RSA Cryptographers' Panel: SolarWinds, NFTs and MoreMachine Leading and Quantum Computing Challenges Also Among the Topics Analyzed
What do the world's leading encryption and security experts think about non-fungible tokens, supply chain attacks, coordinated vulnerability disclosure and the state of quantum computing?
The cryptographers' panel at this year's virtual RSA Conference addressed all these issues on Monday as part of the event's opening morning of keynote speeches and panels (see: RSA's CEO: For Maximum Resiliency, Unleash Chaos Monkeys).
As in recent years, panelists included Ron Rivest and Adi Shamir - the R and S in the RSA cryptosystem. They were joined by Carmela Troncoso, an assistant professor at Switzerland's École Polytechnique Fédérale de Lausanne, whose work focuses on analyzing, building and deploying secure and privacy-preserving systems.
Also on the panel: Ross Anderson, a professor of security engineering at both the University of Cambridge and the University of Edinburgh, founder of the discipline of security economics and author of the textbook "Security Engineering - A Guide to Building Dependable Distributed Systems."
Moderating was Zulfikar Ramzan, chief digital officer at RSA - the security firm that runs the eponymous conference - who dived headfirst into one aspect of the "crypto" debate.
"Unfortunately, in the last few years, we've seen the term crypto get a bit usurped by a different community of people who may expect us to talk about things like blockchain and bitcoin. And I hate to disappoint those people," he said (see: Non-Fungible Tokens: Of Course They're Attracting Scammers). "So I thought maybe the first question I could ask is about a topic that's come up very recently: the non-fungible token, or the NFT."
Fun With Non-Fungible Tokens
Rivest, a computer science and cryptography professor at MIT, likened NFTs - an entry on the blockchain certifying that someone owns a particular digital asset - to the Dutch tulip bulb market bubble in the 1600s. But whereas tulips are tangible, NFTs involve both a second level - a picture of a tulip - and then a third level, "which is sort of a token which points at the picture." In other words, he's skeptical.
Often, the role of skeptic gets played by Adi Shamir, a professor of applied mathematics at Israel's Weizmann Institute of Science. But in this case, he says he has a positive perspective on the NFT trend. "We should all look at it like a game of Monopoly," he said. "So a group of people decide to join forces and play the game. And in that game, some people claim that they own the White House. In the real world, it doesn't give them the right to evict Donald Trump or Joe Biden. But they can play the game as if they own the White House."
Shamir then held up a copy of the 1977 MIT technical report detailing the RSA cryptosystem, signed by himself, Rivest and co-inventor Leonard Adleman, and said they planned to make an NFT out of it and donate the proceeds to charity. Ramzan promised to announce further details soon on the RSA Conference website.
RSA Cryptosystem: Rumors of Its Demise
Recently, cryptographer Claus Schnorr released a paper claiming that he'd found a way to easily break the RSA algorithm.
If this is true - and the jury is still out - Ramzan asked if Schnorr should have attempted to first help coordinate a fix before releasing the paper.
"When we started doing work on the economics of information security 20 years ago, one of the first big problems that came up was responsible disclosure," Anderson said. "Back in those days, people were split between the BugTraq guys who wanted to disclose everything at once and the company lawyers who wanted everything kept quiet forever. And the current, responsible disclosure regime has come out of that."
But what if something really big gets broken, like the random-number generator built into Linux, or a cryptosystem such as RSA that is fundamental to internet security? Anderson said it wouldn't necessarily "be the end of the world," but that "it would be an interesting year or two" as everyone rushed to upgrade.
Troncoso said the failure of something so large as the RSA algorithm poses a question with unclear answers: "What should we do - make it public as soon as possible so that it gets fixed, or keep it secret, so that nobody can exploit it? And this is becoming a very complicated thing, especially in coronavirus times."
In the meantime, both Rivest and Shamir said that they've looked into Schnorr's paper and remain skeptical, although they said they'll applaud his efforts if he's successful.
Quantum Computing: No Killer App Yet
Why hasn't quantum computing remade the world as we know it?
Quantum computing has the potential to transform computing, for example, to break public key encryption systems such as RSA. But so far, at least, there's been no information security apocalypse.
Ramzan said it would be clear when someone successfully builds a quantum computer at scale, because "the first killer application of quantum computing - in terms of actually the cryptography" would obviously be to crack the bitcoin wallet held by the cryptocurrency's pseudonymous inventor, "Satoshi Nakamoto," which contains 50 bitcoins, currently worth more than $2 million.
But when it comes to advances in quantum computing, Shamir said it's recently been "two steps forward and one step back."
Rivest said he was astonished at the amount of investment going into startups pursuing "technology that doesn't yet exist" and may not come to fruition.
"The two major questions are: Can you build a quantum computer at scale that will last long enough to do a useful computation? That's number one," he said. "Number two is: Are there useful applications for this technology if you even could build it? And I think the answers so far are not clear."
Anderson says that from his perspective as someone who works with quantum mechanics, "the physicists are basically copying Ron and Adi, because they observed how the RSA discovery all those years ago enabled number theorists to get their shovels into the military budget, and they wanted to do the same for quantum mechanics, and in particular, for quantum optics."
While as yet there have not been any killer quantum computing or cryptography applications, Anderson said there have been "a number of very interesting and useful results" in two other areas: quantum sensing and metrology, which refers to making extremely accurate physical measurements using quantum theory.
"We now have got very much better accelerometers and gyros, instruments for archaeologists, means of doing gravimetric navigation and submarines, and so on and so forth," he said. "That's the real payoff that I see here. As far as quantum cryptography is concerned, I'm entirely unimpressed."
Adversarial Machine Learning
You can build machines, but should you trust them?
Adoption of machine learning continues, but Ramzan said one persistent challenge has been trying to build machine-learning systems that work at scale and can perform reliably - and in a trustworthy manner - even under adversarial conditions, for example, when enemies or criminals might be trying to subvert them.
Troncoso said machine learning typically involves balancing four dimensions: robustness, to protect against attacks; fairness, so the system doesn't side with anyone unfairly; explainability, so everyone knows what's going on; and being privacy-preserving.
Unfortunately, she said, "more and more results … indicate that these four dimensions may not be compatible." For example, increasing privacy may compromise robustness.
In the bigger picture, she also warned that it's not clear that organizations operating machine-learning models should be trusted to hold the data, because it's unclear what that might enable them to do. Perhaps the question, she said, "is not, 'Can we make the machine trustable,'" but rather for anyone who runs such systems: Are we "going to trust with them" with whatever course of action and business model they might pursue?
Can machine learning at scale ever be made trustworthy? "At a high level, complexity is the enemy of security, so the more complicated you make a system, the more vulnerable it becomes to all kinds of faults and penetrations, and machine learning is nothing but complicated," Rivest said. "I mean, it's very, very complicated, with millions of parameters. So it violates one of the basic tenants of security to start with. And then we get into the details."
SolarWinds: Lessons Learned
In the wake of the SolarWinds supply chain attack discovered last December, what can be done to improve the security of the supply chains?
Anderson said that IT shops might use products from hundreds or thousands of vendors, which is one problem. Another challenge: "SolarWinds was a mature company. Once upon a time, it was a keen startup with lots of lively engineers, but recently it had become a monopoly, and much of the technical expertise had been farmed out to engineers in Eastern Europe. And so they weren't caring as much about security as they used to. In essence, the company was being run by bankers as a cash cow."
Cue his recommendation for IT shops when they do due diligence, which he says is something too few do well: "Ask yourself about the culture and the ownership and the competence of all those suppliers who have got stuff within your security perimeter."