Bruce Schneier's Applied Cryptography on their bookshelf the day they started their careers. Bruce's practical guide to cryptographic algorithms, key management techniques and security protocols, first published in 1993, was a landmark volume for the newly emerging field, and has been a reference to developers ever since.There may still be a few security practitioners working in the field who didn't have a copy of
Beyond just the popularity of the book, Bruce has also been widely recognized over the past two decades for his insightful commentary on the security issues of the day, featured on his monthly Crypto-Gram newsletter, his blog, "Schneier on Security," 11 more books including the newly published Carry On, as well as numerous essays, op-eds and interviews.
It's a genuine privilege therefore that Bruce will be keynoting the upcoming Name Collisions Workshop, to be held on March 8-10, in London.
The keynote will take place at the start of the formal program at 9:00 a.m. local time on Sunday, March 9.
To manage risk, one needs to consider not only each individual element of a system, but also how the elements interact with one another. Security from a cryptographic perspective, as Bruce has long observed, involves more than just good algorithms, but also good software and hardware implementation, random number generation, key management and user interfaces. Likewise, the security of the Domain Name System (DNS) involves more than just availability and integrity of a distributed network of name servers. It also requires that the DNS interact well with the installed systems that depend on it, given their various assumptions about which name spaces are public and which ones are private. Both require an engineering approach to public policy, according to Bruce:
"We need to convince policy makers to follow a logical approach instead of an emotional one — an approach that includes threat modeling, failure analysis, searching for unintended consequences, and everything else in an engineer's approach to design."
The Name Collisions Workshop is intended to facilitate such a logical approach by advancing research on risks and mitigations. Bruce's keynote will certainly set the tone.
As a coda, Bruce will share with the workshop participants a perspective on surveillance and on his online interviews with Edward Snowden.
The full program for the workshop, including accepted papers, invited papers and panels will be announced shortly. To register to attend, visit namecollisions.net/registration.
By Burt Kaliski, Chief Technology Officer at Verisign
|Cybersquatting||Policy & Regulation|
|DNS Security||Registry Services|
|IP Addressing||White Space|
Minds + Machines