I am a huge fan of Mozilla.
While Google sets the open web ablaze on the altar of mammon and Microsoft is both creating fires and putting them out, Apple sits in the corner and twiddles its many, many beautifully designed thumbs. Mozilla, however — original visionary of the browser-as-OS: Mozilla is the OG and, I pray, the Future. Mozilla will unite us. Mozilla is the Once and Future King. In the fractured Kingdoms of Men, Mozilla is Strider, the heir of Isildur: Mozilla is Aragorn II Elessar Telcontar.
I have learned more from MDN than from probably any other documentation website (and I’m not even a web developer). It’s often the first place I go to learn about the freshest, most illest “goings-ons” or when I have questions about historical “goings-ons” (or “wents-ons” for the extra-literate). Imagine my surprise when I, thegoldenmule: programming enthusiast, traveled to MDN to learn more about Web Crypto and ran into the worst, most halfhearted (can you be most half-something?) Web Crypto documentation:
Hot-take: Well if everyone is so sure of what they’re doing, I question the existence of a documentation website.
I hear the muffled clatter of metal and leather hitting the ground: a gauntlet lies at my feet. Slowly I shift my gaze upward — who is this? Mozilla?! My old friend, how could you? A chill starts up my spine but I fight it back and regain myself.
Deep breath. Stand firm.
Introducing the Pachycephalosaur Method of Learning
My favorite part about Mozilla’s documentation on Web Crypto is that it provides no criteria by which to evaluate whether or not you’ve earned the privilege of using their API. Could they have provided some references? Somewhere to start? Nah, that’d be too easy — hyperlinks don’t grow on trees.
My strategy for learning hard things is to use the time-tested Pacycephalosaur Method. These dinos had extremely hard heads, and as they say, when your head is a hammer, every problem looks like a nail. The problem of learning cryptography is non-trivial, because there is a system of non-linear problems at work here:
1. Cryptography is actually hard. This isn’t a problem of abstractions, visualizations, or perceptions — some things are just hard.
2. I don’t know enough about Cryptography to know where to start, what I need to know, or what I don’t need to know.
How do you learn something when you don’t know what about it to learn?
In the Pachycephalosaur Method, first search around and pick three to five resources. Maybe these should even be random. The more random, the better — and you’ll see why in a minute. In my case, because I like reading, this generally means books, papers, or articles. I hear some people watch videos, some listen to audio, some lectures. Whatever floats your dino-dinghy.
Next, start in on all of them at once. Read a chapter of one, then a chapter from another, round robin. You are the primitive load balancer. The process is to work through each of them until your head butts into a brick wall. Brick walls, for the uninformed, did not exist in the Late Cretaceous, but you can imagine some sort of Late Cretaceous corollary.
When head meets wall, don’t worry too much, just move to the next resource, picking up where you last left off on it.
Remember that random 10 awhile ago? GOTO 10.
What ends up happening when you make these iterative rounds, is that by the time you make it back to the first brick wall, chances are you can break right through it. If you can’t break through, do something else for awhile — play some cribbage or something, I don’t know. Just try again later.
An important part of the Pachycephalosaur Method is that, by starting off with multiple pseudo-random resources, you’re not drinking anyone’s Kool-aid. This turns out to be important, particularly for subjects (like cryptography) in which trust is a Very Big Deal. Java’s standard library approach is different than .NET’s or BouncyCastle’s or (when I eventually read it) Web Crypto’s. Phil Zimmermann’s goals in creating PGP were different than W3C’s goals in creating the Web Crypto API — and because of their disparate Umwelten, these parties will have different ways of relating to these concepts. Mozilla doesn’t trust me, and it’s important that I don’t implicitly trust them either.
My selection of cryptography resources
I chose a smattering of resources to start bashing my head against:
- The .NET cryptography documentation
- “Foundations of Cryptography” by Oded Goldreich
- “Practical Cryptography for Developers” by Svetlin Nakov
- “Bitcoin and Beyond: Cryptocurrencies, Blockchains, and Global Governance”
- ZkSnark whitepapers
- Sarcasm aside, I cheated and read the MDN Web Crypto docs as well.
Microsoft is much less discriminating in terms of who they allow use their APIs, as I found no warnings about my ineptitude. These docs have some great information, and I thoroughly clicked just about every hyperlink — unfortunately they are also almost too practical. “Here are 43 functions you can use.”
As you can see, these links are incredibly clicked — but how do I make a decision about which of these to use, or if I should even use one of these to begin with? Forget knowing details about PKCS8, is this stuff even worth knowing? Let’s see the Pachycephalosaur Method at work.
While I was perusing these docs, I was making my way through “Foundations of Cryptography” by Oded Goldreich. This is a 400 page book with “Foundations” in the name and the subtitle is “Volume I: Basic Tools” — so I believe this can be properly classified as a tome.
This is a reference book, not a book to read through like a good-natured idiot. If you’d like to be able to write a math proof about HMAC, this is the book. This book is roughly 400 brick walls in serial (give or take).
While slamming my head into these pages, this book answered a number of lingering questions about .NET methods. Cryptographic padding functions both exist (I did not know this) and have different properties (I assumed this). Some padding methods have actually already been exploited since this book came out— which I didn’t know until the next resource. Thank you dinosaur based learning methods.
Easily the best resource was Svetlin Nakov’s in-progress opensource book, “Practical Cryptography for Developers.” There are a number of holes and redundancies (much like me, he needs an editor), but this book is excellent for reading from cover to cover — surprisingly few brick walls. I highly recommend this book for getting into cryptography. Take it from me: a total beginner that has no idea what he doesn’t know. This is a great jumping off point for going back into Goldreich’s Foundations when you’ve got additional questions, but provides excellent detail on how concepts are interrelated.
“Bitcoin and Beyond: Cryptocurrencies, Blockchains, and Global Governance” doesn’t talk about cryptography directly, but instead describes what is so special about building systems on top of cryptography. Conceptually, cryptography provides primitives for systems, and these primitives cannot be replicated outside of cryptography. It turns out this book has actually been very important in linking together high level concepts.
Finally, the ZkSnark technology articles are excellent and supremely dense. I’d be lying if I said I understood half of those articles in any real depth, but that’s just the method at work, friends. When I’ve recovered some gumption, I’ll be back, ZCash.
Up and down the ladder
In Bret Victor’s excellent essay “Up and Down the Ladder of Abstraction”, he analyzes problem solving in terms of layers of abstraction.
The most exciting engineering challenges lie on the boundary of theory and the unknown. Not so unknown that they’re hopeless, but not enough theory to predict the results of our decisions. Systems at this boundary often rely on emergent behavior — high-level effects that arise indirectly from low-level interactions.
This is true of problem solving, and more generally, I believe it’s a property of reconciling any sort of knowledge with our stupid, stupid brains. When learning at the boundary of our comprehension, the Pachycephalosaur Method is a scatter-shot across these abstraction levels. This helps us make more connections faster; and the connections are the emergent behavior in this system. There are thoughts to be had that cannot be had without exposure across these ladder rungs.
Keep watching your feet, because you can go down a rung too low on this ladder. Once I find myself reading Gödel I know I may be wasting a bit of my time. Of course, maybe I’m wrong. Maybe understanding ZFC is key to unlocking a unique end-user experience.
Am I qualified for WebCrypto yet?
I now believe, after reading 3 books, several papers, and cryptography docs across multiple platforms, that I am qualified to use this browser API. This is partially because of all the stuff I just said, but also partially because in reading through cryptography application source code on GitHub, I found an astonishing number of TODOs. I guess no one really knows what they’re doing and nothing is really safe.
But there’s a meta question here: how do you know you’ve learned what you needed to? This is a hard problem that I have not offered a complete solution for. Gödel actually does have something to offer here, but I am not fully qualified to understand or explain his completeness and incompleteness theorems.
Warning: WE’RE A RUNG TOO LOW
Nuts to Gödel and his massive brain — I want to answer this question in a satisfying, non-academic way, and to do that I want to get extremely pragmatic. In my next post, I am set to explore a missing piece of the Pachycephalosaur Method: doing.