When you look at today's security threats, what worries you the most?
The spread of Windows systems into critical infrastructure is most concerning. If our infrastructure comes under attack, this could lead to serious failures. I'm talking about the world infrastructure. We're so intertwined when you consider things like banking, airlines and government. A big attack could happen, there would be serious global consequence and you would have a very hard time telling where it's coming from. If you had an event that affected air traffic and power it would be a very uncomfortable world to live in.
So you believe in the monoculture theory -- that tech diversity is needed because a Windows-dominated world is ripe for catastrophe?
I wouldn't say that. People who say diversity improves security put themselves in a funny position. You can't tell someone to use the most secure operating system if it doesn't let you do what you need to get done. Security is always a supporting requirement within the enterprise. You have an enterprise that wants to do something. The police want to stop crime. Companies want to make money. Security is an important but subordinate requirement. If you want to run desktop applications, you pick Windows. But when it comes to critical infrastructure, you probably shouldn't use Windows because of too little care to coding too deep in its guts. Globalization could have a beneficial affect. Other nations use Linux-based systems. There is more diversity around the world. But diversity isn't the most critical question. It's the proper attention to software coding that's critical. Security differs from reliability because someone's looking for the part you didn't get right.
Which threats do you think are overly hyped?
Over-hype takes attention away from the most serious problem -- protecting critical infrastructure. Less serious are the censorship applications. Worrying if employees are visiting certain Web sites is a distraction. Censorship applications that try to control which Web sites you can visit are a distraction from the bigger problems.
A running joke is that whatever year we're in is "The Year of PKI," meaning the technology has yet to live up to its hype. Do you believe there will ever be a true year of PKI?
No. One day we will look around and start trying to figure out what year in the past was the year of PKI. Widespread use of PKI is inevitable. But there has been a standardization problem that isn't helped by the number of competitors in the field. It's fundamentally a capital development problem. Growth is slow now but it'll pick up later. Did I think it would develop more quickly? Yes. Am I surprised there's so little of it? No. The government uses quite a bit of it. And it's hard to say PKI hasn't had tremendous market penetration. It just seems there's not enough of it given the security needs out there.
How do you see the technology evolving over the next decade?
I expect it to develop an opposable thumb and settle into a level of standards. I think the most glaring example of success is the Advanced Encryption Standard (AES). We now have a high-grade crypto algorithm. Standards like AES, SHA-384 [and] ECC digital signatures… will drive out their competition: RC4, DES, 3DES, etc., and become widely embedded in hardware and software around the world. We are transitioning from modular arithmetic-based key systems to elliptical curve systems. Elliptical curve is more compact. It brings register-key sizes down. It runs faster and consumes a lot less power. In the coming world of integrated mobile devices, this will have a big impact. People have a lot of inertia. But things like hand-held browsers will be the motivation for a change to lower-power, more efficient systems. Like some of the other questions, here's something Martin Hellmann was also asked about: In December 2003 Information Security magazine called Ralph Merkle an "unsung hero," arguing that he had as much to do with advancing PKI technology as you and Hellmann did. Do you think Merkle deserves more credit for his contributions than he has received in the past?
There's very little question he deserves immense credit for this. I think we have all done very well not fighting about credit. His contribution should certainly be acknowledged. But everyone played a part. Historians will dissect who did how much, but that's not what's important. Though his thinking and mine aren't entirely congenial, I think he's great and has contributed much to the field. He may also not get enough credit on nanotechnology. He's been working on that for a very long time.