|
Bruce Schneier to keynote the upcoming Name Collisions Workshop, March 8-10, LondonThere may still be a few security practitioners working in the field who didn’t have a copy of Bruce Schneier’s Applied Cryptography on their bookshelf the day they started their careers. Bruce’s practical guide to cryptographic algorithms, key management techniques and security protocols, first published in 1993, was a landmark volume for the newly emerging field, and has been a reference to developers ever since.
Beyond just the popularity of the book, Bruce has also been widely recognized over the past two decades for his insightful commentary on the security issues of the day, featured on his monthly Crypto-Gram newsletter, his blog, “Schneier on Security,” 11 more books including the newly published Carry On, as well as numerous essays, op-eds and interviews.
It’s a genuine privilege therefore that Bruce will be keynoting the upcoming Name Collisions Workshop, to be held on March 8-10, in London.
The keynote will take place at the start of the formal program at 9:00 a.m. local time on Sunday, March 9.
To manage risk, one needs to consider not only each individual element of a system, but also how the elements interact with one another. Security from a cryptographic perspective, as Bruce has long observed, involves more than just good algorithms, but also good software and hardware implementation, random number generation, key management and user interfaces. Likewise, the security of the Domain Name System (DNS) involves more than just availability and integrity of a distributed network of name servers. It also requires that the DNS interact well with the installed systems that depend on it, given their various assumptions about which name spaces are public and which ones are private. Both require an engineering approach to public policy, according to Bruce:
“We need to convince policy makers to follow a logical approach instead of an emotional one—an approach that includes threat modeling, failure analysis, searching for unintended consequences, and everything else in an engineer’s approach to design.”
The Name Collisions Workshop is intended to facilitate such a logical approach by advancing research on risks and mitigations. Bruce’s keynote will certainly set the tone.
As a coda, Bruce will share with the workshop participants a perspective on surveillance and on his online interviews with Edward Snowden.
The full program for the workshop, including accepted papers, invited papers and panels will be announced shortly. To register to attend, visit namecollisions.net/registration.
Sponsored byCSC
Sponsored byRadix
Sponsored byVerisign
Sponsored byVerisign
Sponsored byIPv4.Global
Sponsored byWhoisXML API
Sponsored byDNIB.com
Registries are finally starting to wave the “not every NXDOMAIN is a collision” flag*. Time for a name change for that workshop!
* http://www.icann.org/en/news/correspondence/innes-to-atallah-06feb14-en.pdf
“I therefore urge you to separate out the genuine risks from the mass of domain names which are likely to be the most popular search terms relating to .london. In this way we ask that you provide a route that unblocks those names which pose no genuine risk ahead of our launch”