Congratulations on beginning your PhD! What are you going to do now? This page contains some (hopefully) helpful information about getting started out on the right track. I have curated my thoughts on this page for my own selfish purposes, so some of the material is very specific to my research interests (computer science → security → cryptography → multiparty computation).

Table of contents

• What is a PhD? What is research, and how do you do it?
• What is the advisor-student relationship like?
• What should I be doing now?
• Unsolicited advice

What is a PhD?​

In short, a PhD is is a journey to the frontier of human knowledge, where you expand the frontier by a tiny bit with a new contribution. Read this (very short) illustrated guide to a PhD by Matt Might for a good mental picture.

Foundational skills of research

One of the things that makes a PhD difficult is that research requires skills that your undergraduate education has probably not equipped you with.

• Reading (and understanding) academic papers. This is probably the easiest one, since it's not a completely new skill but rather a natural strengthening of a skill you already have. In academic papers, more background knowledge is assumed, and more work is left to the reader. The best way to make papers easier to read is to read a lot.

• Technical communication; i.e., writing and presenting (which is just writing for a different medium). The value of writing is what has surprised me the most in my career. Why is writing so important?

  • Research does not stand on its own, but it must be communicated to the community. The audience has limited attention, so your best strategy is to make it as easy as possible to understand the material.
  • New ideas come into this world as a complete mess, and writing is the only way I know to organize them. Think of writing not as a necessary chore to get your results published, but rather as a stimulating puzzle of finding the best way to express an idea.
  • Careful writing is a sanity check -- more bugs (& simplifications!) are discovered during the writing phase than the scratch-paper/whiteboard phase. This requires the ability to be both a writer and a critical reader at the same time.

• Asking research-level questions might be the hardest skill of all. As a undergrad you become skilled at absorbing precisely the information that is offered to you. A research mindset is a curiosity about the information that isn't being offered.

During your PhD you should plan to actively develop these skills (not just as side-effects of whatever you happen to be doing).

What is research like?

My advisor Michael Loui always described research to me as "a manic-depressive activity." The highs are high and the lows are low. The transition from high to low can be instantaneous ([dancing up and down the hall] "holy shit, I finally did it!" ... [5 minutes later] "wait a second, but what about ..."). But did I mention, the highs are high?

You can expect to feel stupid all the time. If you're not feeling stupid, then you're not learning anything new. Read The importance of stupidity in scientific research by Martin A Schwartz.

Science makes me feel stupid too. It's just that I've gotten used to it. So used to it, in fact, that I actively seek out new opportunities to feel stupid. I wouldn't know what to do without that feeling. I even think it's supposed to be this way.

You can expect to feel like you are always banging your head against a figurative wall. Have more than one wall, and be persistent. Read Jeff Erickson's advice on how to deal with discouragement:

Eventually, you'll move from hoping that you'll be able to knock down a wall with your head someday, to being surprised at how often the walls you hit with your head actually fall, to finally believing that you really can knock down walls with your head sometimes.

Related reading

• 10 easy ways to fail a PhD (Matt Might)

Advising relationship​

Conceptual framework

In their paper A Developmental Model of Research Mentoring, Revelo & Loui discuss different conceptual models for the advisor-student relationship. These models are an extremely helpful way to think about the role of advisor and student.

The mentoring relationship should naturally evolve as the student develops in maturity. This paper presents a sequence of 4 different relationship archetypes, which should be traversed in this order:

1. Novice & Director:

   ... the mentor is directive in setting expectations, goals, and objectives for the student. The mentor may assign specific tasks such as reading previous research articles and learning to operate laboratory equipment ... the student is unable to advance the research project without direction from the mentor. Stage 1 may be short in some mentoring relationships.

2. Apprentice & Master:

   the mentor still holds the primary responsibility for progress in the research project, but the student may start to make progress independently ... the student should be more knowledgeable about the research project than in stage 1 ... the student should move beyond reproducing results to connecting results and knowledge to a bigger research picture ... the student starts focusing on the "why" of the research project in addition to the "what."

3. Collaborator & Guide:

   the student contributes new ideas to the research project and gains an increasing sense of independence ... the mentor and student share responsibility for advancing the research project; the student may take ownership of some aspects of the project ... the student is motivated to advance the project with the mentor’s guidance.

4. Colleague & Consultant:

   the student has the primary responsibility and the mentor serves as a consultant ... The student is now a colleague to the mentor ... the student is able to make progress on the research project independently ... the student may initiate new directions for the research ... the role of the mentor is to serve as a consultant to the student by providing advice when asked. [my emphasis added]

Many conflicts between the advisor & student can be understood in terms of a mismatch of levels, and a mismatch can happen in either direction. A "Novice" (stage 1) or "Apprentice" (stage 2) student will feel totally abandoned by a "Consultant" (stage 4) advisor, while the advisor in this situation will become frustrated with the student's apparent lack of progress. A "Collaborator" (stage 3) student will feel stifled and micromanaged by a "Director" (stage 1) advisor.

Roles & Responsibilities

What follows below is a partial list of some expectations of the advisor and student during graduate school. They can be summarized as "act like decent adults."

Advisor roles:

• Guide the selection of research topics, readings, dissertation topic
• Provide financial support in the form of graduate RA/TA, and travel assistance when possible
• Lead by example in general academic conduct
• Maintain a healthy and safe work environment for all students
• Give timely feedback on student's writing and presentations
• Advocate for student success and professional advancement; e.g., letters of recommendation, finding scholarships, internships
• Provide guidance on other aspects of academic careers (teaching & service) for students with such an interest
• Set reasonable, transparent expectations; constructively identify areas of improvement; raise serious concerns as early as possible
• Accept student's wishes to change research focus or advisor

Student roles:

• Hold primary responsibility for successful completion of degree
• Be an active and responsible participant in group activities; follow through with commitments; give status updates
• Actively and independently seek out research questions of interest
• Actively develop foundational skills of academic research (see below)
• Understand and jump through the appropriate university hoops
• In a deadline-driven field, be prepared to spend significant amount of time in preparation for submission deadlines
• Be prepared to openly discuss any difficulties

Related Reading

• The 5+5 commandments of a PhD (Matt Might)

What to do now​

Build foundational knowledge in crypto/MPC

Here are some things that you should know by the end of your first year of grad school, in order to do research in my area of secure multi-party computation. Aim for more than just a superficial understanding of these concepts. This list was inspired by a similar list from the Bristol cryptography group.

Algorithms:

• Solve problems using dynamic programming
• Solve problems using network flow

Computational Complexity:

• What are the complexity classes P, NP, PH, PSPACE?
• What is BPP? Give an example where randomness helps computation
• What is IP?
• What is P/poly? More generally, what is the difference between uniform & nonuniform computation?
• Prove that a problem is hard/complete for some complexity class.

Information theory / probability:

• What is the definition of Shannon entropy? What about min-entropy?
• What is the definition of statistical distance? What is the connection to cryptographic distinguishers?
• What is the Chernoff bound? Can you state it asymptotically?
• Describe Reed-Solomon coding.

Crypto basics:

• Give formal security definitions for OWF, PRG, PRF, IND-CPA, IND-CCA, AEAD (both public-key and symmetric-key), EUF-CMA
• Give a formal security proof that involves a hybrid argument. Be able to state the statement of security both qualitatively and quantitatively (i.e., accounting for adversarial advantages)
• Describe how to build an AEAD symmetric-key scheme from a PRF.
• Describe a threshold secret sharing scheme
• Define RSA trapdoor function
• Define ElGamal encryption and reduce its IND-CPA security to the DDH assumption
• What is the random oracle model?

Number theory / algebra:

• State the Chinese Remainder Theorem and describe its application to RSA
• Formally define the DLP, CDH, DDH assumptions
• What is a bilinear pairing? What kind of hardness assumptions are common for bilinear pairings?
• What is a finite field, and for which values of n does one exist with n elements?

MPC:

• What is a commitment scheme? Formally define security and give a concrete construction.
• What is oblivious transfer? Formally define security and give a concrete construction.
• Describe any secure construction of garbled circuits. Formally describe its security properties.
• What is the real/ideal paradigm for security definitions? What is a "hybrid model"?
• What is the UC framework?
• Describe Yao's protocol and give a security proof (using the BHR abstraction of garbled circuits).
• What is OT extension? Describe how the IKNP OT extension protocol works.
• Be able to define MPC tasks by means of an ideal functionality.
• Give a formal proof of UC security for some MPC protocol (e.g., Blum's coin-tossing protocol from commitment)

Some good resources for learning about the basic cryptographic concepts are:

• The Joy of Cryptography, my book! (free)
• A Course in Cryptography, Rafael Pass & abhi shelat (free)
• Cryptography, An Introduction, Nigel Smart (free)
• Introduction to Modern Cryptography, Jonathan Katz & Yehuda Lindell
• Introduction to Modern Cryptography, Mihir Bellare & Phil Rogaway (free)
• A Graduate Course in Applied Cryptography, Dan Boneh & Victor Shoup (free; draft)
• An Intensive Introduction to Cryptography, Boaz Barak (free)
• Introduction to Cryptography (video lectures) by Christof Paar (free)

However, the things you need to know in your first year go beyond typical classroom material, and take you into the research literature. So you'll have to get better at ...

Reading papers

Almost all papers in our field are posted for free at the ePrint archive. You can even subscribe to email alerts whenever new articles are posted, or receive them in a daily/weekly batch. (When the time comes, you can also use the same mechanism to subscribe to alerts about postdoc/job opportunities.)

Here's what I do when I have to learn about some result from the literature. If it's a fundamental one then I first try to find lecture notes that present the material (i.e., use "lecture notes" in my search terms). Otherwise, I try to find a video of the conference presentation. Only after this do I attempt to read the paper. Lecture notes and videos will prepare you to read and appreciate the details that are contained in the paper. Videos of recent IACR conferences are on Youtube.

To get up to speed on MPC specifically, I have some more concrete recommendations:

• Start with this video playlist that I curated, which covers fundamental MPC/2PC topics.
• Many of the videos from my playlist come from recent instances of the Bar-Ilan Cryptography Winter Schools. The 2011 and 2015 versions of the school were focused on MPC. Their websites contain videos and slides for all of the presentations.
• All of these introductory materials do a nice job of shielding you from the major complexities of security proofs. But to do research in this area, you must become fluent in security proofs. How to Simulate It is an excellent tutorial on the subject by Yehuda Lindell.

Improve your writing skills

I feel very strongly about the importance of writing. "Good writing" may be subjective when writing a novel for all I know, but for technical communication there are very clear "best practices" that you (yes, even you) can learn and use.

I encourage you to set aside some time and watch this video on writing by Steven Pinker. He lays out the basic principles of clear writing, with many positive and negative examples. It should convince you that it is possible to articulate why a certain piece of writing is effective or not. That ability already gets you over halfway to being a great writer. For more details and constructive advice, you should then read either Pinker's book or Style: Lessons in Clarity and Grace by Williams & Colomb.

You don't have to wait until you're churning out conference papers to work on writing. You can practice writing now:

• Summarize the results of a productive meeting.
• Write a summary of a conference talk you watched or a paper you read. Especially if it took a lot of effort to finally understand a paper, you will want to capture your understanding now before you eventually forget and have to re-learn the paper again.
• In the extreme, maintain a personal annotated bibliography (see one I started here).

Distilling a difficult concept into its core ideas, finding a good representative running example of a concept... these are the same skills you need to make a good presentation. Embrace the challenge of finding the best way to express every idea!

Related Reading

• Recommended reading for graduate students (Matt Might)

Unsolicited advice​

Impostor Syndrome

Every student should know about impostor syndrome, the feeling that everyone around you absolutely has their shit together while you are only pretending to know what you're doing, and by the way your life will come crumbling down in shame when they finally discover how you incompetent you really are. The most important thing to know about impostor syndrome is that it is incredibly common in grad school (I certainly was a textbook case). Just knowing that fact can be comforting.

SMBC comics, by Zach Weinersmith

I don't think my advice for dealing with impostor syndrome is terribly useful (like saying "don't fall off" for advice on how to do a tightrope walk), and it might say more about my neuroses than yours, but here it is anyway:

• Don't compare yourself to other people when assessing of your own self-worth. You have an asymmetry of information that results in a cognitive blind spot in your judgment.

  "The reason we struggle with insecurity is because we compare our behind-the-scenes with everyone else's highlight reel." [Steven Furtick]

  Social media magnifies this information asymmetry, but it's true in "real life," too.
• Don't deflect sincere positive feedback, accept it. Consider that the person giving positive feedback might actually be a reasonable judge of character. (Hint: professors have dealt with thousands of students, spanning the entire spectrum of abilities; generally speaking, we can distinguish competence from a façade.)
• Talk about impostor syndrome with fellow students.

Now that you know the term "impostor syndrome," you can feel empowered to find lots of information and support, and more constructive advice than what I just offered. We are lucky to live in a time where there is open discussion about impostor syndrome, especially in the academic community.

Think about the context of your work

While you are developing an incredibly narrow focus on some small aspect of cryptography, choose to also have a well-rounded foundation in security more generally. Most people have never heard of cryptography. When you meet new people, you will probably introduce yourself as a student of computer security. They'll ask what you think of the latest high-profile data breach, or hacking of election machines, or government surveillance. People will consider you an expert on all of these things (and despite your academic honesty about your narrow expertise, you probably are the closest they will get to a "real" expert in these things), so try to have an informed opinion! Learn about systems security, network security, physical security. Learn how to pick locks. Participate in capture-the-flag contests. Remember that not every security problem has a crypto solution. Not every security problem has a technological solution!

(I'm beginning to think that only the easy problems have a technological solution.)

Security is important. It has societal impact and therefore a moral dimension. Choose to be one of the "good guys", and not one of the adversaries. Read The Moral Character of Cryptographic Work by Phil Rogaway. This issue runs deeper than you might guess.

Develop a relationship with both theory & practice that you are comfortable with, and don't take either for granted. Accept and embrace your work as it truly is, without being apologetic. Don't try to market theory as practice, or vice-versa. Watch the first half of Mihir Bellare's distinguished lecture on theory vs practice in cryptography.

Being kind

Here's some good advice I first saw in this tweet:

We're all smart here. Distinguish yourself by being kind.

Being productive

Grad school involves a lot of time spent as a self-directed, independent researcher. Many students (and professors) struggle to be productive working on open-ended problems with only very long-term, vague external motivations (publish a paper, get a PhD, get tenure).

I have spent (wasted) lots of brain cycles thinking about productivity. My success has been mixed, but I can at least say that I've learned something about productivity and have even seen personal improvements. I can't prescribe exactly what things will help you be more productive, but I can share some good general principles that I have found useful.

• Akrasia, also known as weakness of will, refers to the frustrating dynamic between your present-self and future-self, where present-self makes objectively good plans but consistently overestimates the ability of the future-self to actually deliver on them. The Grand Unified Theory of productivity (as I see it) is to treat the relationship between present-you and future-you as adversarial. Design your life accounting for the fact that future-you is selfish, short-sighted, lazy, unreliable, uncooperative, and pretty dumb.

• Future-you is lazy but fortunately can be fooled by inertia. Once future-you starts an activity, inertia will often take care of the rest. Starting an activity is the hardest part. Design your environment so that the desirable activities have low "activation energy" or "transaction cost" --- in other words, make these activities very easy to start (e.g., sleep in your workout clothes if you want to exercise first thing in the morning). Conversely, make undesirable activities harder to start (e.g., leave your phone in a different room from where you sleep). As Matt Might says:

  Mold your life so that the path of least resistance is the path of maximum productivity.

  If these sound like dumb little tricks, just remember that future-you is dumb.

• Future-you has a tendency to give up at the first sign of adversity. Set small, achievable milestones, with a slow gradient towards a long-term goal. Never try to re-invent yourself overnight; that is a recipe for guaranteed failure. Change only one very small behavior at a time, and slowly iterate. Don't think of a 1% improvement every day as (1.01)ⁿ, but rather 2^Ω(n). When future-you gives up, it reverts back to old behavior. A habit is like a "save point" that prevents future-you from reverting past it. So focus on developing habits.

• When you want to adopt some new productivity system into your life (some fancy new website, or app, or filing system), you are implicitly trusting future-you to do some new things. These new things have to be idiot-proof, since future-you is an idiot. The most important thing to consider is whether future-you will actually use it, not how amazing it is when it is used. However, when you can rely on future-you as part of a workflow, the reduction on your cognitive load is a wonderful feeling.

• A commitment contract is an extreme form of adversarial-ness between present-you & future-you. Your present self commits to a contract that binds your future self into compliant behavior, with contract terms that are severe enough that even your stupid future self can't avoid them. A good example of this is Beeminder (based in Portland), whose business model is to serve as adjudicator of such commitment contracts. Set a quantiative goal for yourself (e.g., write 10 thesis pages per week), then track your progress. Beeminder has your credit card info and will take your money if you don't meet your goals. The penalties start small but increase exponentially, so you will eventually reach an amount that motivates future-self. Think of it as paying Beeminder for the privilege of discovering your personal utility function. I've paid them $117 so far for this privilege. (If you don't like this idea, you could always just hire someone to slap you in the face whenever you go off task.)

• Measure inputs rather than outputs. This is mostly a restatement of the standard time-tested management-speak about SMART goals.

  • Bad goal: Get 2 papers into Crypto+Eurocrypt this year. This is an "output" of the peer-review process that you do not directly control.
  • Better goal: Submit 2 papers to Crypto this year. This is at least an "input" to the peer-review process, but it is also the "output" of an uncertain research process.
  • Best goal: Spend 100 hours in focused work, on each of 3 different projects this year. This is an "input" that you have complete control over. If you can do this, you'll certainly be in great shape.
  "Quality time spent in an activity" is always a great goal. It also helps to have some scoreboard that tracks these criteria, so you can see your status at a glance.

• Set aside time for deep work. This is a concept pioneered in Cal Newport's book of the same name. In PhD research, your attention is your most important resource, and your work practices should reflect this fact. Explicitly structure your routines to facilitate intense, uninterrupted periods of focused attention. (Here are some extreme examples: 120 hours, 87 hours of work in 7 days. I don't recommend this as the only strategy in your arsenal)

Other links:

• Matt Might's productivity hacks for academics
• Quit social media.
• Why procrastinators procrastinate (Tim Urban). Hint: it has to do with Instant Gratification Monkeys.
• How to Get Motivated flowchart (Alex Vermeer)

Some tools that I've found particularly valuable:

• Dynalist: simply incredible outlining tool to get things out of your brain and "on paper". Supports LaTeX! I use this with my students to collaboratively outline research projects.
• Beeminder: commitment contracts (discussed above)
• TagTime: tracks your time by random sampling.
• Gmail tickler that I wrote and still prefer to the builtin "snooze" feature.