'I give fusion power a higher chance of succeeding than quantum computing' says the R in the RSA crypto-algorithm

RSA As they do every year, the names behind the RSA crypto-system took the stage in San Francisco for the RSA Conference's crypto panel, sharing their thoughts on the pressing issues facing the information security world.

Ron Rivest (the R in RSA), Adi Shamir (the S), and Whit Diffie (of Diffie–Hellman key exchange fame) were joined this time by Tal Rabin (head of research at the Algarand Foundation) and Arvind Narayanan (a professor at Princeton University) to share some of their thoughts.

Quantum Computing: Pointless

Rivest, in particular, is not a big fan of the efforts to build encryption-busting quantum computers, for obvious reasons.

"I hope people building quantum computers fail," Rivest offered. "It would mean the demise of a lovely algorithm we all know and love."

Jokes aside, Rivest told the conference he has serious doubts about whether quantum computers will ever be realized, particularly at the size and scale needed to break his and other encryption algorithms.

"I give fusion power a higher chance of succeeding than quantum computing," Rivest said. "There is a lot of scaling that has to be done before you can break cryptography, I am not sure it can be done."

Blockchain: A combination lock in a grease fire

Rivest was similarly dubious about blockchain and efforts to shoehorn the technology into voting software.

"Blockchain is the wrong security technology for voting, I like to think of it as bringing a combination lock to a kitchen fire," he said, noting that paper ballots are still considered essential for secure voting.

"We have learned that we need software independence. Voting is not a place where you need high-tech for it to work."

Whit Diffie: Fan of spycraft

Cryptography pioneer Whit Diffie was asked to weigh in on the recent Crypto AG backdooring saga. Interestingly, Diffie said he was not surprised the CIA had managed to infiltrate and bug a commercial security tool. In fact, Diffie isn't even that mad. Spies do spying, and all that.

"I am very enthusiastic about intelligence. In general, I think intelligence is very valuable to stability," he explained. "Intelligence is not about playing fair, it is about succeeding. That is what this operation did with amazing success."

Adi is back

Early on in the discussion, Adi Shamir explained his absence from last year's conference. It seems the American visa issues that kept him away from the event were every bit as frustrating as first reported, and the professor said he spent six months waiting for permission to enter the country.

"Since every other government in the world makes these decisions in 3-5 days, whoever is in charge of processing (in the US) should be replaced by a different element," he groused.

Right-to-be-forgotten and AI generate strong opinions

One of the hot topics was machine learning and, in particular facial recognition, with most of the panel agreeing the need for strong regulations on how machine learning and recognition tools should be managed.

"Not all the problems have been solved and we as the security and privacy community have a lot to contribute," noted Rabin.

There was less agreement on right to be forgotten laws, where some of the panelists clashed on who and what it is that could and should be scrubbed. For Diffie, the system is a pretty clear way for the powerful to scrub their images.

"I would like to understand how right to be forgotten could be for anything except to keep the little people in line," he said. "It is not the right to be forgotten by the secret police."

"Right to be forgotten will never work," declared Shamir. "There are all kinds of services such as the Internet Archive. What are they going to do with it? Are they going to eliminate these services that show you the state of information?"

Narayanan, however, pointed out that for people trying to clear criminal records in hopes of getting a job, right to be forgotten can be very empowering.

"Do you want the first impression of you to be your criminal record? Or do you want the right to bring it up on your own terms?" asks the Princeton prof, who notes that Google gets roughly 50,000 requests per month in the EU. "The right to be forgotten, in aggregate, is working pretty well in enabling people to de-list these search results."

Fortunately, Shamir stepped in to provide comic relief.

"Let's try an experiment," he said. "Earlier I said some nasty things about the people in charge of the visa process. I would like to ask for this to be forgotten."

Good luck, Professor. ®