Posted by: jonkatz | August 7, 2009

Does crypto have too many conferences?

A question from Bill GASARCH (slightly edited):

There are SIX crypto conferences!

TCC (Theory of Cryptography Conference)
FSE (Fast Software Encryption)

1) Did I leave any out?

2) Why are there so many? Is it too many?

Amazingly, this isn’t even a complete list. (I also found it interesting that Bill included Africacrypt, while omitting several better ranked conferences.) In no particular order, we also have PKC (Public Key Cryptography), RSA Cryptographers’ Track, Financial Cryptography, ACNS (Applied Cryptography and Network Security), and Indocrypt. ICALP had a crypto track until that idea burned itself out. And don’t forget that crypto papers also get published at theory venues like STOC and FOCS, as well as at security venues like ACM CCCS and IEEE Security & Privacy. Whew!

Why are there so many conferences? I can give a partial answer here, but I can’t fully explain the phenomenon. The “flagship” crypto conferences (as determined by IACR) are spread geographically: Crypto in the US, and Eurocrypt/Asiacrypt in the obvious parts of the world. Indocrypt is almost entirely attended by people in India. Other conferences are targeted to specific “niches”: PKC for public-key crypto, TCC for theoretical crypto, and FSE for symmetric-key crypto. (See below for why this might be a bad thing.) Financial Cryptography, as I understand it, exists only so that people can travel to a nice location in the winter. (I’m serious.) Finally, some conferences (Africacrypt, Vietcrypt, and Mycrypt, to name some) are run in an effort to spur interest in the field in a particular location, and/or to evaluate the potential for holding a flagship conference in that location at some point in the future.

Are there too many conferences? I think so. I can’t see any inherent reason why there should be more papers per year generated in crypto than in other fields. Are there more interesting problems in crypto than in algorithms? Are there more people working on crypto than working on computational geometry? (Actually, the answer to this last question is probably ‘yes’, but seemingly not by enough to justify the huge increase in number of papers.)

But surely publishing more papers is better? NO!

  • Many of the conferences I mentioned above have very poor reputations. (I’ll save a ranking of conferences for a later post…) If you publish a good paper in a poor conference, it is likely to get ignored. On the flip side, the sheer number of conferences, and the low “signal to noise” ratio in some of these conferences, make it easy for a researcher to miss a good result.
  • CS has been arguing for a long time that conferences are better than (or equivalent to) journals. But this argument loses force once the number of weak conferences starts dominating the number of strong conferences. Getting crypto-specific for a moment, I can tell you from my own experience that people outside of crypto find it very difficult to evaluate people in crypto based on their publication record. This matters for grad admissions, hiring, and tenure decisions.
  • The field tends to get fragmented, with results in a particular sub-specialty tending to appear only in a specialized conference instead of one of the flagship conferences. This was (and is) a concern with TCC: on the one hand it is great for everyone involved in “TCC style” research to gather at a conferences, on the other hand it does not seem good for the “TCC community” to be separate from the “Crypto community”.
  • Having so many conferences seems to encourage a culture where every small result is submitted for publication. (Mind you, this is not the only factor; perhaps I’ll say more on this in a future post.) I personally would be happier in a world where everyone published less.

I have heard people say that the weakest 3 (say) crypto conferences should be disbanded. The irony is that there is no incentive for anyone to do this. As long as authors continue submitting, the conference will continue existing. How can we break the cycle?



  1. I think the fragmentation of the field is both good and bad. It does give venues for quality research in specialized topics. An example is a conference like Pairing ’09. The bad side is that I think these sub-fields become isolated and don’t talk to each other as much.

  2. Two missing IACR-supported events: SAC (Selected Areas in Cryptography), CHES (Cryptographic Hardware and Embedded Systems).

  3. I very much shared the concern you mention about TCC when it was first proposed, namely that it would fragment the community. But by now I feel that it has actually had the opposite effect. Previously, there were theoretical cryptographers who mainly attended FOCS/STOC and conferences on other aspects of theory of computing, and ones who mainly attended CRYPTO/EUROCRYPT and other crypto/security conferences. While there was certainly some overlap between these groups, there were still two large subsets of the theoretical crypto community who did not have much opportunity to interact. TCC has served as a meeting place for them, and as a result I think we’re seeing an increasing amount of cross-pollination between the tcs and crypto.

  4. I too had a related post, I think the number of conferences is clearly over the edge. One possibility is to increase the number of papers in top conferences and to hope that weaker conferences die out. Other benefits of this are given in the post.

  5. The url is

    (not sure why wordpress added the recently part.)

  6. Based on the comments and Helger’s recent post I realized I forgot a few conferences including SAC, CHES, and ICISC (and more that I am not even going to list). This makes the problem even worse!

  7. I agree, we have way too many crypto-related conferences and that is not a good thing.

    But as long as individuals still benefit from that I don’t see how it will ever change. The benefits include getting weak papers published, serving on PCs and steering committees. From my own experience many hiring/grant committees have difficulties distinguishing a paper published at CRYPTO from one published at the BDDHI conference. Eventually they prefer a candidate with 30 publications at BDDHI to one with 5 at CRYPTO because 30 >> 5. Should we try to educate people from outside of our area what the top crypto conferences are?

  8. Eike, this is exactly the problem I refer to in my second bullet. It is indeed a real problem. In my own case, at U. Maryland the dept. regularly asks me to rank the best crypto conferences/journals. (Since I am the only cryptographer on the faculty I could bias the results any way I wanted…but I would never do that, of course…) People outside the field do know that Crypto/Eurocrypt are top conferences, but know nothing about the rest.

  9. Another possible solution: 🙂

  10. If you do have a joint ranking for crypto/security journal and conferences and update it annually, I think the problem will be solved. In fact, many crypto people including myself do not know how to tell the quality of a crypto paper. I usually point to citeseer 2003 computer science ranking which is now obviously outdated, not to mention its correctness.

  11. Re “Ranking” of conferences. This is a problem related to ranking of journals. It is completely bogus. It should not be the venue of a paper, but the paper which should be ranked. This is easy to do via citation counts.

    Clearly if you publish in a good place, people will see the paper more and it will be cited more.

    You can even search in Publish-or-Perish to get citation indices for journals and conferences. So if you want to rank conferences this would be the simple way to do it.

    BTW We were also asked to “rank” venues for papers. So this problem is not just confined to Maryland.

  12. Nigel, do you really believe that the value of a paper only depends on the number of citations?

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: