Welcome!

Microservices Expo Authors: Zakia Bouachraoui, Elizabeth White, Pat Romanski, Liz McMillan, Yeshim Deniz

Related Topics: @CloudExpo, Microservices Expo, Containers Expo Blog

@CloudExpo: Article

Cloud Computing: RSA Conference 2011: Cryptography Panel

Diffie Calls for NSA Open-ness

In a nearly full conference hall, the Tuesday morning RSA 2011 keynotes included talks from EMC, VMWare and Symantec, and an all-star cryptography panel, where an impassioned plea was made for more openness from the National Security Agency.  The panel started by opening remarks by Ari Juels, Director of RSA Labs, who asked as a moderator. The main theme was the the history of the first modern cipher, the Data Encryption Standard, or DES. The back-story on this algorithm is that it was government standard, and was widely believed to have been modified to have a backdoor so that it was easily broken into by the US Government.

The panel included Martin Hellman and Whitefield Diffie, two important figures in public-key cryptography. Ron Rivest, the R in RSA, was also on the panel, as was a government cryptographer from the NSA. The early parts of the panel was a discussion on how the early days of cryptography had assisted their all careers.

While there was a lot of mathematical history, the interesting point in the panel is when Diffie brought up the "crypto-politics". Diffie, who sports long hair and has a vague resemblance to Kenny Rogers, said he believed  that the NSA (and IBM) could not be trusted to build a national standard algorithm without a back-door. It was pointed out that the initial algorithm was only slated to last for 10-15 years, but that the designers misjudged how the algorithm would be used in the commercial world, and how they would have to deal with the "legacy" issues. The algorithm was originally intended for government and military use.

One of the fascinating aspects of the RSA Conference is that they audience of an estimated 5000-7000 people appeared riveted to their seats for this panel.

There was a discussion about how, in the 1970s, some key aspects of the algorithm was decided by factions inside the National Security Agency, between two groups called COMSEC, and COMMINT. These government acronyms stand for Communications Security and Communications Intelligence.

Hellman then discussed his suspicions that the Government was hiding the back door, primarily because the  team was not telling the academic world the whole truth about issues like they key size. Some on the panel believed there could not be a  backdoor primarily because large corporations, Soviets and Chinese were using the algorithm.

Then an important questions was raised. "Is security even possible any more?" As proof of this might be the case, it was mentioned that the National Security Agency treats its networks as being in a permanent state of semi-compromise. One panelist pointed out that the 2 major security breaches of the last 12 months, WikiLeaks and stuxnet, had nothing to do with cryptography. Security, said the panel, is a larger problem than just technology.

The final conclusion from the panel on DES appears that there was no backdoor, it was breakable. The DES algorithm was first publicly broken in 1997.

The panel closed with an impassioned plea from Diffie for the NSA to publish its important non-classified work. This suggests that the NSA is holding on to some very important non-classified tracts that would in some way revolutionize the field.

More Stories By Bill Roth

Bill Roth is a Silicon Valley veteran with over 20 years in the industry. He has played numerous product marketing, product management and engineering roles at companies like BEA, Sun, Morgan Stanley, and EBay Enterprise. He was recently named one of the World's 30 Most Influential Cloud Bloggers.

Microservices Articles
When building large, cloud-based applications that operate at a high scale, it’s important to maintain a high availability and resilience to failures. In order to do that, you must be tolerant of failures, even in light of failures in other areas of your application. “Fly two mistakes high” is an old adage in the radio control airplane hobby. It means, fly high enough so that if you make a mistake, you can continue flying with room to still make mistakes. In his session at 18th Cloud Expo, Lee A...
In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, discussed how Dice leverages data insights and tools to help both tech professionals and recruiters better understand how skills relate to each other and which skills are in high demand using interactive visualizations and salary indicator tools to maximize earning potential. Manish Dixit is VP of Product and Engineering at Dice. As the leader of the Product, Engineering and Data Sciences team at D...
Lori MacVittie is a subject matter expert on emerging technology responsible for outbound evangelism across F5's entire product suite. MacVittie has extensive development and technical architecture experience in both high-tech and enterprise organizations, in addition to network and systems administration expertise. Prior to joining F5, MacVittie was an award-winning technology editor at Network Computing Magazine where she evaluated and tested application-focused technologies including app secu...
Containers and Kubernetes allow for code portability across on-premise VMs, bare metal, or multiple cloud provider environments. Yet, despite this portability promise, developers may include configuration and application definitions that constrain or even eliminate application portability. In this session we'll describe best practices for "configuration as code" in a Kubernetes environment. We will demonstrate how a properly constructed containerized app can be deployed to both Amazon and Azure ...
Modern software design has fundamentally changed how we manage applications, causing many to turn to containers as the new virtual machine for resource management. As container adoption grows beyond stateless applications to stateful workloads, the need for persistent storage is foundational - something customers routinely cite as a top pain point. In his session at @DevOpsSummit at 21st Cloud Expo, Bill Borsari, Head of Systems Engineering at Datera, explored how organizations can reap the bene...
Using new techniques of information modeling, indexing, and processing, new cloud-based systems can support cloud-based workloads previously not possible for high-throughput insurance, banking, and case-based applications. In his session at 18th Cloud Expo, John Newton, CTO, Founder and Chairman of Alfresco, described how to scale cloud-based content management repositories to store, manage, and retrieve billions of documents and related information with fast and linear scalability. He addresse...
The now mainstream platform changes stemming from the first Internet boom brought many changes but didn’t really change the basic relationship between servers and the applications running on them. In fact, that was sort of the point. In his session at 18th Cloud Expo, Gordon Haff, senior cloud strategy marketing and evangelism manager at Red Hat, will discuss how today’s workloads require a new model and a new platform for development and execution. The platform must handle a wide range of rec...
SYS-CON Events announced today that DatacenterDynamics has been named “Media Sponsor” of SYS-CON's 18th International Cloud Expo, which will take place on June 7–9, 2016, at the Javits Center in New York City, NY. DatacenterDynamics is a brand of DCD Group, a global B2B media and publishing company that develops products to help senior professionals in the world's most ICT dependent organizations make risk-based infrastructure and capacity decisions.
Discussions of cloud computing have evolved in recent years from a focus on specific types of cloud, to a world of hybrid cloud, and to a world dominated by the APIs that make today's multi-cloud environments and hybrid clouds possible. In this Power Panel at 17th Cloud Expo, moderated by Conference Chair Roger Strukhoff, panelists addressed the importance of customers being able to use the specific technologies they need, through environments and ecosystems that expose their APIs to make true ...
In his keynote at 19th Cloud Expo, Sheng Liang, co-founder and CEO of Rancher Labs, discussed the technological advances and new business opportunities created by the rapid adoption of containers. With the success of Amazon Web Services (AWS) and various open source technologies used to build private clouds, cloud computing has become an essential component of IT strategy. However, users continue to face challenges in implementing clouds, as older technologies evolve and newer ones like Docker c...