Spotlight Shines on Alice and Bob for RSA Conference 2011 Anniversary

Related Articles

• G-20 Summit Subject Lines Used for Targeted Attacks
• Top Threats for 2012? Just Look to RSA Agenda
• Rackspace, GlobalSCAPE Partnership Agreement Yields Cloud-based File Transfer Product

Subscription Options

Subscribe Newswire

Widgets & RSS Feeds

Take a quick quiz: What does RSA stand for? Who do Alice and Bob represent? If you are like me, you might have attended many RSA conferences and given little thought to the name itself. As one of many faithful RSA conference attendees, I’m looking forward to the event, being held February 14-18 in San Francisco’s Moscone Center.

This year marks the conference’s 20th anniversary. I can just imagine the event planners brainstorming theme ideas, wanting something that could convey the 20 years and yet still befit the impressive and creative security themes of the past, like last year’s The Rosetta Stone and people like Edgar Allen Poe or Alan Turing or the contributions of ancient mathematicians. I have to confess that I learn something about these historical people and times whenever the event rolls out its registration campaigns.

This brings us back to the quiz. RSA represents the initials of three then MIT gentlemen, Ron Rivest, Adi Shamir and Leonard Adleman, who in 1978 released the RSA algorithm, the first known to be suitable for signing, as well as encryption. It is widely held that this invention is one of the first great advances in public key cryptography and that its impact has guided and shaped the world of information security for the past 30+ years.

At the RSA conference this year, the founders of the RSA algorithm are the focus of the theme and it was Rivest that created Alice and Bob. So who are Alice and Bob? According to Sandra Toms LaPedis, area vice president and general manager for RSA Conference, these two personas were created to simplify the explanation of a complex encryption method. Instead of saying “person A” and “person B” it became Alice and Bob.

Another individual we’ll hear about at RSA 2011 is Bruce Schneier, also a founding father of modern information security. He explains Alice and Bob as the sender and receiver, or the signer and authenticator of messages. “Alice and Bob were the players,” says Schneier. It was Schneier that introduced other characters into the cryptography game explaining the creation of Eve, the person in the middle that was trying to eavesdrop on the message. Schneier goes on to say: “I needed another character, because Eve was passive and just sat there and listened. I needed someone that was active and malicious, I called her Mallory.” Other characters were also created as needed like Carol and Dave (C and D personas).

Schneier recalls how authors of papers would talk about Alice and Bob, Carol and Dave to explain what they were doing. These characters have lived full lives to hear Schneier describe it: “Alice and Bob have sent each other secrets, they get locked in jail, they date each other, they get married, they get divorced, anything that two people might want to do securely, Alice and Bob have done it.”

Another pioneer of cryptography is Whitfield Diffie. It was Diffie and Martin Hellman, that co-invented the first practical method for establishing a shared secret over an unprotected communications channel in 1976. A self-described hippie and counterculturalist, Diffie was concerned that technology could either “be used to protect an individual or could be used to assault the individual.” Diffie says, ”I had this vision of cryptography as one of the only technologies I knew that would actually protect the individual.” Diffie says he tried to get others to join him at the time, but few were interested in working on the issue. Hellman for his part, saw the coming marriage of computers and communications by observing how much money IBM was investing, and the need for commercial encryption. Undaunted by the view of others that it was “foolish to work in cryptography,” Hellman says, “Instead that attracted me. I wanted to show that they were wrong.”

Indeed Diffie, Hellman, Schneier, Rivest, Shamir and Adleman among others have laid the groundwork to cryptography. To hear Rivest describe it, cryptography is downright exciting: “You have human conflict, you have the good guys and the bad guys, that make it interesting. You have questions of coding, questions of algorithms.” Rivest sees these issues, and others “all tangled together making cryptography a wonderfully rich source of interesting problems with the source of the problems butting up against each other.”

Toms LaPedis says these pioneers will be honored during the 20th anniversary of the conference, noting that past conference themes have honored “historical people no longer with us.” Instead she says this year: “We are celebrating pioneers in our industry that are still alive. It is a bit of a departure on what we have done in the past, by celebrating the birth of public-private key encryption through Alice, Bob and Mallory.”

Observes Toms LaPedis, “But for them (Diffie, Hellman, Schneier, Rivest, Shamir and Adleman) we would not have an RSA conference. But for them we would not have the wealth of security products we have out there, because of what they did with algorithms. If you think about it, they did this at a really interesting time. In the 70s World War II was still fresh and the Cold War was on, cryptography and encryption were tightly regulated and viewed as national security secrets. In fact, it was considered munitions, regulated as if a gun or a bomb. This made it hard to export any kind of cryptologic message. And of course there was no Web nor email. The invention that they did really created this whole industry and everything after.”

RSA Conference 2011

The RSA Conference planners expect as many, if not more, attendees than last year—which exceeded 15,000. This year’s roaster of speakers includes former President Bill Clinton (on Friday, February 18), as well as a keynote familiar to Messaging News readers: Tom Gillis, vice president and general manager, Security Technology Business Unit, for Cisco Systems, Inc. (Wednesday, February 16). Of interest to us, a new track has been added this year: Cloud Security, which will cover SLAs, security architecture in the cloud, cloud security governance, migrating to the cloud, cloud security risks and other related topics. Virtualization will also be found in this track too. An entire roaster of speakers, sessions and more on the conference can be found online. Be sure to look for Messaging News at RSA too. Not only are we media sponsors of the week-long event, our magazine appears in the magazine racks and we attend much of the conference and expo.