1 day Ago By Iain Thomson
RSAC It was a somewhat gloomy Cryptographers' Panel at the RSA Conference in San Francisco on Tuesday, with two of the industry's sages in a pretty grim mood. Adi Shamir, the S in the RSA algorithm and a cofounder of RSA Security, went off on cryptocurrency, saying its early promise has been wasted. While he said Satoshi Nakamoto's paper [ PDF ] on Bitcoin and its blockchain was "very lofty," its promise of becoming a decentralized way to exchange money digitally without government interference, or reliance on financial institutions, hasn't come through, in Shamir's opinion.
"Everything is highly centralized in a small number of very large exchanges. No one is using it in order to make payments; people are using it once in order to speculate," he opined while on the panel . "So my personal opinion is that the world would have been better without cryptocurrencies.
" He continued, "Cryptocurrencies are what enabled all the malware. It would have been very difficult to extract so much money from companies if there were no cryptocurrencies." Ed Felten, Professor Emeritus of computer science at Princeton University, was less pessimistic.
He told the conference audience that yes, things aren't as easy as Nakamoto may have envisioned and a shift to a decentralized currency is massively complicated, but it's very early days and major societal institutions are still working out the ground rules. Governments are increasingly understanding the potential and pitfalls of such a shift, he suggested, and the fact that the biggest finance houses are now getting behind the technology with products including stablecoins is a very positive sign. "It'd be foolish to sit here and try to defend every cryptocurrency in the world or everybody who's in that space.
But in a lot of ways, it reminds me of the early internet," Felten posited. "There are a lot of people doing silly things, some people doing dangerous and criminal things, but there's a lot of people building interesting things, a surprising number of people, especially in parts of the world where the local government issue currency is not very safe." Shamir agreed that the basic blockchain technology is sound, but its implementation in cryptocurrency isn't.
Having anonymous currencies that can move around the world without hindrance or responsibility isn't ideal, he said. (Bitcoin, for what it's worth, isn't actually anonymous.) As for cryptography itself, Whitfield Diffie, a pioneer in public-private key security and co-inventor of the crucial Diffie–Hellman key exchange technique, was in a similarly downbeat mood.
The guru said he's worried the NSA and others are storing old encrypted messages that they can't read right now, but will be able to in the future once computing power and improved techniques make the data possible to decode. "It's what the intelligence community would call collect-now, exploit-later, is the heart of intelligence," he intoned. "There are vast tape libraries at NSA and all the rest of those organizations running back years.
" Quantum-resistant cryptography, which has been in the works for years and is gradually being deployed now, may head off attempts by the NSA et al to crack today and tomorrow's harvested encrypted communications in the future using quantum computers. But we may not know how well that resistance works until a practical quantum computer is up and running; and stuff encrypted in the past without quantum resistance eventually may or will be busted open. Diffie acknowledged there are folks developing this so-called hybrid post-quantum cryptography .
He likened the situation to trying to write a crypto system in World War Two that would stand up to today's computer-equipped code breakers. Shamir agreed, saying not moving to hybrid earlier was "a major mistake." He predicted that the first proper quantum computers should be out by 2040, but said it was a very risky bet.
As for the traditional battle between governments and citizens over encryption and backdooring, Diffie was scathing about the UK's latest attempts to potentially eavesdrop on Apple users. He argued this effort was largely fruitless because if anyone, innocent or otherwise, wanted to shield their chatter or data from the British authorities, they have plenty of secure options to choose from besides Apple's iCloud. Then there's the US Secretary of Defense Pete Hegseth's use of Signal for federal work.
Diffie deplored its use in government to get around public-sector records-keeping laws, and feared it could be subverted to quietly disclose end-to-end encrypted conversations. "What bothers me is that Signal makes you have updates every few days or something, and insist you use the latest version. And that means someone with a court order could say, 'Here, slip a bug into a version, ship it out, and make everybody use it,'" he warned.
Signal is adamant its software is secure and will pull out of countries that attempt to force it to implement a hidden backdoor. ®.
