The speed of science: two case studies
Posted by: djb
Date: 15 June 2013 20:31
Nigel Smart was quite clear at Eurocrypt in advertising the Proceedings of the IACR as fixing our "High review load". Well, gee, sounds great, but how come the IACR Board seems unable to explain to the rest of us _how_ this reduction in review load is supposed to happen?
Nigel doesn't answer the question but says he's putting together "a more detailed proposal". Christian Cachin says that there "could" be a one-year "ban on resubmission" but he fails to define "resubmission". Ivan Damgård (not on the current IACR Board) says "Claiming you added something substantial in two weeks is probably bogus anyway."
Let's think about this "two weeks" figure for a moment.
Case study 1: DBLP for "Ivan Damgård" finds 7 conference papers in 2012 (Crypto, CT-RSA, ICITS, PKC, SCN, SCN, TCC), not to mention 7 eprint papers the same year. That's a throughput of one conference paper every 7.4 weeks. How can Ivan claim that 2 weeks isn't enough time for a "substantial" improvement to a paper, if he spends a _total_ of only 7.4 weeks per successful conference paper?
Furthermore, surely Ivan would agree that some papers are easier to write than others, and also that he's not spending all of his time on paper-writing---if he really focuses on a paper then he can probably get it done much more quickly. Is it really so hard to believe that an author has done "something substantial in two weeks"?
Of course, it's actually Ivan plus coauthors, and increased use of the Internet is in general making it easier and easier to have many coauthors, which makes it even easier to believe that a research team is doing something very quickly. How can anyone imagine that a knee-jerk time-based response could substitute for a proper scientific evaluation?
Case study 2: Let's look at what happened to one of those eprint papers, 2012/699, in which Ivan proposed a specific "practical" LPN-based cryptosystem. A few days later I pointed out publicly that this specific proposal failed to account for the attack in 2012/355, a paper at RFIDsec 2012. Of course, RFIDsec isn't a top-tier IACR conference, but surely Ivan will agree that 2012/355---forcing changes in the parameters and "practicality" of his paper 2012/699---was worthy of publication.
Here's how 2012/355 evolved. An LPN-related system "Lapin" was presented at FSE 2012 the morning of 21 March 2012. Tanja Lange and I were in the audience, were both immediately skeptical of the security of the system, and started investigating attacks. We had our attack paper ready for the RFIDsec submission deadline on 31 March 2012, and had it in essentially final form by 5 April 2012---two weeks and one day after the FSE talk. We prioritized other tasks at that point, and didn't end up doing the last few days of work to post the paper until June 2012, but with some slight rescheduling we would have had the complete paper online two weeks after we started.
I'm sure that Ivan, and many hundreds of other people here, can think of similarly efficient paper-writing examples from their own experience. So why do we have Ivan saying "two weeks is probably bogus anyway" for a mere revision? And how can Christian possibly think that a one-year ban is even marginally reasonable?