10 Highlights: Cryptographers' Panel at RSA Conference 2019Facebook's Cryptocurrency Folly, Scaling Security and Why Doomsday Is Temporary
The annual cryptographers' panel at the RSA Conference is a must-see event, with leading cryptographers discussing top cybersecurity and privacy matters of the day. And last month's panel at RSA 2019 in San Francisco was no exception.
Immediately before the panel kicked off, Ron Rivest - the "R" in the RSA cryptosystem - walked on stage to announce that Tal Rabin, manager of the cryptographic research group at IBM Research and a co-panelist, was the 2019 winner of the annual RSA Award for Excellence in Mathematics.
After that high, however, quickly came a low: This year's panel lacked the typically ubiquitous and wonderfully outspoken Adi Shamir - the "S" in the RSA cryptosystem - who didn't receive a U.S. visa (see: 15 Highlights: RSA Conference 2019). So Shamir was left to address the RSA audience via a brief, prerecorded message from his office in Israel.
"Doomsday is always a temporary thing."
Subsequently, however, the panel soldiered on in typical fashion, tackling ripped-from-the-headlines topics.
Here are 10 of the topics panelists addressed:
1. Governments Still Love Backdoors
First up for criticism: Australia, which has passed controversial legislation that permits sending developers to jail if they don't build government-mandated backdoors into software.
Cryptographer Whitfield Diffie summarized the Australian government's take: "The laws of mathematics may be all well and good, but the laws of Australia apply in Australia."
"If anyone should go to prison, It should be developers who sneak backdoors into their products," said independent security expert Paul Kocher.
"Secret backdoors are kind of like pathogens, and governments have done a terrible job of not managing them," he said, referring to how NotPetya was essentially a collection of exploits built by the U.S. National Security Agency, which somehow lost control of them and saw them get leaked by the Shadow Brokers.
"The road to hell is paved with good intentions," said Rivest, who's a professor at the Massachusetts Institute of Technology.
2. Europe's Four-Letter Privacy Word
Enter the EU's General Data Protection Regulation, which has gone into full effect since the last RSA Conference 2018 in San Francisco.
"There's a new four letter word that became popular this past May," said Zulfikar Ramzan, RSA's CTO, who moderated this year's panel discussion. "GDPR: It was more commonly searched than Beyonce´ or Kim Kardashian."
But it's still early days for Europe's new privacy law. "We desperately need regulation here; I suspect it's going to be messy. I think the key questions of how it plays out aren't clear yet. The scope of GDPR is starting to become clear," Kocher said. "But we don't know if it's going to be viewed like parking tickets by UPS and Fedex - as a cost of doing business."
3. Paper Ballots Help Safeguard Democracy
The panel also tackled election security, which has been a particular focus for Rivest. In 2012, "we learned that our voting system is fragile," he said, while in 2016, "we learned that we have foreign adversaries."
Rivest said creating systems involving secret ballots that could nevertheless be used to verify that a vote cast by an individual was the vote that got tabulated remains a difficult challenge. And technology may not be the answer.
"Keep it simple stupid is the lesson we're learning: Low tech is the answer; paper ballots are the way we want to go," he said. In the most recent U.S. election, he said, about 80 percent of voting was done by paper ballots. "I think that's a good sign, and it's going up."
"So you're saying blockchain will not solve all of these problems?" Ramzan joked.
Rivest replied that blockchain will solve few, if any, of these problems.
What will help is more cybersecurity experts getting involved at the community level, he said. "Voting is going to be so important coming up in 2020; use your expertise to help your local jurisdiction," he said.
4. We Need to Talk About Blockchain
Many on the panel noted that while cryptocurrency and blockchains remain interesting in theory, in practice, they are far from perfect.
"To get control of bitcoin for an hour would cost you somewhere in the realm of $250,000," said IBM's Rabin.
Of course that hasn't stopped organizations, including social media giants, from rushing in. "There's bitcoin where you can lose your money, Facebook where you can lose your privacy, and now apparently there's going to be Facebook coin," Kocher said.
"Cryptography is often the one piece that works, but it sits on top of all these other things - operating system, processes, application code, firmware," he said, noting that if any of those don't work perfectly, "then the stuff that does work well ends up failing underneath."
5. Social Responsibility
Just as the first nuclear physicists had to grapple with the Manhattan Project and biologists have to deal with biological warfare, with cybersecurity expertise comes great responsibility, said Shafi Goldwasser, director of the Simons Institute for the Theory of Computing in Berkeley, California.
"People in computer science are realizing more and more that this ability to draw on computation is giving us an immense amount of power, but also responsibility," said Goldwasser, who won the RSA Award for Excellence in Mathematics in 1998.
"We have the tools; we have to guard that power, both by protecting the privacy of data while it's being processed and by requiring proofs," she said. "So it's important to realize our responsibility and not just be motivated by - I shouldn't say profit, but profit - but also some degree of social responsibility."
6. Surveillance Demands Accountability
By any historical measure, the modern state is arguably a surveillance state.
"Every year in the U.S., federal judges issue about 30,000 surveillance orders, ordering telecommunications companies, for example, to listen to what targets are saying," Goldwasser said. "The reason you don't really know what the magnitude is because there's no reporting. The question is, is there any accountability?"
Goldwasser says MIT's Computer Science and Artificial Intelligence Laboratory and Internet Policy Research Initiative have proposed a new system that would allow federal judges to report - without revealing that a particular person was under surveillance - that they have issued a surveillance order, which the public could then use to know how many such orders exist.
But understanding the full scope of state-backed surveillance isn't the only problem. Gag orders about surveillance are typically meant to expire, but too many judges don't issue expirations, she said.
"There is technology that can force accountability in this space," she said.
7. Cryptography for #MeToo
Rabin, meanwhile, said that cryptography could be used as a force for good in the #MeToo era. For example, systems such as Callisto allow victims to log sexual harassment and abuse without having to reveal their identity. If others report similar behavior, the system enables them to join forces.
"The idea for this is that people who have experienced some bad behavior usually find power in numbers, but it's very difficult to find other people" - who have had a similar experience - "without exposing yourself," she said.
8. Good Security Takes Time
Achieving excellent security doesn't always work on Silicon Valley time, Kocher said, citing the slow pace of implementing Domain Name System Security Extensions - DNSSEC - which can help secure the domain name system that is integral to IP networks.
"The transition to DNSSEC has taken 20 years, but it's plodding along and making a difference," he said. "A lot of us are used to working on internet company time, where you get an idea, do a markup and it's in release in six months."
But he cautioned that lots of great ideas can take a long time to have a demonstrable impact - no matter how urgently they're needed (see: Criminals, Nation-States Keep Hijacking BGP and DNS).
9. Security Gets More Complicated
At the same time, "security mechanisms are getting too complicated to understand and to trust," Kocher said.
The most trustworthy computer he ever had? A system with two floppy drives. When he powered it down and ejected the disks, he had a pretty good idea that nothing that might have gotten into the system would still be messing with the system.
"Back in the day, the best practice was to put your floppy disk in the safe," said RSA's Ramzan. "But you see systems becoming bigger and more complex over time."
One potential solution: creating trustworthy building blocks, Rabin said.
"Build tools that do some elementary functions, then have on top of them programming languages and compilers that are able to verify them," she said. "If you have the building blocks and are able to verify them, then you combine them yourself, which might give you confidence that it's more secure." In addition, such tools would also help more people to build more secure applications.
"Thirty-five years ago, we had computers where we knew where the memory was," Diffie said. Now, of course, massive amounts of memory are small enough to stick into your pocket, or to secret somewhere on a device in case developers decide they later want to activate it and roll out a new feature.
10. Scaling Security: Pros and Cons
But as digital systems become more ubiquitous, the very concept of information security continues to be tested in new ways, panelists warned.
"I have no idea how security actually scales," Kocher said, noting that computing created the possibility not just for failures but a concentration of failures.
"We know what it means when 1 percent of the world's cars crash every year," he said. "We don't really know what it means if all the cars that crash every hundred years crash at the very same time."
On the other hand, things really do keep getting better, Goldwasser said.
"I'd like to inject an optimistic note," she said. "Doomsday is always a temporary thing."
All photos: Mathew Schwartz