LETTER TO THE EDITOR OF THE NOTICES OF THE AMS ==================================================== I found Koblitz's essay "The uneasy relationship between Mathematics and Cryptography" (Vol 54, No 8) misleading in several ways. Most importantly, I believe that Koblitz's views regarding the subject are based on several fundamental misconceptions. For example, he seems to view the unfortunate (and rare) cases in which flaws were found in published claimed "proofs" (of security) as indication that proofs are useless (w.r.t security). In my opinion, these incidences merely reinforce the importance of careful verification of proofs, which constitute our only way of distinguishing facts from conjectures. Furthermore, Koblitz often confuses proofs with what is being proved, and consequently does not distinguish between the inadequacy of the claim (e.g., an unsatisfactory definition of security) and the incorrectness of its proof. Finally, he often uses unsound reasoning (e.g., inferring that last-minute conference submissions indicate a rush to publish minor results). The foregoing flaws dominate the series of papers by Koblitz and Menezes (see references in Koblitz's essay). For a discussion of the main flaws, the interested reader is referred to my essay http://eprint.iacr.org/2006/461. Let me just stress that, in contrary to Koblitz's belief, the fact that this essay does not criticizes the papers of Koblitz and Menezes for inadequate references to prior work does not mean that such cases are not numerous. On the contrary. Koblitz's essay suffers from the same problems, and in addition it provides a distorted account of my own essay (e.g., the (legitimate) controversy regarding the "Random Oracle Model" is far from being the focus of my essay and was certainly not the source of my concerns regarding the Koblitz and Menezes papers). I also wish to correct Koblitz's account of the events related to the publication of his paper with Menezes in Journal of Cryptography. I did not object to the publication of the paper due to my strong disagreement with its contents, but rather due to the nature of this paper which, in my opinion, is not a novel technical contribution of the type sought by the journal. My opinion was that the paper may only be published as a "position paper". Since the authors refused to revise the title of their paper accordingly, the editor-in-chief was forced to write a special preface that explains that their paper is a position paper. Oded Goldreich Faculty of Mathematics and Computer Science, Weizmann Institute of Science Rehovot, Israel