David Spark here reporting for Tripwire at the 2010 RSA Conference in San Francisco.
First panel of the conference was a very confusing discussion on cryptography from the people who started and are continuing to innovate in this area. I guess it’s appropriate for a discussion on cryptography to be confusing.
On the panel were:
- Whitfield Diffie, Visiting Professor, Royal Holloway College, University of London, and Visiting Scholar, Stanford University
- Martin Hellman, Professor Emeritus of Electrical Engineering, Stanford University
- Ronald Rivest, Viterbi Professor of Electrical Engineering and Computer Science, MIT
- Adi Shamir, Professor, Computer Science Department, Weizmann Institute of Science, Israel
- Brian Snow, Former Technical Director, NSA IAD
Moderated by Ari Juels, Chief Scientist and Director, RSA Laboratories
After a lot of self-congratulations on what papers they wrote and when, we finally got into a discussion on the latest in cryptography. Here are some of the items that come up in conversation:
- Proofs of security even if valid may deliver less than they say to. Make sure you understand the limitations.
- Some people thought it was foolish to work in cryptography back in the 70s. Foolishness is the backbone of success in cryptography.
- We often think now that what we know now is the best that can be done. That’s why foolish assumptions to be able to take yourself out of that thinking.
- You can work for 100 days on a process and only see success on the 100th day. It takes a fool to be able to pull that off.
- NSA admits that they cheat in cryptography. They read everything that other cryptographers publish, but they don’t publish reports that are created internally.
- There are a lot of solutions inspired doing real signals intelligence.
- NSA technical journal is a funny object. It’s supposed to tell people what they’re doing, but it’s an internal cheer-leading document, argued Diffie.
I must admit that most of the conversation was such inside baseball about cryptography that I simply didn’t know what they were talking about. My apologies for not being able to bring you the full aspect of the discussion, but all the references and names went right over my head.
Check out more of Tripwire’s coverage from the 2010 RSA Conference in San Francisco.