecure?
if you would like to use the insecure cryptography deployed on this website to take control of my account and have me post an opinion agreeing with you, go ahead. otherwise, I will continue to have my own opinions.
Score:3

Is building arbitrarily large "suitable molecules"...

This analogy is wrong. In chemistry, large molecules may have new important properties and building large molecules may be desired.

But in cryptography adding more complexity is usually a disadvantage, because it takes more resources without giving any positive effects. In many cases, the cryptography tries to solve a very different problem: How to reach the desired quality with as little resources (CPU, memory) as possible? In your wording it would be how to build as simple molecules as possible.

It is more science than the art. For instance, the strength of RSA and ECC has a solid mathematical base. Also many kinds of attacks require a solid mathematical knowledge in the first place. Even to benefit from side channel leaks, one needs again a solid mathematical knowledge.

Score:1

The design of cryptographic mechanisms is a science: what makes a cryptographic mechanism good is its resistance to attacks, not its aesthetics.

I mean: If it's science, is there an algorithm to build arbitrarily large "suitable molecules" from a given set of "atoms" (and "glue")? Such an algorithm would also find out if it's not possible, of course.

This does not follow from any modern definition of “science”. Science means that there are rules, not that we know them.

However, if it's an art, there is some genius needed who provides a "molecule" (using "atoms" and "glue"), claiming (until proven otherwise) that it has the properties demanded.

That's one possible sense of the word “art”, but not the usual one. “Art” in the modern sense implies that there's no single right answer. And the security of cryptographic primitives does have answers, we just don't know them for sure.

I think the distinction you're trying to make is between a theoretical science and an experimental science. Cryptography is both (as are physics, biology, etc.). One can design a cryptographic mechanism as a pure theory. But what makes it recognized as good is that other people fail to break it, and that's a form of experimental validation.

But usually there is little mystery in "scientific solutions"; in contrast (just for example) there seems to be a lot of mystery in the design of DES' S-boxes (from what I've heard). So the strength seems to lie in the S-boxes, but the design is not (AFAIK) scientifically explained.
@U.Windl It absolutely _is_ scientifically explained, it just wasn't explained to the public. However, we now know about differential cryptanalysis, and many of the design decisions behind the DES S-box make sense in retrospect. Also, the strength lies in every component of a cipher. The strength no more lies in the S-boxes than the speed of a race car lies in the wheels (or engine, or suspension...).
Score:-2

It's art in the first place I suggest. Otherwise how can you think of anything new?

Somebody mentioned a comparison with buildings. Sagrada Família was not born of numbers nor abaci. It was born of love for architecture, nature, and religion. Now to be sure it's being completed (any day) by engineers using 3D modelling.

Keccak was not created by an incremental change to SHA2. Some other competitors were though and just re-hashed (get it?) the old Merkle-Damgård construct. It took creative inspiration to think of a spongy cube where bits are mangled, merged and then squeezed out. I also posit that a significant part of it's winning fortune was the imagery in the submission. The piccies are great. They could have been rubbish ASCII graphics like seen in RFCs. Piccies are art. Then some cryptography was applied.

Encryption algorithms used to get more and more complex. Lucifer -> DES -> AES -> post quantum. Then someone had the inspiration to think; what if we made something simpler with more rounds? What if we just add, rotate and xor? That didn't come from a text book. Given Speck's philosophy and 34 rounds, it shouldn't be hard for many people to conceive even simpler architectures given a thousand rounds. It may take some engineers to make that design secure with less than a thousand though.

Richard Wollheim suggests that the above can be squared by the idea that art cannot be defined without consideration of it's particular environment. I believe that to be true. But I also maintain that fundamental ideation is art first, to be followed by technical realisation.

I think you raise some important points: Even artists need tools, and they have to know how the tools work, and how they can be used. But (let's take a painter or a photographer) just "applying" the tools does not create an artwork (IMHO). Art has to create something new with the tools that are already there (OK something is also considered art when new tools are used for the first time). Interestingly art and cryptography seem to have something in common: Seeing some great artwork makes most people say that it's great, but very little can explain why. Same for strong cryptographic functions.
Paul, incremental and clever modifications are not art. This answer is incorrect. Cryptography is not primarily about gut feelings or intuition. It's about cold, hard numbers. And ARX as the building blocks for ciphers is quite old. It's just that it was understudied until recently (due to how much work has already been put into cryptanalysis of traditional SPN networks).
@U.Windl Seeing "great cryptographic functions" don't make most people say it's great without being able to explain why. Cryptographic functions are only great if they serve their purpose, and the only people who are able to evaluate that are cryptographers. That is what makes it so vastly different from art. For example, I thought SIDH was beautiful. It was an elegant post-quantum drop-in replacement for finite-field DH. Well, it turns out it can be broken in hours on a very old laptop... So much for that.
@U.Windl Thanks. _"but very little can explain why."_ That's the purpose of art. To promote a response. Have a look at The Raft of the Medusa, https://upload.wikimedia.org/wikipedia/commons/1/15/JEAN_LOUIS_TH%C3%89ODORE_G%C3%89RICAULT_-_La_Balsa_de_la_Medusa_%28Museo_del_Louvre%2C_1818-19%29.jpg , especially when you find out that it's a real event and those people are modeled on cadavers. As in lanes and slices in Keccak, but not quite as powerful :-)
I sit in a Tesla and translated this thread with Ai: