by Julien Bringer, PhD (Chief Security and Cryptography Expert)

Organized by the International Association for Cryptologic Research (IACR), the Real World Crypto (RWC) 2018 took place from January 10–12, 2018 in Zurich, Switzerland. Due to the reputation of the organization, Zurich found itself swarmed with about 600 cryptographers, security developers, crypto architects and not to mention the growing blockchain crypto community joined in as well.

Given that for more than a decade, I have become a regular attendee of crypto and security conferences, I was delighted to attend the 6th annual RWC, especially that it was no more than half an hour away from SMART VALOR HQ. Volkshaus Zurich, normally a concert hall, transformed into a different type of entertainment space: the venue for crypto thought leaders to congregate and sing their joys and pains of deploying crypto schemes on the field.

The aim of RWC series is to increase communication between cryptographic researchers, cryptographic and security developers. The series was initiated after an inaugural workshop titled, “Is Cryptographic Theory Practically Relevant?” in 2012 by Paterson and Smart. Unlike most of the major cryptographic events (e.g., the flagship conference CRYPTO), there were no talks on new or improved theoretical schemes instead the focus is on concrete issues when trying to move those schemes in production.

This year’s RWC saw a significant increase in the numbers of attendees, beating out even the record of number of registrations to an IACR event. Needless to say, the event was sold out with a waiting list of people trying to join up until start of the conference and many who followed along via live stream.

This great interest to practical deployment of security and cryptographic protocols and schemes is certainly related to the increasing societal concern on how security and privacy controls has evolved (e.g., the FBI vs Apple case in 2016) in the last couple of years. From one side, the technology is increasingly more powerful and massively used by citizens (e.g., end-to-end encryption in smartphone text messaging systems) while on the other side, security threats and hackers make headlines day after day.

Additionally, many associated this historical success with the boom of cryptocurrencies and blockchain. I believe that this strongly makes sense as it attracts more newcomers to the cryptography world. Without saying that this is also the peculiar example of where the lead time between research and deployment is drastically reduced. This will be further accelerated with the recent trend of senior security and crypto experts working with blockchain developers. A great illustration comes from a session led by Chief Scientist, Prof Aggelos Kiayias at IOHK in which the Zcash team explained the current status of the project and the ongoing improvements, that brings very recent theoretical achievement on generation of zk-SNARK parameters to increase the trust level on Zcash. This is done notably by organizing a worldwide multi-party computation ceremony in which the more people who participate, the more the generation process will be trusted — every users should thus participate!

Many other crypto topics and issues were touched upon during this conference such as: the difficulty of deploying TLS1.3, the management of secrets at scale in a development and production environment, the impact of a faulty RNG on e-voting system, and recent attacks on existing systems (e.g. Spectre & Meltdown, group chats weakness in text messaging apps).

RWC is definitely the place where to be for supporting practical cryptography to become live, and it was important for SMART VALOR to have presence! Additionally, our CEO, Olga Feldmeier had the opportunity to discuss with Prof Aggelos Kiayias on the recent results around Cardano.

At SMART VALOR, we follow the same idea as the original motivation of RWC: with the combination of security/crypto experts and system developers, you can expect great security improvements and new interesting security features to blockchain-based systems.