Report: RSA Conference 2015

I attended the 24th annual RSA Conference 2015 in San Francisco from 20-24 April. Previously, I published at RSAC in 2012 and attended in 2013. RSAC is strange for academics because it is so commercial — over 28,000 attendees, over 400 exhibitors, and over 400 sessions.

The Cryptographers’ Panel was entertaining as usual. Paul Kocher was the moderator, with panelists Ron Rivest, Adi Shamir, Whit Diffie, and Ed Giorgio — true crypto giants. When discussing key escrow — the issue of requirements to hand over cryptographic keys at the request of various government agencies — Adi Shamir dropped this gem:

There is no difference between front and back doors. The only difference is at the NSA they would just take your house and turn it around.

My main reason for attending was presenting my paper “Cache storage attacks” where I discovered a novel side-channel exposed by invasive cache debug mechanisms. It has applications in embedded security and applied cryptography. Cool feature of RSAC: they wave registration fees for speakers, which helps offset the ridiculous lodging costs in this area of San Francisco.

Yuval Yarom gave my favorite contributed talk — we are cut from the same academic cloth. The paper “Just a little bit more” improves cache-timing attacks against public key elliptic curve cryptography software present in OpenSSL.


While it was a good trip and fruitful for industry networking, I would never send a DSc student here for fear they’d get eaten alive. I feel like I should wear a shirt everyday that says “don’t try to sell me anything” — I’m from academia, I don’t have any money.

This entry was posted in conference, research and tagged , , , . Bookmark the permalink.