Tuesday, April 21, 2009

RSA Conference 2009: World-Class Cryptographers Muse on Cloud Computing and Mushroom Clouds

Nagasaki, 8-9-45
Notes from the Keynote Session (Continued), RSA Conference 2009, Tuesday 4-21-09

Well, however the tale of the Cloud plays out in the end; it is definitely providing a lot of fodder for the best and the brightest.

At this year's iteration of the legendary RSA Conference Cryptographers Panel, there was provocative discussion of the Cloud:

Whitfield Diffie, Vice President, Fellow and Chief Security Officer of Sun Microsystems, said he is "bullish on Cloud computing" and that it is the type of challenge "seen not more than twice before" in the space.

But Adi Shamir, Professor of Computer Science at the Weizmann Institute of Science in Israel, is "very worried about it." According to Shamir, we risk trading in "many small disasters for one big catastrophe."

"Now that we are possibly moving into the cloud," he elaborated, "we are facing a real danger of a hacker taking out one data center to catastrophic effect."

True to his studied stance, Bruce Schneier, Chief Technology Officer, BT Counterpane, said he is "bored with cloud computing." Although it is presented as new paradigm, Schneier explained, "fundamentally, I do not see many differences, it is still about trust, it is a continuation of what we have been seeing."

And although he described himself as "enthusiatic" over it, Ron Rivest, Viterbi Professor of Electrical Engineering and Computer Science at MIT, poked fun at the endearing term, "Cloud computing," and suggested that "Swamp computing" might be more appropriate. Rivest also encouraged the attendees to consider the possible analogy with the differentials craze that led to the current global financial crisis; in both instances, CEOs are deriving benefits while off-loading risks, but that there could be similarly severe consequences.

But from my perspective, Martin E. Hellman, Professor Emeritus of Electrical Engineering at Stanford stole the show.

Hellman is working on the dangers of a very different kind of cloud.

Hellman asks, "How risky is nuclear deterrence?" "1100 times riskier than having a nuclear power plant near your home," he posits.

He encourages the audience to do a Google search on "Hellman cryptography nuclear" to drill down into his current work, and also gave out the URL for his site, nuclearisk.org

He characterized the human race as possessing the physical powers of a god with the psyche of a 16 yr old boy. If we do not "grow up really fast and pay attention to risks before they become obvious," we face calamity beyond comprehension.

"Trial and error are not enough, we have to rely on forecasting ability."

Hellman drew from the example of the current global financial crisis.

There were repeated warnings about derivatives, he recounted; Sen. Bryan Dorgan (D-ND) in 1994, Brooksley Born of the CFTC in 1998, and Warren Buffet, who sounded the alarm about "financial weapons of mass destruction' in 2002.

Society, Hellman noted, never seems unable to recognize risks until it is too late, and he cited nuclear weapons proliferation, the economic crisis and data security as prime example.

"We risk being called Cassandras," he acknowledged, but exhorted the audience not to be dissuaded by this inevitability, because "Cassandra was always right."

-- Richard Power