I wish I had mod points for this one. +1 Interesting/Insightful.

New England is right out.

The dimensionality of the object can be higher than the degrees of freedom. For reference by analogy, see gimbals, which allow representation of arbitrary axes in n-dimensions, but are subject to gimbal lock, where a change in one axis may be represented by a substitution of a change in another axis, eliminating a degree of freedom (not to be confused with dimension).

The temptation to optimize for speed/memory usage over producing correct code is like will'o'the'wisps for many developers. If you develop code for a hostile environment (the default assumption for crypto) it should be assumed that any inputs will be abused.

Further, in a hostile environment, developers also need to assume that they won't have anticipated every possible way to extract information from a process. Do the simplest thing that will always work, within the limits you can predict. Then fix the bugs as you find them, because you WILL have some. Hopefully, you have a qualified set of eyes willing to review your code.

For example, timing attacks are pervasive in cryptography, and incredibly easy to enable without very thorough consideration of possible paths. Often, with higher-level languages, you have little opportunity to mitigate these issues. You check bounds because it's the low-hanging fruit for an attacker, not because it will provide absolute security. It merely raises the bar for an attacker. Crypto is often subject to attacks enabled via multiple layers of abstraction (all the way down to turtles) which obscure potential problem areas.

That 2 TB of key material has to be stored somewhere, and can't ever be reused. Is your data storage coercion-proof? Also, how much do you like sneaker-net? At that point, you might be better off not committing things to paper.

Any predictive observations will necessarily be limited by the actual applicability of the model. A model may suggest directions to look for interesting phenomena, but it is NEVER confirmation of such. Simulations will only get you as far as your inputs. GIGO.

It's intended to degauss the glasshole, not the glass. ;)

So, you're saying that the rules of production are axioms too. Still doesn't change what I said. But, you do arrive at the same endpoint that I arrived at, which is that if you don't accept some of them at some point, you'll wind up back at my original point.

Anything new to add?

Don't mention this to the Aussies.

That's just revisionism (they tried awfully hard not to let go); the correct parallel is Aesop's The Fox and the Grapes.

"A poof is a poof. What kind of a poof? It's a poof. A poof is a poof. And when you have a good poof, it's because it's poofin'." Jean B. Tokin, former Prime Minister of CanIHitThat

Thank you. For the love of FSM, thank you for qualifying your statement about proof.

Proof is absolute, within the confines of the accepted axioms. Within the larger scope of things, we accept proof probabilistically, and this includes the entire works of every mathematician ever to live. Bayesian stats attempts to capture this idea that knowledge is never absolute, but merely held with probabilistic certainty, and all things are based on axioms (inherently unprovable, but assumed to be useful) ultimately. I only gripe (and boy is it a really fine, pedantic gripe), because your comment commits the same error you attack. Math/logic is a model, not reality. Models are based on necessary assumptions (axioms), otherwise you'd be arguing with solipsists over every detail, no matter how blindingly "obvious". This trend toward claiming that a mathematical proof or a scientific theory is "absolute" violates the very premise on which they're based.