RSA 2010: Cryptographers tout the virtue of foolishness

The RSA show's Cryptographers' Panel raised some interesting issues

Playing the fool is not always a bad thing, according to a panel of encryption veterans at the RSA 2010 conference in San Francisco.

Five industry icons discussed at the show's Cryptographers' Panel some of the more foolish choices they have made over their careers, and how it has occasionally benefitted them.

The panel suggested that the cryptography industry as a whole is not always logical. Failure is usually the expected result, they explained, because the industry relies so heavily on trial and error at the research level.

"About once every three months I have a good idea, and the other 99 days I find nothing whatsoever," said Adi Shamir, a professor at the Weizman Institute of Science.

Stanford University professor Martin Hellman added: "You come in every day and work on a project you get right once out of 100. Who but a fool would do that?"

The panellists all agreed that cryptography by its nature relies heavily on peer review and criticism as new standards and systems are thoroughly scrutinised and tested throughout the academic, government and private sectors.

But this sort of scrutiny is not always a good thing. Ryan Snow, a former US National Security Agency technical director, argued that review processes for new standards, such as the 1997 Advanced Encryption Standard, may have been too quick to discredit potential standards.

Snow noted that the eventual winning standard was later called into question by research which was eventually discredited. Had such research been presented during the earlier review process, the system may never have been selected.

"We would have lost a good thing due to a process fault," said Snow. "That makes me think, let's go back and review the process."