Improve description of "simple-cipher" and give perspective (for others as well)

I was doing the “Simple cipher” exercise in Rust today, and thought the description could use some improvement.

One thing led to another, and I ended up creating a PR that:

  • improves the description of “simpler-cipher” by giving non-trivial examples of the Vigenere and naming it;
  • improves the last section by making it clear that this and crypto-square is all toy/historical and giving pointers to modern crypto;
  • adds a “perspective” section to other exercises about toy ciphers, with references to other exercises and to a modern cipher.

Please take a look!

Before anyone gives any PR feedback, we may want to wait for @iHiD to weigh in on whether this sort of content is something he wants to see in the exercise descriptions :slightly_smiling_face:

Sure, and I’m happy to withdraw (or strip down) the last commit if it’s too much.

What triggered it is that “Simple cipher” already had a discussion of strength and “going further” but parts of it where misleading:

  1. The toy cipher from crypto-square is not stronger than the Vigenere, quite the opposite.
  2. The paragraph “to go further” suggests that with crypto-square we’ve solved the problem of ciphers, and now we can move on to the next problem (key distribution). Further, it implies that the Vigenere / crypto-square play in the same category as Diffie-Hellman, which is not the case: the former are toy/historical crypto and breaking them are classic exercises; the later is actual crypto that, when used properly, resists state actors.

If we don’t want to delve too much into crypto, we should at least avoid misleading comments.

I understand this is slightly off-topic, and we may want to keep the off-topic section small. Suggestion of what a stripped down “perspective” section could look like:

This cipher is weak because it’s too easy for an attacker to try all possible keys. It is an example of a substitution cipher. While substitution ciphers are not secure on their own, substitution is one of the building blocks of modern ciphers like AES.

Variants:

  • too easy to try all keys → there is no key / vulnerable to frequency analysis;
  • substitution → transposition.

Then in “Simple cipher” we would remove the pre-existing reference to Diffie-Hellman, if the idea is to not go too much off-topic.

No need to withdraw it. It’s already closed :wink:

In general, we ask that a discussion happen first before a PR is submitted. I would suggest waiting for input from @iHiD first before making any changes, then, depending on what he says, getting maintainer input.

Just because the PR is closed doesn’t mean I can’t push updates in case it’s re-opened at some point ;) But I get your point and won’t be making any changes before we got input from @iHiD and a consensus has emerged here.

You can do any work you want to on the branch, it is your branch. The reason for having the discussion first is to help avoid work that will not be approved, but that is mostly to help avoid work from you (and perhaps to some extent the urge to review and monitor be be notified for the maintainers).

The criteria for changes you want to show and tell is not based on if it is open or closed, that is really what I am trying to say here. You can make changes at will, regardless.

2 Likes

Thanks for your work so far and opening the discussion.

My hot take is that I’m not sure this adds any education value to people practicing their programming language skills, which is what these tracks are for.

That said, the context and information is nice. If you wrote a blog post on Exercism’s blog that delved into the various different ciphers we have exercises for, I think it would then be worth adding a note/link on each exercise saying “Check out this article if you’re interested in learning more about the different ciphers in Exercism’s exercises” (or something similar).

5 Likes