Cryptography, quantum computing, and the future of security with Dr. Bill Anderson

Ep 205 - Dr. Bill Anderson 

Justin Beals:.Hi, everyone, and welcome to SecureTalk. This is your host, Justin Beals. I've often wondered how security and the implementation of security can be a part of the selling point for the products that we offer. And certainly one of the things that we do a lot is we deal with security from perhaps a compliance and governance perspective, audits and assessments, and what those trust assets do for us in generating revenue opportunity for our products.

It's certainly been a big part of how businesses grow and retain the customers they want to work with in talking about how security or privacy, or ethical behaviors. Are really a part of the DNA of the business. But what if your business could knock it off the ground with the, without the utmost security and your first and primary differentiator in your product was literally security.? 

Today, we're going to get to talk to a really exceptional guest who has been building a company for That solves a very particular business problem. Probably not the only solution in the marketplace that solves that business problem, but has experienced really great growth by being deeply rooted in best security practices.

Really happy to introduce Dr. Bill Anderson. Bill is the principal product manager at Mattermost, and he's an expert in the security industry. He has a rich background in operating, founding, and funding high-growth security companies, and he holds a doctorate in electrical engineering from the University of Waterloo, where he specialized in cryptography.

Before joining Mattermost, Dr. Anderson served as the president of CIS Secure, where he successfully introduced a secure mobile platform solution for government defense and intelligence agencies in the United States and internationally. He is also recognized as the founder of Oculus Labs, an innovative data and use security company that catered both to the Department of Defense and the intelligence community, leading it through a successful acquisition by OptioLabs.

At Optio Labs, he initially served as the Chief Product Officer and later took on the role of CEO, where he launched groundbreaking security solutions for Android devices. Dr. Anderson holds multiple patents, including innovations in computer display, privacy, and secure information systems. His patented technologies and product leadership focus on physically securing information on computer monitors using advanced facial recognition and privacy control mechanisms to ensure that sensitive data is visible only to authorized users.

Both Bill and Mattermost is an absolutely intriguing story and how having the absolute best security implementation that can be delivered changes the value of a product in the marketplace. Join me in thanking Bill today for joining us. 

Justin Beals: Bill, thanks for joining us today on SecureTalk. We're really glad to have you on the podcast.

Dr. Bill Anderson: Thanks, Justin. Nice to be here. 

Justin Beals:  Well, I'll kick it off with a pretty easy question, but one that we're always very curious about. You have a very deep understanding of the cryptography space, and I'm really curious how you ever got interested in that line of work. 

Dr. Bill Anderson: It was an accident, in a sense. I did an undergrad in electrical and computer engineering and graduated and realized I really didn't know enough, and I wanted to, you know, I wanted to be an expert on something.

So I went back to grad school to start a master's program, and I signed up with a professor, Dr. Gord Agnew, at University of Waterloo, who I really liked. He had, he had taught some courses in designing computers in communications queuing theory, and I thought he was one of the few profs who was actually really good at explaining things in addition to understanding things.

And there's a big difference. So I wanted to work with him and it turned out crypto cryptography, as we call it, used to, or was his thing. And he had co founded a startup called Certicom with a couple of other Waterloo profs. Certicom was a cryptography company that turned out to be very successful.

And so I, I really loved it. And I,  so I started a master's, I ended up converting into a PhD, which saved me a little bit of time. And you can consider it sort of the hardest job interview in the world. I did a PhD for a few years, and then that was my, you know, interview to go get a job at Certicom, where that was my first real professional gig, and I, you know, I was doing product management, for that company. 

We went public, and it was quite a success. Uh, and I ended up moving to the States and I've, I've been here ever since. So unintentionally sort of backed into what was an excellent career because security which needs cryptography, but security is really a much broader field has and will always need to evolve. We've, we are never going to solve this problem. By the time we solve it, computing will be very boring. And let's just say, I doubt that that's going to happen in my lifetime. 

Justin Beals: Yeah, I, it is a constant kind of arms race on the security side. There's always work to be done.

The. You know, cryptography, I think of as a very ancient actually practice in a way, right? Like there's the, I mean, really old concepts around obfuscation of communication and private information. And I think about some of the fundamental mathematics. Did you enjoy the mathematics work in your Ph. D.?

 Was it a requirement to get there? Yeah, 

Dr. Bill Anderson: I had to get better at math. I mean, there's a lot of calculus in particular in electrical engineering. And then there's other types of math that you need to do communications theory, which I did. But I could never really, I would never call myself a mathematician.

I'm really an engineer, and I understand systems. In fact, the, PhD research that I did was around systems for secure speech communication devices. So giving other engineers a tool to be able to optimize the design of a platform. It turns out there's some really interesting interactions between the components that we use that kind of fight against each other and understanding how to design and model them and make them work trade offs between them was what I focused on.

 I actually ran a screaming from a math course in grad school that where the professor, you know, stood up and he said, so this is this, and he drew a couple of squiggles and I'm the engineer in the class. And there's only three or four other students in the class.

They'd been leaving in droves because this guy was over our heads. I said, can you please give me an example? What do you mean by that? And he drew a couple more squiggles. And I realized I'm doomed. I cannot do this. His example was more squiggles. And I was looking for the block went here and gravity affected it this way.

And I, which I just didn't speak that language, but you know, I, I know enough to be dangerous in the field, but I, I don't, as I said, I don't invent the stuff I, but I understand. 

Justin Beals: Yeah, I think anytime anybody puts a Sigma up and start wrapping it with the other characters, I'm like, wait, isn't there a package or an API that you can explain to me so that I can implement this?

Yeah, that's great. You know, another thing looking back at your experience is that you've held just about every role on an executive team from product to revenue within the security space. And, you know, as I tried to construct some way to approach all these differentiated experiences, I was kind of curious that, what you perceive as the strengths that have allowed you to move fluidly between these types of responsibilities.

Dr. Bill Anderson: In school. I was the guy who was always frustrated with the course material and the profs because they seemed to only want to talk about how to do it or what to do. And I wanted to know why. I wanted the big picture. I was looking for that theme that would sort of explain the underlying meaning behind why these things work.

What was the fundamental? Essence. And so I'd say that what I was, I've always been, you know, sort of characteristically interested in is understanding the patterns, sort of a broader model that can explain why things happen in business. You know, this means that, you know, sort of from even my first Entry level job as a product manager.

I've always been trying to figure out holistically what it takes to make a business work better. Of course, I haven't always known what I'm doing, but it sort of does lead to that broader view and that set of questions that works to, you know, to make me a good fit for a lot of typically software product businesses.

So, you know, why did the customer buy from us or why didn't they buy? Okay, if they liked our product, why?  what are they doing with it that makes them like it? What is it about us that is suitable to that particular problem? What's going on in the technology landscape that could help us, right? Our mobile phones becoming a thing that, by the way, that was, it was the big thing for Certicom back then when we really had that huge aha moment, that type of cryptography, which is called elliptic curve cryptography.

Could work on mobile phones when the slightly older public key crypto system called RSA didn't work very well. It needed more computation than they could offer. So understanding technology landscape, what could help us and also what could hurt us, what's coming down the pipe that's going to doom a particular direction that we're going.

So when open source started commoditizing aspects of the software ecosystem. You couldn't sell those tools anymore. We needed to get out of that, go to something that was higher value and, you know, take the advantages. And I've done this with a few companies. Take the advantages that we had as a team and turn those into products that actually delivered more value.

And then, you know, this sort of led to me, I've started a company, operated it for years, ended up selling it, went to work for the acquirer, then I went to work for the venture capital firm that bought, that invested in the acquirer. So I've sort of been up and down the, the spectrum. And I think that that sort of, as I said, the interest in understanding why things work can, can help anyone if, if that's your mindset, it's good for business, because ultimately, there are no clear answers. There is no recipe that you can follow for success. 

You have to just get in there and understand things and make things better. And if you're Unknown But I will say if you're always pursuing the question, whether you're in a support role, you're a salesperson, you're developing the code, you know, you're doing the marketing for it.

Think about how are we making this customer's life better? Like what is it that we're doing precisely that's better? It's not enough to just do something. Oh, they've, they, you know, the competitors got this feature, so we should do that feature. Well, no, the competitors got that feature. That's not the reason.

You're not making that customer's life better by doing that. You're making their life better by understanding their problem and putting that together in a way that, that, that you do better than anyone else. And how, why it's a mindset thing. So I think the other thing that helps is because I am deeply technical, I've always been able to talk with engineers and talk with customers, engineering people have a reasonable conversation with and gain their confidence.

But I'm also interested in people, sales, and so on. So I can talk with the rest of the organization and say, Oh, you don't want to buy because You don't have the budget, but you don't really not have the budget is that you don't want to talk to your boss about it because of blah, blah, blah. Right? So sort of understanding the, the human factors that, that make things happen, you know, I do them both.

And so it's, you know, in that overlapping Venn diagram, I'm in that small segment in the middle and that, that makes it easier to move around. 

Justin Beals: Yeah. I think as a software engineer, and then I've, as, as I've done executive roles, of course, moved into a more sales role at times, the thing that I've carried with me is that I enjoy solving people's problems and I have this tool set of code or software that we can look at, but I'm, I'm very problem attracted in building business. I think that's a really valid way. And we have all these. Wild mantras in the product world. I'm sure you have a couple that you share with your team. Like if I, you know, if I would have asked people, they would have said they wanted a faster horse, you know, instead of a car, 

Dr. Bill Anderson: I actually haven't used that one. The other big one I learned from product management training early on is the answers are not in the building. We can't sit around looking at each other. And figure like, we're just going to know what to do. No, the answers are out there where the customers are. 

Justin Beals: Yeah. And especially understanding your customer deeply like security, computer science, these areas in which they operate and what problems are trying to solve, I do think allows you to build the longer lasting product at the end of the day.

Well, that's excellent. So you're currently the principal product lead at Mattermost. Can you tell us a little bit about the company and its customers? 

Dr. Bill Anderson: Yeah, so Mattermost was founded in 2015. It was an open-source sort of alternative to proprietary messaging tools. In fact, it even had a life before that as a gaming company; then it pivoted to this sort of open-source, self-hosted team communications platform.

And one thing that has persisted from the earliest days until today is, is that we always give our customers control over their data. And we really, really focus on communications privacy. So the cloud revolution is a wonderful thing. And you know, our customers run their stuff in the cloud a lot, but they're often running their stuff in the cloud in a way that they control.

And so that's that's really important when I tell you about our customers. So our customers are governments. A critical infrastructure, large organizations, enterprises, you know, the sort of folks who really, really care about reliability, security. In some cases, you know, for example, Air Mobility Command, the Air Force Air Mobility Command runs their daily flight operations off of Mattermost.

So. Security, reliability, sovereignty of the data is incredibly important when you know that there are lots of interested adversaries around the world that are taking a look and seeing what they can do to to mess around with your systems. So we, so we've really focused on that. What the product does is, is it's a, it's a secure collaboration and messaging platform.

Lots of those, right? So cloud messaging. Self hosted in the cloud hosted by us hosted by them hosted on their own servers. Doesn't matter. You can do all those different things. Um, channels for specific communication topics, direct messages, file sharing, integration with other tool sets. That's sort of table stakes for the industry.

The 2nd. One that starts to move us apart is, is to sort of DevOps workflows. So we integrate in with other platforms that do development operations and other sorts of work to make Mattermost a place where your teams go to work. It's  sort of, I don't know if it's the best description of it, but I characterize it as it's an operating system for your business, your employees go in there.

To find each other, to work on stuff, to share information, and in our work, all of our work has become more and more interdependent as systems become more sophisticated. So we are interdependent on our colleagues. And what do you need? Well, you need a place to go. You need a secure place to actually execute those processes and then to do it very efficiently.

And so the other piece that. Uh, is a big part of it is sort of automation of those processes, multi participant workflows, Kanban-like boards, managing projects, that sort of thing. And putting it all together in a single place that is scalable. I mean, we have up to like one customer's got a hundred thousand licenses.

I mean, it's, it's pretty large down to, I've got a team of a couple hundred people, but I can customize it to suit exactly what we're doing today. That's really our sweet spot. So some of the things that work for us, and I'd call them achievements is. We have a lot of open-source participants who contribute to the code.

We have literally thousands of contributors globally. There are parts of the product that are, we write, of course, I mean, we do the core, but we do get. Contributions from lots and lots of people who sort of have a stake in seeing the platform success security and compliance. Really, really important. The innovation we continue to move like everyone else does.

We have more automation. We have large language models. We have support for multiple large language models. So a customer can reach out to the popular ones that are cloud-hosted, but also host internally their own models, which is very important from a security perspective, you say in the intelligence business, like your questions, Reveal an awful lot about your knowledge and your intentions. 

So those kinds of customers do not want to send and well, let's just say I wouldn't recommend they send their customers off to chat their questions rather off to chat GPT because someone can be listening. It actually horrifies me when I hear, Oh, you know, we, we do our, our, this part of our workflow by asking chat GPT for help.

And I'm thinking, Okay. You know, other people can listen to that, right? and they'll, they'll know what you're doing. So putting those models inside makes a lot more sense for any sort of sensitive or, or frankly, if you're in a financial or health care or insurance or, you know, oil and gas exploration or manufacturing, anything that you've got that's proprietary, you know, think twice about your information flows.Where is it going? 

And then take steps. It is not expensive anymore to take the right steps to make sure that yes, you can. You can power searches. You can power inference. You can connect your employees together. You can make your workflows. You can create records of things like, you know, critical incident responses.

We do all that, by the way, but you can do that with a platform that you control. And so that that's kind of the reason for the company. The reason for our growth. In fact, we've done pretty well. We've done pretty well. 

Justin Beals: That's exceptional. First off, congratulations on the business and the growth. I mean, open source is near and dear to my heart.

I have had some companies that I built in product lines in the education sector. That were based upon an open-source platform that we then supported or customized. And I think it's a great win win in a way, although not the traditional licensing model that we've seen in that there's better security in that self-hosting, you can make those decisions, but you also get the support of a commercial entity, whether it be customization or, you know, just effective practices and backup to call.

Dr. Bill Anderson: Yeah, and we're very much still committed, and we always have been committed to open source. So there is an entirely free version of Mattermost that anybody can use and have the open source for. So that's a part of our DNA. But for the, you know, the enterprise version, there's obviously premium features where, yes, our customers can observe the code.

That's very important to them, but, we don't just have anybody updating that code because we need to know that it's very reliable. 

Justin Beals: I think the other thing that's intriguing to me is security is a differentiator. There, there are some common feature sets to Mattermost  from a communication patterns perspective, but your differentiation is that, you know, you have better security with our platform, and you've focused on selling into it segments where that is an absolute priority, right? They can't buy unless you meet those outcomes for them. 

Dr. Bill Anderson: Yeah. Yeah. And that was an intentional decision. You know, with covid people went and worked from home. So there was an incredible boom in this kind of platform four or five years ago. But then people went back to work normally or some of them did anyway, kicking and screaming it.

By the way, it turns out. You can work remotely and everyone can be incredibly productive remotely. It's surprise, surprise. Like people are actually self-motivated to do a good job. So, but nonetheless, you know, the tides rose, tide sank, you know, and boats went up, and boats went down. And, when the low end of the business got commoditized, the company made a decision like, okay, well, we're not going to be here. We're going to, we're going to have to be in that really high-value space. 

Justin Beals: Yeah, I think that's epic. And part of the product decision, we've done the same thing. You know, we're, there's a lot of products in our particular segment and we had to find really specific ways to get the right differentiation.

And a lot of it was also being able to verticalize products similar to what y'all have done, where there's, if, with this differentiation, there's a particular application and audience that it really resonates with. 

I thought we'd turn back to cryptography a little bit. You know, cryptography has been around for a long time, well before computers, but of course, can you tell us a little bit about the history of cryptography in the computing era itself and what the most prevalent methods of encrypting data today is that you see most often? 

Dr. Bill Anderson:  Yeah, you've done your research. Yeah, crypto's been around for a couple of thousand years. Computing's been around for a long time.

Really changed it significantly. You know, good, good crypto started about 250 years with something called the playfair cipher, which was the start of some really sophisticated letter substitution algorithms. Uh, the simplest one being the Caesar cipher, right? If I take the letter A and I shifted three characters and I write the letter C instead, I write D instead of B and so on.

The key is the shift of three. Anybody who knows that can figure out what I've written. But if you don't know it, then it looks like gobbledygook. Well, around 250 years ago, Playfair came up with a system that wasn't obvious, but was kind of based on the same principle. And then really good crypto became common, mostly for governments around 80 years ago.

The Enigma cipher, which is developed In Europe and was used a lot by the Germans, was a wickedly sophisticated substitution algorithm. It was, it was an electromechanical, not a computer, but it was an electromechanical device that made the analysis problem too hard for humans to handle. And incidentally, as a result, the allies developed one of the first computers to try to break those enigma-encrypted messages. So, in a sense, you know, modern computing was accelerated by the existence of cryptography. So, I wanted to take a minute to sort of clarify or broaden the definition of what we're talking about. I'm going to put on my doctorate hat now, uh, for just a moment.

So the subject is really cryptography, and encryption is just one part of it. So originally there were just private key cryptosystems, and these were used to encrypt and decrypt messages. So people think encryption, but cryptography is more than just encryption. And the other parts are important with a private key system It's like a lock. You use the same key to encrypt something and then to decrypt. So to lock it up and then unlock it is the same key. 

That means both parties need to have the same key. How do they get the same key if they're not in the same place? This is the key distribution problem is getting that key to two parties, maybe on two different continents who've never met each other.

That's actually the hard thing to do. Mathematics came to the rescue in the 1970s with the invention, I would say, discovery of public key cryptography. These systems, there's really three main ones, Diffie Hellman, Curve. They work differently than the symmetric key, the share, the single key systems.

They used, Two different keys. They were mathematically related, but they did different things. Um, with the public key. One, you could encrypt a message, but it wouldn't decrypt the message. You had to use the other key, the private key to decrypt the message. And that actually let us send a message to someone we haven't met before knowing that they would be able to decrypt it.

What I would do is I would publish my Public key, I'd say, Hey, everybody use this public key to send me stuff and then they could take that use it. And I would be the only person who could decrypt the message, right? So this is public key to keys now public and private pieces because they're asymmetric - that's what it's called asymmetric- , then you can use them in this really interesting way. 

But of course, the other problem is, is in actually knowing who the sender and receiver really are. This is called authentication and it's the other half of cryptography. I could lie about who sent the message, right?

So you can use the same idea of this asymmetric encryption to do digital signature. So with digital signature, I put out my public key, and I say, That's my public key, everybody. That's from me. Now, I can do a slightly different algorithm. it's not always the same as encrypting, by the way. In RSA, it is, but in other cryptosystems it's not.

But I would use my private key to create a digital artifact that I say, I did this. I'm the only person who could have done this because I have my private key and you guys can all use my public key to validate it. And if the number comes out correct, then you know that it came from me holding the private key.

So you put symmetric encryption, so lots of stuff with a key that we both know together with public key that I can now send to you, even though I've never met you before. I can send you the, uh, the symmetric key, the encrypting key, and I can sign it in a way that you know, it came from me. And you can do the same.

Now I know who you are. I can trust who you are. You can trust the keys, and we can exchange large amounts of information remotely. So that's the basis for modern computing. That's the basis for the internet. Anyway, to return to the definition, the, the source of success really for modern crypto systems has been the open research model.

Crypto systems, they're studied, they're tested, they're discussedvopenly by experts for years. They are fully characterized so you know how they work and, and then they are adopted and standardized so that other people can use them. And the effect of principle here is, is that everything about what a system does is known to everyone else, and yet it is still secure.

How does that work? Well, the security lies in keeping one little thing, which is the private key, which is ideally a random, truly, properly random number secret, and in fact only generating that at the end point where you need it, when you need it. So I'm going to tell you exactly what I'm doing. I'm not going to tell you my secret.

And then the only thing that you can use to break the system is either there's a systematic weakness in the algorithm, by the way, but that's been openly studied by hundreds of people who know what they're doing. Or you guess my secret, which is if we make the secret big enough, are going to have a hard time guessing.

And for those listening thinking, that doesn't sound so hard. It is hard. And think of it just as a string of coin flips. Heads is a one, tails is a zero, right? So if I flip a coin once and ask you to guess, you've got a 50-50 chance of getting it right. But if I flip it twice and ask you to guess both of those bits, one or zero, zero or one, you now only have a 25 percent chance of getting it right.

Three times is 12. 5, and every time you flip it, it halves the probability of you guessing everything correctly, right? Well, we're dealing in thousands of bits. And so the numbers that we're dealing with, your probability of guessing my secret. becomes vanishingly small. And yes, you could guess it.

Absolutely. You could guess any random string. They're all equally probable, even the string of all zeros or the string of all ones. There's still random numbers that can happen. They're not special. Although, for some reason, the standardization folks don't like it when you use the all one or the all zero string as your test key because there's a reason.

Like, it could be a mistake that you have something wrong with your generator, and it only generates zeros, but they're, they're equally probable. And so it's sort of by, but by making this system public, I know how it works, but you don't know my private key, and I just generated, and it is going to cost you a computation times.

However, many permutations of my key to solve my problem that's what makes it hard. 

Justin Beals: Yeah, I certainly have been a beneficiary of the open research space. I mean, every web application I've built since 97 has, of course, included some amount of web authentication and encryption, and I've used everything from the early TLSs to the AES encryption that we have today.

And I love that the National Institute of Science and Technology has been helping shepherd, I think, some of the outcomes of this work and sharing the data and the findings. But we also, it's incredible. Honestly, I think it's quite the innovation. We have an open system but a secret way of implementing it or, or the secrets are still captured in the implementation of the open system.

We get the best of both worlds, intelligent people reviewing good practices, as well as some secrecy against the. The systems that we put in place, you know, as you mentioned, like hacking a crypto crypt, cryptographical key, especially in the modern era with the number of bits that we're dealing with has a lot to do with how fast you can run a mathematical equation.

And of course, we're rapidly trying to make our computers as fast as possible. And I think that one of the areas in which we've seen this kind of work is in quantum computing; of course, there's been a lot of. Initial theoretical work, and now we're getting to the applicable work very quickly. And one of the things that I wanted to ask you about was a recent paper in 2024, where a research team from Shanghai University published information how they use the D Wave quantum computer to attack symmetrical encryption tools like RSA.

Could you help us understand what exactly the researchers were doing? And the immediacy of the findings, I, I tried to read the paper and part of it was in English and part of it will be, yeah, 

Dr. Bill Anderson: yeah. So by the, by the way, just to note RSA is actually a public key crypto system. So it's a, it's an asymmetric system, 

Justin Beals: Asymmetric system. Thank you.

Dr. Bill Anderson: Yeah. In fact, the hard math problem that it's based on is in taking two very large prime numbers. Those are the secrets and multiplying them together. And the system then uses the product of that multiplication and sort of relies on it being very hard to figure out what the two prime factors are.

Some of the folks in the audience may not The mental model may not appreciate how hard this is when, when the numbers are very big, like, you might think, look, if I multiply 3 times 7 and you tell me that the number is 21, like, I can figure out that it's 3 and 7. Yeah, absolutely. You can do an exhaustive search of a small space.

RSA is effectively using. 2048 bit numbers. Now that is not searchable. That is not innumerable. There are too many possibilities. And so you can't just look at it and break it. It's actually really, really, it's one of those things that's just computationally infeasible with. current computing technology.

However, this is where the quantum computing stuff comes in. There's an algorithm, it's called Shor's algorithm for finding those prime factors that works really, really fast on a quantum computer, if a quantum computer of sufficient size existed. It's considered plausible by experts that there will be a sufficiently big quantum computer, something on the order of maybe 10, 000 qubits.

So, just like we talk about computers have a certain size computation capability. We actually talk in certain other terms now, but in quantum computing, it's the number of these things called qubits that do the work that store the values that  actually sort of store all the values and run through some interference with each other to solve problems. It's very complicated. I don't even fully understand it. When you have a sufficiently big quantum computer, let's say it's on the order of 10, 000 qubits, it will be able to solve that class of problems that are behind RSA and elliptic curve and Diffie Hellman.

So, the three biggies that make the internet work today they are all vulnerable to Shor's algorithm on a sufficiently big quantum computer. Okay, so that sounds like I should run screaming for the exit right now with my hair on fire. I am, I am after all a cryptographer who makes my living helping companies stay secure and government, by the way, however, the estimates on when a computer of that size will be available range from between 10 and 30 years from now. It's not now. It's not today. 

So, and note that it's not even agreed that this is a certain outcome. So I recall one of my mentors, one of the other founders of Certicom, Dr. Scott Vanstone, I think he was; he said the jury was out and he knew a lot more than I did. He said the jury was out on this, but generally experts think that yes, it's going to happen or it might happen.

And then as an engineer, I say, well then. We need to be careful. So, we need to start working on solutions to this possible, like, let's say, likely problem now because it takes time to roll out new systems. It takes time to research them and test them and get them standardized and then develop the code and then get software updates out there and frankly, even convince anyone that there's a problem takes about 10 years for that kind of cycle, sometimes even longer to 15 or 20.

So, we need to start now for the worst-case scenario. But, actually, we're already in a very bad hair-on-fire scenario because adversaries have been planning for what are called store and harvest attacks for years, and frankly, the U. S. government's probably been doing it, too. So what that means is any sensitive communications that you want to target that you could listen to today, you can't crack them, but you can see the bits going back and forth and analyze the profile and say, Oh, that's a, you know, a 2048 bit RSA key being used for TLS, transport layer security. 

It's a particular protocol on the internet, and it's using 2048 256-bit AES keys. I can't break that. That's too, that's too hard for me to break, but I can record it. I can store it. And so, you know, storage is cheap. There's, you know, terabytes of storage of communications that look like they might be interesting, diplomatic communications, military communications that have been going back and forth.

And so we store them. And then we wait for that, or frankly, we fund that quantum computer to get developed, and then we buy it. Then, we go back to the most high-priority device communications that we think are out there. We try to break them and work backwards through time. And so this maybe doesn't matter for some chat session that you had last night, but it matters a lot when the material is nuclear, or diplomatic or military.

It might matter. If you were an enlightened board of directors at a financial institution, it might matter if you considered that you had an obligation to your customers or your shareholders to protect certain types of information for more than 10 years because what you're sending back and forth today might be cracked in 10 years if that quantum computer comes early.

So, what do you do about it? Right? It, it's, it, you gotta start thinking about that. Now, but specifically about the D Wave paper, the Chinese paper, that was a vast exaggeration. And, and I think it, it did a, uh, let's just say it did a grave disservice to the, to the, uh, truth and the reality. I won't say the truth.

I mean, I think they probably reported accurately and then they added a lot of hyperbole to what it means. It sounds like the Chinese researchers used a D Wave computer to factor a 50 bit RSA composite. To my mind, that's plausible. Like D Wave is actually now claiming to have 5, 000 qubits.

 Now, their qubits are different. They're a specialized, a very narrowly specialized type of quantum annealing computer. And the way they count qubits is different from the generalists. So the generalists are counting on average, maybe 50 qubits. qubits of 50 qubits of real can do anything arbitrary computing versus, the D Wave specially specialty type of bit.

So not quite the same thing but, but if we look at what the generalists are claiming, they are, Google's claiming about 50, IBM's claiming between 50 and 433, I'll mention that in a sec. Intel says 40. Nine continuum says 56. I'm actually not sure about IBM's outlier. Maybe maybe they mean something specific, but it seems like an average being reported around 50 cubits by reliable companies.

I mean, that's on the order of what you'd need to maybe factor a 50-bit. RSA composite 50 qubits to 50 factor. I thought it was a factor. You need a factor of three for error correction, but it's, it's plausible. The important thing is just to point out, though, that you could factor a 50-bit, uh, number with a conventional computer a lot easier than using a quantum computer, a 50-bit. number is only 16 decimal digits, not that big, right? You can enumerate all of those primes, right? So it was more of a, an exercise in, you know, validating the, yes, this hypothesis works, and we can use a quantum computer for, but it's not an attack on RSA that, that is, that is, we need to worry about today.

That said, I think you've, you've raised a really important issue, which is we do need to think about a response to quantum computing because it is going to affect What are our users, our customers, our users, our partners, our governments, and so on are doing. 

And as an engineer, I do believe, because I trust other engineers, I do believe that, you know, 75 percent chance they are going to solve this quantum computing problem sometime. And then the rest of this will follow that we're going to need to change the type of crypto systems that we use so that we are not vulnerable the way we are today. 

Justin Beals: Yeah, to help me prepare for the interview a little bit, I did some research and I logged on to D Waves website and you can sign up for an account, and they have some demos there.

One of them is factoring, and it was quite interesting because they lay out like the information science behind a classical computing factoring problem. Uh, specifically, it's one of the factors of 21 that they said, okay, yeah, and, and of course, I remember a long time ago, mapping out the XOR and the hand chart of how you want to run like the bits against the outcome or the factory model, but then they started, they layer in Python code with a certain amount of actual functions that are more designed around the information science of a qubit. 

And I think that's what fundamentally is changing here is that a qubit can store more data than a bit. And that means we can operate at a higher order or we think we can as we're developing these things. But it was quite fascinating like I think there is a physics to the whole thing, which means that time and space are conjoined with how quickly we can solve these problems, like a factoring problem, and as we increase the physics, including the error handling of it.

You know, we're going to see a stronger computational power for certain types of problems. It's starting, I'm starting to grok it better as I play in the code, typical for me. So, you know, about how that works. When I, one of the things that I, I understand has been going on from the National Institute of Science and Technology is that they are currently testing methods of cryptography that are quantum safe.

Is that true? Could you bring us up to speed on the progress there? 

Dr. Bill Anderson: Yeah, yeah, it is. Um, in the sense it's business as usual. We've done this before for other crypto systems. So NIST is running a competition. They call it's not really competition. It's more of a sort of an open academic process where they define the goals for a new class of crypto system.

And one of them, by the way, is make sure that Shor's algorithm doesn't break it, right? But they also include things like, you know, stuff that we needed before. Make sure differential cryptanalysis doesn't work. That's a clever technique that's gotten a lot of attention over the years. Make sure certain techniques don't work, right?

So things that are known, we keep all those in the list of here's the requirements. And then you get submissions from. Many, many sources. Typically, university researchers are doing a lot of this. In the old days, it was actually industry. IBM, in fact, developed one of the first really good bulk encryption systems called DES, Data Encryption Standard, which now it has been replaced with AES, similar. Some of the principles are similar, but now it's often industry academics.

So they get, they, they submit, you know, half a dozen, a couple dozen systems. The latest set has been focused on, yeah, we need a digital signature algorithm and a public key style encryption system. Those are those two asymmetric bits that are now threatened by Shor's algorithm.

We need those based on mathematics or something, it doesn't have to be math, but some computable, some computable algorithm that isn't susceptible. And that, you know, that can compute in a reasonable amount of time on today's computers, not special computers, but like the laptop that's sitting in front of you right now, or the phone that's in your hand.

The new algorithms are going to run on your existing computer. There's nothing weird or quantum about it. It's just that the. The algorithmic steps that they are going to take to do that magical asymmetric function don't fall prey to some of the patterns that quantum computers could use to, to easily sort of work around the hard problem.

So, so, they know about Shor's algorithm. They know about those other properties and, specifically, what those properties are is getting pretty deep into cryptographer territory, but you know, it's, it's things like known stupid things that we did in the past and discover didn't work because someone came up with a, they put up their hand and say, you know, I discovered I could do this.

And everyone looked at it like, Oh shoot. You're right. We, we didn't see that. That's right. That algorithm breaks this algorithm. Oh, we can't use that algorithm, or we can use it with a tweak. You know, we can use it using a different number system or we can use it doing a different shaped algorithm. So there's, there's always back and forth until eventually the teams involved publicly agree. This is pretty good. It has the right computation properties. It's it's computable in a reasonable amount of time. The key space isn't ridiculous. By the way, one of the big differences between post-quantum or quantum-resistant algorithms is that they, unfortunately are less elegant than the old ones.

So, elliptic curve, RSA are mathematically beautiful and pure. I say that as an outsider, but they are really nice. The new stuff is like, let's just throw it all in the blender and use some weird algorithms. And so the key spaces are large and the computation times are a little bit longer, not, not terribly longer, but they're a little bit longer.The key spaces are a lot larger. 

So the other thing, though, that's important that comes out of these standardization efforts is the awareness that we. We do miss things, and we make mistakes, and that there are unknowns. So there could be some new track of, of research in mathematics that nobody's connected yet, uh, with how to break a, you know, a, uh, a knapsack like You know, a problem, a problem space is used might work here.

And then some, but some clever new PhD grad comes up with, Oh, I've got this algorithm. I realized, you know, it was based on mathematics discovered 200 years ago, but I can use it to solve this problem. And so, standards bodies are pretty rightfully so conservative, and they're going to. Produce multiple solutions; they're going to produce multiple systems that are ideally based on slightly different assumptions and use slightly different techniques.

And then what I would recommend is that we layer them until we're certain that there aren't any really obvious gotchas in the new solutions. And so if the first one breaks. The second one probably doesn't break for the same reason, and that gives us more time. So it's defense in depth. The other thing we'll see in the near term is buddying up existing designs.

So, using an elliptic curve and something that is post-quantum using AES. And RSA and a post-quantum key distribution system. So that again, you have to break them both in order to together, you know, to actually have a breakthrough and that makes it easier to transition to the new systems. So the word in this is crypto agility is to have that sort of redundancy in our implementations for long enough that we feel like we understand.

I think most cryptographers are now hopefully humble enough to realize that we do make mistakes. And I mean, you mentioned using TLS. So, I was somewhat involved in the ITF when TLS was being developed later. Well, I didn't do the first versions, but there was a point where we'd been using, I think it was TLS version 1.1, and some very smart guy looked at it and said, you know, I think there's a man in the middle attack here if we just do this. And we all looked at it and went holy crap, you're right. Okay, and that's why we use TLS 1. 2. Right. Because an algorithm that we'd all looked at actually had a glaring weakness in it that nobody saw until somebody saw it.And so we just have to design accordingly.

 Justin Beals:  I love the defense in depth situation because even the last past hack recently had a store and slowly decrypted the data. So we were seeing this harvest and store issue, and then they had plenty of time. And of course, with cloud computing resources to kind of work against the encryption, and they were, they were able to break some of those.

And we've seen already some of the, um, candidates for quantum-proof encryption, uh, fail in the NIST process, which is great, right? It's what we wanted. We wanted to pressure test them. We want to see what's working. This is so fascinating to me.  I think that there's a lot of hyperbole sometimes in our industry about, you know, what the next revolution is, but these two concepts, specifically some of the faster processing power that we're going to have with quantum tools and as well as some of the data modelling techniques and where that's been travelling, I think together are just going to provide some really interesting outcomes for how information systems are going to work in the future entirely.

It'll take a decade. I think it'll take us 10 years. And we'll have plenty of time to read the books and the articles, but it is coming. 

 Bill, uh, thank you so much for joining us today and sharing your expertise. I really appreciate it. We wish you a continued success at Mattermost. 

Dr. Bill Anderson: Check us out. If you think you need something to make your workflows work fast and well, and, and so on, but, and by the way, the last thing I'll mention is we're also putting post-quantum encryption in the platform. I bet we're, we're putting our money where our mouth is. Yeah, it's important. Well, President Biden put out a directive, a presidential memo in 2021 to tell the agencies, all those agencies start getting ready for this stuff. You have to, you have to migrate. And I think businesses should be looking at the same thing at this point.

Justin Beals:Yeah. It's a state that's going to be able to build the computer that we won't know about, that we'll have the access to the data that we're most afraid of. Absolutely. Well, 

Dr. Bill Anderson: Bill, hope you have a wonderful day. Uh, thanks for sharing with us. Thanks very much. This has been great. Great questions. I enjoyed our talk.