More on Conferences vs. Journals

In a previous post, the notion of treating conferences and journals on equal footing was discussed, challenging the prevailing view among certain quarters that journals hold an always-superior status over conferences. In that post, I pointed out instances where impactful results can emerge from conferences, and not necessarily exclusively from journals. Here, I present other examples from the literature.

  1. "Integral Cryptanalysis on Full MISTY1" by Yasuke Todo was initially presented at CRYPTO 2015 and the research was later extended and published in Vol. 30 (2017) of the Journal of Cryptology (JoC). The original work was the first to succesfully attack the full-round MISTY1, and is typically regarded as a significant result in cryptography.
  2. "Improved Key Recovery Attacks on Reduced-Round AES with Practical Data and Memory Complexities" by Achiya Bar-On and others was first unveiled at CRYPTO 2018. An extended version of this research was subsequently published in Vol 33 (2020) of the JoC. The authors managed to improve the overall complexity of previous attacks on reduced-round AES.

If journals are indeed the more premium venue for publishing, then why researchers submit their work to conferences? Well usually, conferences typically have a faster review cycle compared to journals. This allows researchers to promptly share their findings with the community. In this context, submitting to a conference initially and subsequently extending the results for journal publication is a logical approach to rapidly disseminate research outcomes.

Rapid publication might compel researchers to submit their work to conferences, at least initially. Taking the previously cited examples into account, we can observe the timeline of the review process.

  • The submission deadline for CRYPTO 2015 was on 11 February 2015 and the decision was delivered on 9 May 2015, reflecting a 2-month review cycle. In contrast, the corresponding journal article for this work was received on 27 December 2015, underwent revisions on 6 July 2016, and was finally published online on 25 August 2016 (this information is obtained from the first page of the journal article). Therefore, the whole process takes about 8 months from submission to publication.
  • Similarly, for CRYPTO 2018, the submission deadline was on 13 February 2018 and the final decision was communicated on 29 April 2018, involving a 2-month review period. The journal version of this paper was initially received by the JoC on 25 December 2018, underwent revisions on 11 September 2019, and was published online on 26 September 2019, consuming a total of 9 months from submission to publication.
Indeed, granting more time for article review allows reviewers to thoroughly examine and validate the results without the constraint of tight deadlines. Whether or not the reviewers make full use of the extended time is another matter. Does this then automatically favour the argument that journals are always superior to conferences? In my view, not necessarily.

Amidst the relentless pressure of the "publish or perish" culture, many journals have responded by offering rapid peer review process. One such example is IEEE Access, which boast that "peer review process takes 4 weeks from submission to an accept/reject decision notification". This is remarkably quicker compared to the review timelines of CRYPTO (approximately twice as fast) and JoC (almost eight times as fast). Consequently, if a longer review process were the sole determinant of journal superiority over conferences, this assertion would not be entirely accurate. 

For comparison, IEEE Access operates as a fully open access journal, necessitating authors of accepted papers to incur an article processing charge (APC). At the time of writing, the APC for IEEE Access stands at USD 1,950 per article. On the other hand, JoC allows authors the option to publish their articles without open access, thus waiving the APC. However, if authors do opt for open access publication,  they are required to pay an APC of USD 2,890.

There are instances where seminal work has emerged solely in conferences but not in journals. For instance:
  1. "The First Collision for Full SHA-1" by Marc Stevens and others, unveiled at CRYPTO 2017. Currently garnering 468 citations according to Google Scholar, the authors were the first to present a collision for SHA-1.
  2. "SHA-1 is a Shambles: First Chosen-Prefix Collision on SHA-1 and Application to the PGP Web of Trust" by Gaƫtan Leurent and Thomas Peyrin was presented at the USENIX Security Symposium 2020.
The above works hold practical implications and played a pivotal role in the eventual phasing out of SHA-1. The US National Institute of Standards and Technology (NIST) announced that "SHA-1 should be phased out by Dec. 31, 2030" and recommends migrating to SHA-2 or SHA-3 "as soon as possible".

One might argue that since the USENIX paper mentioned above, being relatively recent (less than 3 years from the time of writing) could potentially lead to a journal publication. However, it raises the question of why we have yet to see a journal article for the CYRPTO 2017 work, even though 6 years have passed since its initial presentation.

The intent of this blog post is not to undermine the significance of journals. Instead, it aims to convey to those in the academia management that articles presented in conferences are not inherently of lower quality than those in journals. Moreover, it advocates for these people to recognise and accept conference articles as valid publications. This recognition is vital, especially for postgraduate candidates seeking to obtain a Masters (by research) or PhD degree in certain universities, where meeting the minimum number of publications is often a crucial criterion for graduation.

Furthermore, considering the number of conference articles together with journal publications under the category of "publication" can help dispel the notion that these two types hold different wights, particularly in performance appraisals of academicians or researchers. In many cases, both conference and journal contributions should be regarded as equally valuable and impactful.

If such a proposal is accepted, it raises a significant question: how do we determine the top conferences in the field? Delving into this matter could potentially be a subject for another blog post.

Note: The editorial aspects of this post have been assisted by ChatGPT. The initial ideas and writing are my own :-)


Comments

Post a Comment

Popular posts from this blog

Are Articles Published in Peer-Reviewed Conference Proceedings Inferior to Journals?

The answer to the question posed by the title of this article is: It depends on the field and the specific conference and journals that we are referring to. In certain science fields, journals have more prestige than conferences. Articles published in conferences are typically not considered as "publications" when evaluating the annual performance of an academician. In computer science, it can be argued that an article published in a peer-reviewed premier conference proceedings has the same value as an article published in a prestigious journal. You can read Michael Ernst's (a Computer Science Professor at Washington University) opinion about this issue here (written in 2006) . In 2009, when Mosche Vardi (a Computer Science Professor at Rice University) was the Editor-in-Chief of the Communications of the ACM, he  wrote a letter to open up discussions wether conferences are indeed superior in computer science . In January 2020, he wrote another article related to this i...
Read more

Coding OpenSSL on a Mac

This post is more about a note to myself about using OpenSSL in Visual Studio Code (VS Code). If the post benefits you, then I'm glad that it did. I performed all the steps described here on an Apple MacBook running macOS Big Sur 11.5.1. Before proceeding, we need to have these two programs installed: Homebrew : to install OpenSSL Visual Studio Code : the integrated development environment (IDE) I use to code OpenSSL. Of course, you can use any other IDEs that you prefer. OpenSSL OpenSSL is a toolkit that is able to perform SSL/TLS functionalities and execute cryptographic operations. There are two separate libraries: libssl for SSL/TLS and libcrypto for the cryptography stuff. Installing OpenSSL Use Homebrew to install OpenSSL: brew install openssl@1.1 On my Mac, Homebrew installs OpenSSL at /opt/homebrew/Cellar/openssl@1.1/1.1.1k . At the time of writing, the latest stable version of OpenSSL is 1.1.1k. If we open a terminal and type: openssl version the output will display Lib...
Read more