Cybersecurity In-Depth: Feature articles on security strategy, latest trends, and people to know.

Cryptographers at an RSA Conference panel aren't worried about adversarial quantum cryptography. Machine learning, though, causes pressing practical issues.

Sara Peters, Senior Editor

May 18, 2021

13 Min Read

Figure 1: 








Related Content:
Don't Let Scary Headlines Shape Your Company's Cyber-Resilience Strategy
Cloud Security Blind Spots: Where They Are And How to Protect Them
How to Get Employees to Care About Security
Special Report: Assessing Cybersecurity Risk in Today's Enterprises








RSA CONFERENCE 2021 – The annual Cryptographers' Panel, moderated Monday by RSA chief digital officer Zulfikar Ramzan, brought together cryptographers Carmela Troncoso, assistant professor at EPFL; Ross Anderson, professor of security engineering at Cambridge University and Edinburgh University; and panel mainstays (the R and S in 'RSA') MIT professor Ron Rivest and Weizmann Institute professor of computer science Adi Shamir. (Another usual participant, cryptographer Whitfield Diffie, was not part of the panel but did a rapid-fire, one-on-one repartee with Ramzan.) 
The discussions hit on machine learning (adversarial and otherwise), quantum computing, responsible vulnerability disclosure, COVID-19 contact tracing, supply chain security, cyber resilience, and a recently proposed algorithm for factorization that claims it could defeat the RSA cryptoystem. Read on for a rundown of the most memorable quotes from the discussion.  
(Image by Sergey Bitos via Adobe Stock)

RSA CONFERENCE 2021 – The annual Cryptographers' Panel, moderated Monday by RSA chief digital officer Zulfikar Ramzan, brought together cryptographers Carmela Troncoso, assistant professor at EPFL; Ross Anderson, professor of security engineering at Cambridge University and Edinburgh University; and panel mainstays (the R and S in "RSA") MIT professor Ron Rivest and Weizmann Institute professor of computer science Adi Shamir. (Another usual participant, cryptographer Whitfield Diffie, was not part of the panel but did a rapid-fire, one-on-one repartee with Ramzan.) 

The discussions hit on machine learning (adversarial and otherwise), quantum computing, responsible vulnerability disclosure, COVID-19 contact tracing, supply chain security, cyber resilience, and a recently proposed algorithm for factorization that claims it could defeat the RSA cryptoystem. Read on for a rundown of the most memorable quotes from the discussion.  

(Image by Sergey Bitos via Adobe Stock)

Figure 2:

(Image by dlyastokiv via Adobe Stock)

'Unplug it, baby.'

— Whitfield Diffie, in response to Ramzan's question, "If you could design a piece of [security] advice short enough to fit on a bumper sticker, what would that advice be?"

(Image by dlyastokiv via Adobe Stock)

Figure 3:

He added, 'There are so many startups happening. The amount of money being invested in this technology is incredible. And one wonders if it's really going to be substance there. I think the two major questions are, 'Can you build the quantum computer at scale that will last long enough to do it a useful computation?' That's number one. And number two is, 'Are there useful applications for this technology, even if you could build it?' And I think the answers so far are 'not clear' and 'maybe.''
(Image by intheskies via Adobe Stock)
'It is astonishing to me how much energy is going into the commercialization of technology that doesn't yet exist.'

— Ron Rivest, on quantum computing.

He added, "There are so many startups happening. The amount of money being invested in this technology is incredible. And one wonders if it's really going to be substance there. I think the two major questions are, 'Can you build the quantum computer at scale that will last long enough to do it a useful computation?' That's number one. And number two is, 'Are there useful applications for this technology, even if you could build it?' And I think the answers so far are 'not clear' and 'maybe.'"

(Image by intheskies via Adobe Stock)

Figure 4:

'At the moment it's not clear at all if [the particle] does exist and whether Microsoft will be able to proceed in the way that they have pursued quantum computing over the last 10 years.'
(Image by Sergey Bitos via Adobe Stock)
'This year, the focus in quantum computing has been two steps ahead, one step back.'

— Adi Shamir, mentioning that Microsoft recently backtracked on research it made three years ago that claimed an impressive "breakthrough" in quantum physics: that it had observed the existence of the elusive Majorana fermium.

"At the moment it's not clear at all if [the particle] does exist and whether Microsoft will be able to proceed in the way that they have pursued quantum computing over the last 10 years."

(Image by Sergey Bitos via Adobe Stock)

Figure 5:

'As far as quantum cryptography is concerned, I'm entirely unimpressed because all you can do is rekey your encryptor, and we've known how to do that for 40 years. And the proofs based on quantum entanglement don't convince me because that interpretation only works in certain interpretations of quantum mechanics. I don't want to go into a debate on foundations of quantum computing, but I personally am a skeptic.'
(Image by Inna via Adobe Stock)
'I'm entirely unimpressed'

— Ross Anderson, on quantum cryptography.

"As far as quantum cryptography is concerned, I'm entirely unimpressed because all you can do is rekey your encryptor, and we've known how to do that for 40 years. And the proofs based on quantum entanglement don't convince me because that interpretation only works in certain interpretations of quantum mechanics. I don't want to go into a debate on foundations of quantum computing, but I personally am a skeptic."

(Image by Inna via Adobe Stock)

Figure 6:

'Something I found very interesting is that under the data protection regulation, for instance, they are still part of the supply chain and, as such, not subject to the law. So they were very free, which I find very surprising.'
(Image by visivasnc via Adobe Stock)
'They took some decisions that defined the privacy for the whole world.'

— Carmela Troncoso, on mobile phone operating system companies' (Google and Apple) role in the privacy of contact tracing applications.

"Something I found very interesting is that under the data protection regulation, for instance, they are still part of the supply chain and, as such, not subject to the law. So they were very free, which I find very surprising."

(Image by visivasnc via Adobe Stock)

Figure 7:

'Machine learning [systems] are, at the moment, they're totally untrustworthy. And we don't have at the moment a good understanding where the adversarial examples are coming from, what do they represent. Some progress is being made along these lines. But I think that until we solve the robustness issue, I'll be worried about deploying any kind of a big machine learning system that no one understands and no one knows in which ways it can fail.'
(Image by besjunior via Adobe Stock)
'Machine learning [systems] are, at the moment, they're totally untrustworthy.'

— Adi Shamir.

"Machine learning [systems] are, at the moment, they're totally untrustworthy. And we don't have at the moment a good understanding where the adversarial examples are coming from, what do they represent. Some progress is being made along these lines. But I think that until we solve the robustness issue, I'll be worried about deploying any kind of a big machine learning system that no one understands and no one knows in which ways it can fail."

(Image by besjunior via Adobe Stock)

Figure 8:

(Image by Elnur via Adobe Stock)

'Maybe the question we should be asking is not, 'Can we make the machine trustable?' but, 'Can we make the ones [who] are using these machine learning [someone] we want to trust with them?" 

— Carmela Troncoso, on machine learning and the privacy risks posed by how companies collect the data they feed to ML tools. 

(Image by Elnur via Adobe Stock)

Figure 9:

'SolarWinds was a mature company. Once upon a time it was a keen startup with lots of lively engineers, but recently it had become a monopoly and much of the technical expertise had been farmed to engineers in Eastern Europe. And so they weren't caring as much about security as they used to. In essence, the company was being run by bankers as a cash cow. One of the pieces of due diligence you have to do if you're running a big IT shop is to ask yourself about the culture of the ownership and the competence of all those suppliers who have got stuff within your security perimeter.'
(Image by Better Stock via Adobe Stock)
'The company was being run by bankers as a cash cow.'

— Ross Anderson on SolarWinds.

"SolarWinds was a mature company. Once upon a time it was a keen startup with lots of lively engineers, but recently it had become a monopoly and much of the technical expertise had been farmed to engineers in Eastern Europe. And so they weren't caring as much about security as they used to. In essence, the company was being run by bankers as a cash cow. One of the pieces of due diligence you have to do if you're running a big IT shop is to ask yourself about the culture of the ownership and the competence of all those suppliers who have got stuff within your security perimeter."

(Image by Better Stock via Adobe Stock)

Figure 10:

'The idea of rekeying and reauthenticating everyone is not one we talk about much. Adi may disagree with me. But overall I would give us a grade of C-minus, us cryptographers, on resilience. I think the systems we design tend to be brittle and tend to break if there's a serious key compromise.'
Shamir countered, 'So I will actually give our system designers a D or an F. But I'll give cryptographers an A.'
(Image by Олександр Луценко via Adobe Stock)
'Cryptographers are actually pretty terrible at designing resilient systems.'

— Ron Rivest.

"The idea of rekeying and reauthenticating everyone is not one we talk about much. Adi may disagree with me. But overall I would give us a grade of C-minus, us cryptographers, on resilience. I think the systems we design tend to be brittle and tend to break if there's a serious key compromise."

Shamir countered, "So I will actually give our system designers a D or an F. But I'll give cryptographers an A."

(Image by Олександр Луценко via Adobe Stock)

Figure 11:

'... we have good old-fashioned paper mechanisms like we have for yellow fever vaccination. And so I've got my vaccine card, which was written by the nurse when I got my jab, and that's fine. I can stick it in my passport and that's good enough. Trying to build an all-singing, all-dancing worldwide system is the wrong thing to do at a time like this. It's just rent-seeking by tech companies who want to down governments for hundreds of millions of dollars. And in the process they will cost thousands of more lives to be unnecessarily lost.'
(Image by spryakot via Adobe Stock)
'It's just rent-seeking by tech companies.'

— Ross Anderson, on the development of "vaccine passport" apps.

"... we have good old-fashioned paper mechanisms like we have for yellow fever vaccination. And so I've got my vaccine card, which was written by the nurse when I got my jab, and that's fine. I can stick it in my passport and that's good enough. Trying to build an all-singing, all-dancing worldwide system is the wrong thing to do at a time like this. It's just rent-seeking by tech companies who want to down governments for hundreds of millions of dollars. And in the process they will cost thousands of more lives to be unnecessarily lost."

(Image by spryakot via Adobe Stock)

Figure 12: 
'I want to see numbers get factored.'
— Ron Rivest, on Claus Schnorr's proposed algorithm for factorization that claims it could defeat the RSA cryptosystem.
'Of course I asked the author first of all, and I asked Claus what's going on here? Do you really believe this destroys the RSA cryptosystem? Do you have any demonstrated factorization? ... And I pointed him to some criticisms on the Web that he hadn't seen. And so he looked at those, and so he posted as recently as four days ago an updated version of his paper. So I think the dust still hasn't settled on this yet. As everything I tend to be skeptical until the proof is in the pudding in factoring. I want to see numbers get factored.'
Shamir said, 'One thing I can promise is that if Claus Schnorr's approach succeeds, I will be the first to applaud, and I will not sue Claus Schnorr in any way or form.'
(Image by tryfonov via Adobe Stock)

'I want to see numbers get factored.'

— Ron Rivest, on Claus Schnorr's proposed algorithm for factorization that claims it could defeat the RSA cryptosystem.

"Of course I asked the author first of all, and I asked Claus what's going on here? Do you really believe this destroys the RSA cryptosystem? Do you have any demonstrated factorization? ... And I pointed him to some criticisms on the Web that he hadn't seen. And so he looked at those, and so he posted as recently as four days ago an updated version of his paper. So I think the dust still hasn't settled on this yet. As everything I tend to be skeptical until the proof is in the pudding in factoring. I want to see numbers get factored."

Shamir said, "One thing I can promise is that if Claus Schnorr's approach succeeds, I will be the first to applaud, and I will not sue Claus Schnorr in any way or form."

(Image by tryfonov via Adobe Stock)

About the Author(s)

Sara Peters

Senior Editor

Sara Peters is Senior Editor at Dark Reading and formerly the editor-in-chief of Enterprise Efficiency. Prior that she was senior editor for the Computer Security Institute, writing and speaking about virtualization, identity management, cybersecurity law, and a myriad of other topics. She authored the 2009 CSI Computer Crime and Security Survey and founded the CSI Working Group on Web Security Research Law -- a collaborative project that investigated the dichotomy between laws regulating software vulnerability disclosure and those regulating Web vulnerability disclosure.


Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights