Monday, March 5, 2012

RSA Conference 2012

I'm a notoriously bad traveller, a fact I'm sure has worked against me in all manner of ways. Even so, I was really excited about attending the RSA Conference (RSAC) for the first time. Partly this was because I was presenting results of some nice research, and partly because there is nothing else like RSAC: it really has to be seen to be believed. This was illustrated within two minutes of the opening, when a 20-odd person gospel choir sang a security-oriented remix of the Rolling Stones "You can't always get what you want" ... EUROCRYPT it ain't, but that's part of the attraction. You can't really do the conference justice in a blog post like this, not least because all the parallel tracks mean having to choose between (often equally good) sessions. However, a lot of the content is online and well worth a look.

A real side benefit of going to RSAC is that San Francisco is so great. Even outside RSAC, it was amazing to see technology and technologists everywhere and at the forefront of everything. I don't think I've ever felt a smaller fish in a bigger pond in that respect; maybe I just don't go to London enough.

Trade show

RSAC is part trade show: for me, this was part of the attraction. On one hand, there's of course a lot more marketing and less detail on the trade show floor than in the technical sessions. On the other hand, talking to people who actually have to implement and use the output of research was valuable: not only did it produce new ideas, but also highlights areas where practice simply doesn't match theory. I'd go as far as to say attending something like this should be a mandatory part of a PhD programme, if only to broaden horizons.

There was a huge range of products and services on show, and I spoke to a lot of interesting people (esp. at CRI who, as always, had some neat demos). Large set-piece booths were popular: one had a live sumo wrestler, others settled for F1 cars and various forms of motorbike.

  • Germany, as a whole, seemed to have an umbrella booth showcasing a few security-related companies (such as, I think, escrypt); I thought this was amazing, and unfortunately can't imagine that the UK would have the foresight or follow-through to do the same (despite some DTI-style advertising of innovation in the UK at SFO).
  • Two of the most interesting booths, for me, were Coverity and Veracode, companies working in (very roughly) the same area of application security. Both offer solutions which scan (using static and dynamic techniques) applications for security issues; the people I spoke to were a bit vague about whether this included things like web-based side-channel leakage. This is already quite tough given the range of issues possible (which they align with things like CVE), but one of the advantages of their approach is the use of a more on-line or cloud-based technique: the idea is that as soon as an issue is identified, analysis can be applied to locate similar instances elsewhere. This is a bit like the advantage of a cloud-based virus scanning.
  • Given our proximity to XMOS, a clear trend in networking hardware was interesting: several vendors seemed to be shifting toward use of many-core processors, rather than dedicated hardware. Maybe I should have known this, and of course it's quite sensible: you get the high-throughput processing required, but also a very flexible solution without the overhead of investing in hardware engineers to support things like FPGAs. One example was the Netronome FlowProcessor, which seemed, at face value, a bit like Tilera devices.

Normal sessions

I deliberately avoided going exclusively to the Cryptographers Track sessions. Instead, my aim was instead to just attend talks that seemed interesting or I could learn something from; sometimes this worked out well, and sometimes not. A few that stood out for me were:
  • Ernie Brickell presented an interesting (thought quite high-level) overview of several security-related innovations in Intel processors:
    • A new digital RNG, composed of a real entropy source and various components to check and distil the random output (which a program gets in say 32-bit chunks using a new RDRAND instruction). Some of the challenges involved in deploying it included verification: Ernie suggested that the design verification team weren't keen on testing a component whose behaviour was intentionally random!
    • EPID, an extension of DAA-style technologies.
    • Mechanisms for trusted boot and identity protection, for example a one-time password generator in hardware that mirrors software implementations.
    • Software-based performance improvements such as multi-buffer and function stitching, both of which seem fairly straightforward (essentially relating to maximising use of execution units) but yield impressive improvements.
    • Side-channel countermeasures, which (bar use of AES-NI) seemed boil down to advice about software implementation. It was interesting to hear that Intel don't want to "fix" hardware wrt. micro-architectural side-channels (e.g., cache-based) since this would have a high overhead for all workloads; they view targeted countermeasures in software as a better compromise for their customers.
  • David Baker gave a nice talk about security in smart-grid, offering some insight into the worries of vendors and utilities:
    • more worried about the cost of attack (low-cost attack more specifically) since the environment nodes operate in means an aggressive, able attacker will win; the real worry is unskilled individuals doing the same.
    • more worried by multi-node attacks (i.e., attacks that compromise more than one node) since they are more likely to impact on grid as a whole rather than cause one-off financial leakage.
    He also described how the landscape has changed over last 3 or so years; specifically, the overall architecture is often different (less meter-to-meter communication and more central hubs), and there is more use of encryption, signed firmware etc. Interestingly, his view was that the "textbook" example of side-channel analysis in the context of smart-grid is moot: granularity of communication doesn't currently allow the "watch for drop in power consumption, infer than owner is out of house" attack.

  • Dan Kaminsky gave a talk entitled "That doesn't actually work: hard truths about cryptographic innovations". It was refreshing to have someone just talk with no slides, but I think this backfired a bit wrt. focus. On one hand, there were some interesting points about DNS (inc. DNSSEC) and encrypted databases (inc. CryptDB). On the other hand, there wasn't a whole lot about wider cryptographic innovation or at least innovative cryptography: about the only state-of-the-art was an aside about FHE in which Dan slated the idea ... his argument seemed a little misguided to me (the criticism seemed to be that it won't work, i.e., be used, because it implies a need for programs to be branch-free circuits).

  • Wolfgang Kandek and Ivan Ristic gave a presentation about SSL, which sort of wrapped-up a bunch of experience and advice wrt. configuration and so on. They talked a bit about the information gathered and tools available via the Qualys SSL Labs site (e.g., a configuration guide, and an Apache plugin to do client fingerprinting), and finished with some discussion of Convergence: this seemed like a neat idea, and it'll be interesting to see how it pans out.

Keynote sessions

I guess the keynote sessions were more about inspiration and a few big-picture industrial themes than detail. Some were better than others (I was surprised at the general style of presentation, which bordered on "infomercial" in places). A few themes which stood out for me were:
  • BIG data, and scale more generally, as illustrated by the fancy introduction to the keynote by Pranav Mehta. There were sort of two sub-themes here:
    • The scale issue as relevant to cryptographic research (mirrored a talk by Martin Sadler at a recent EPSRC event): in short, anywhere you have a O(n) might not actually be good enough given the scale of the future (e.g., number of devices, volume of data).
    • Constructive use of BIG data to inform security systems, e.g., extracting intelligence to better predict and pre-emptively stop attacks.
  • Cloud computing and virtualisation, in part as tools to combat the BIG data problem.
  • Provenance of data, which is something Scott Charney spent some time discussing in relation to features in (various versions of) Windows.
  • The issue of Bring Your Own Device (BYOD), which Enrique Salem related to the rise of Digital Natives (under 25ish) who live and work differently: the problem is essentially how to manage the security of devices employees bring in and use on your network.
More or less all the keynotes are worth a watch online, but a few that stood out for me were:
  • Some notable cryptographers were awarded various honours:
    • Martin Hellman got the "Lifetime Achievement" award; he went to some length to highlight the contribution of others in the production of the Diffie-Hellman protocol (e.g., Ralph Merkle).
    • Eli Biham and Mitsuru Matsui got the "Excellence in the Field of Mathematics" award, primarily for development of differential and linear cryptanalysis.
  • For the "Cryptographers Panel", Ari Juels moderated discussion between Whit Diffie, Ron Rivest, Stefan Savage and Adi Shamir. Some of the discussion was about the "Ron was wrong, Whit is right" paper. One of the more interesting points that came up was the idea of being more "scientific" about security; there was some debate whether this was possible (or even what people meant). However two aspects which seemed compelling were the application of reductionist-style arguments (per cryptographic proofs of security), and simply more rigorous scientific method wrt. measuring effect of countermeasures and controls.
  • For the "Rise of Hacktivism Panel", Jeffrey Brown moderated discussion between Misha Glenny, Eric Strom and Grady Summers. I thought this was one of the best sessions, partly because of timeliness and partly because it was fascinating to see various angles on the same issue. The FBI stance in particular was enlightening: Strom described various strategies such as acting as a "support broker" by putting companies under attack in contact with previous victims. I was really impressed by Glenny in particular, who I'd not heard of before; his comments were the first time I'd heard someone talk about ideas for rehabilitation of those convicted of hacking.
  • Pranav Mehta gave an overview of how Intel platforms are evolving to cope with the demands of, for example, high volume network processing. It seemed to suggest that in Crystal Forests, software (e.g., their Intel Data Plane Development Kit) is increasingly becoming part of their "stack" as an abstraction layer. I guess this makes sense wrt. complexity of the hardware and getting the most from it, but I was wondering how much sense this made wrt. security: more software layers between me and the hardware makes me a bit scared of how I'll reason about what's going on, and for example how I can avoid very low-level side-channel attacks.
  • I thought "The Hugh Thompson Show" sounded awful on paper, but turned out to be one of the highlights for me: it was both interesting and funny. The theme was basically choice, and more specifically how choice by people leads to security issues. Dan Gardner talked about the idea of subconscious choice being an important aspect of security (and online behaviour in general). Frank Luntz talked about language and how this influenced choice (or preference); some of the comments about how this is used in politics were interesting ... I think there is a lesson in there somewhere about using the right language to boost acceptance of research papers!
  • Last up, Tony Blair gave a surprisingly funny talk (bar a few amazingly candid points about Iran, and the fact he seemed to assume the audience were all American). I sit on the fence a bit in terms of Blairism but to be fair, he's good at what he does: as a speaker, he stood head and shoulders above most of the others even though he was essentially talking to an audience he doesn't (by his own admission) understand very well.

No comments:

Post a Comment