What to Expect at RSAC 2024


You probably haven’t heard of Ron Rivest, Adi Shamir, or Leonard Adleman, but their RSA (Rivest-Shamir-Adleman) public-key cryptography system underpins just about all modern encryption. Their 1977 invention spawned the eponymous RSA corporation, which in turn initiated the yearly RSA security conference, where experts from all over the world come together in San Francisco to discuss the latest security innovations and threats. We’ll be there to cover this year’s event, scheduled for May 6-9. Here’s a taste of what we’re expecting to see.


Quantum Computing Cracks Current Crypto

The RSA public-key cryptography system gets around the thorny problem of securely sharing secret decryption keys by eliminating secrecy. Every crypto user has two keys, one public and one private. If you want to send me an encrypted message, you just encrypt it with my public key. I use my closely held private key to decrypt it. Easy!

Establishing a public/private key pair involves some brain-busting math based on ginormous prime numbers. It’s theoretically possible to break the system by reversing that math, but even with the best modern computers, the process would take too long to have any practical application.

It's Surprisingly Easy to Be More Secure Online
PCMag Logo It’s Surprisingly Easy to Be More Secure Online

However, quantum computers are brilliant at just that kind of math, at least theoretically. Crypto experts anticipate the demise of most current cryptography systems as soon as quantum computing gets up to speed. Government agencies started work years ago on cryptosystems that aren’t subject to quantum cracking. Some of this work is surely hush-hush, but the NSA offers a public clearinghouse for quantum crypto information.

It’s no surprise, then, that fully a dozen RSAC sessions involve understanding how quantum computing makes current cryptography obsolete and dealing with the fallout of that debacle. Speakers range from government experts to academics to experimental physicists.


AI as Victim, AI as Perpetrator

The label “New! Now With Artificial Intelligence!” gets slapped on everything these days. Sometimes it’s even true. There’s no question that the rise of ChatGPT, Copilot, Google Gemini, and many other generative AI systems has radically changed our way of thinking about what computers can do. Yes, they’re subject to hallucinations and can present completely bogus facts as convincing truths, but it’s still early days.

One measurably effective use of AI is in creating or translating code. One simple abuse of this ability would be to switch the code for a ransomware program or other malware to a new language, thereby making it harder for antivirus programs to recognize. More visibly, scammers are already using AI to tune up their fraudulent emails. Detecting phishing and spam based on bad grammar and spelling will soon be a thing of the past.

AI systems can also be the victim of malicious attacks. Most AI systems include filters to suppress dangerous or inappropriate responses, but there’s a whole research category devoted to breaking these filters by using peculiar “adversarial text” in queries. With filters disabled, the attacker could potentially extract trade secrets that were used in training the model or obtain information that the AI company promised wouldn’t be public.

Of course, AI excels at pattern recognition, meaning it can be a serious help in identifying and heading off attempted data breaches and other cyberattacks. More than 20 RSAC presentations touch on AI and Large Language Models in one way or another.

Recommended by Our Editors


We’re From the Government, and We’re Here to Help

Early on, the Black Hat conference and its rowdier adjunct DEFCON had a distinct counterculture vibe, with security stepping in to protect government speakers against heckling and egg-throwing. RSAC doesn’t swing that way. The RSA Conference is thoroughly corporate, and government experts, both speakers and attendees, are welcome. In the Expo Hall, you’ll find recruiting booths for the FBI, CIA, DHS, and other three-letter agencies.

We’re encouraged by the fact that government agencies see the need to keep up with security and interact with the world’s experts. Homeland Security Secretary Alejandro Mayorkas will deliver a keynote on the topic of artificial intelligence and homeland security. A panel that includes the CIO of the DOJ and the FBI’s Assistant Director will discuss the US National Cyber Strategy. A group of government and military cyber experts styling themselves as the Four Horsemen of the Cyber Apocalypse will review the origins and future of the US Cyber Command. More than 100 sessions have a government connection of one kind or another.


A Week of Security Wonders

The RSA Conference starts bright and early on May 6 and concludes on May 9 with a celebration that includes singer/songwriter Alicia Keys. We’ll be covering the news as it happens, so make sure to bookmark our RSAC event hub for the latest from the conference.

Like What You’re Reading?

Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.



We will be happy to hear your thoughts

Leave a reply

Funtechnow
Logo
Compare items
  • Total (0)
Compare
0
Shopping cart