00:00hi everyone welcome to the a 6nz podcast
00:02I'm sonal and Michael and I today are
00:04interviewing Dan Binet who is our new
00:07professor and residents at Andreessen
00:10Horowitz and for those of you don't know
00:12about this for the first time ever we
00:14had a professor in residence residence
00:16last year and it was a new initiative
00:19for us as a way of bridging ties between
00:22academia industry startups because the
00:25reality is that some of the best and
00:26most interesting ideas are coming out of
00:28and the long term thinking ideas are
00:30coming out of universities welcomed in
00:33thanks it's a pleasure to be here you're
00:35our second professor in residence but
00:37what do you a professor of ah yeah so
00:40I'm a professor of computer science at
00:41Stanford University my area of research
00:43is computer security and cryptography
00:45I've been at Stanford now for 18 years I
00:49teach mostly computer security and
00:51cryptography classes and it's a
00:53fantastic area to be working in there's
00:56lots of interest in this from industry
00:57now from obviously in the even on the
01:01policy circles it was it's hard to
01:02believe but even the president came
01:04President Obama came to just a campus a
01:07few months ago and he was talking about
01:09computer security I couldn't believe it
01:11but the president was talking about
01:13things like malware and keyboard loggers
01:16you you say you couldn't believe that is
01:17that because the political environment
01:19has changed for obvious reasons with the
01:20Snowden revelations and everything that
01:22came down after that or is that just
01:23unusual for other reasons I think
01:25Snowden might be actually a small part
01:27of it I think the bigger issue is that
01:28more and more of our lives are going
01:30online and as more of our data is
01:32available on computers it's always to be
01:33obviously also available to be to be
01:35hacked and stolen and so computer
01:38security is kind of become part of our
01:39daily lives these days every time
01:41there's a breach people lose a lot of
01:43personal information and so the public
01:45focus and public interest in computer
01:47security has just exploded
01:48over the last couple of years and the
01:51prediction is there's only going to get
01:52even more interesting and you know it's
01:54gonna get worse before it gets better
01:56why will it get more interesting is it
01:57because of the devices and computing
01:59moving into everything or more we we are
02:02more and more reliant on computers there
02:04are more and more devices that we all
02:07possess and own we're moving into this
02:09environment where you know we're
02:11Internet of Things where we're going to
02:12be covered with sensors that measure all
02:14sorts of information about us and all
02:16that information is being sent to the
02:18cloud as long as that in the more
02:20information about us is being collected
02:21in a central location the more likely or
02:24potentially bigger targets that if that
02:27that that repository becomes and again
02:30every time there's a data breach more
02:31and more information is being revealed
02:33and the public really pays attention so
02:35that you know that has really impact on
02:37the public's perception and the public's
02:40privacy and so then there's just a lot
02:43of tremendous amount of interest in
02:45computer security and it's gonna grow
02:46over time you figure the impact on the
02:48public but what's the impact been on on
02:50your kind of real house there at the
02:54University you know both in terms of you
02:56know you mentioned the president coming
02:57to visit but companies who's coming
02:59who's knocking on your door now both in
03:01terms of like you know outside Stanford
03:03but also you know the students and kind
03:05of their airs of interest like how is
03:07that shifting as again this becomes more
03:10more important so first of all the major
03:13the computer science major at Stanford
03:15is is exploding in the sense that we are
03:17we are now the largest major on campus
03:20and it's continuing to grow it's kind of
03:23interesting that we're even the largest
03:24either largest or second largest major
03:27for women on campus so if you literally
03:30count number of women computer science
03:32is now either the largest or the second
03:34largest on campus are people also doing
03:37other majors in addition to computer
03:38science like is it sort of becoming
03:39where computer science is like the new
03:41like English where everyone does English
03:42and something else or is it is it like
03:45that they're computer science majors so
03:47they're primarily doing computer science
03:49but we did just start a new a new effort
03:51called computer science plus X so
03:54computer science is kind of slowly
03:55taking over the world right to me
03:56software is everywhere these days you
03:58can't do English without software you
04:00can't do music without software you
04:01can't do literature everything is
04:02involving software these days so our
04:04computer science is kind of expanding
04:07and so we just launched this new effort
04:09called computer science plus x CS plus X
04:11where students can be computer science
04:13majors but they can they would also
04:15major in another disciplines so one of
04:17my undergrad students for example it
04:19does computer science plus
04:20studies so just to show you that it's
04:23kind of an interaction of computer
04:25science with lots and lots of different
04:26areas around campus it's interesting so
04:28linguistics it could be biology it could
04:30be anything really absolutely absolutely
04:33so computer science plus you know things
04:36in them in the basically almost anything
04:39in the humanities right so what are some
04:40of the other shifts that you've seen
04:42besides that yeah so within computer
04:45science I can say that computer security
04:47is definitely something that a lot of
04:49students are fascinated and interested
04:51by and just to give one example Mike our
04:53computer security class the one that I
04:55teach is an elective class and it's also
04:57been growing tremendously just this last
04:59last time I taught it it had had over
05:02300 students so it's a lot of fun these
05:04are brilliant students really smart and
05:06there are a lot of fun to teach and so
05:08you can imagine that that you know being
05:11having an elective class that that's big
05:12is kind of really showing where the
05:15level of interest that students have in
05:17the topic you are described as an
05:19applied cryptographer what does the
05:21applied come as opposed to not applying
05:23it to anything or just a theory of
05:25kotappa cryptography yes I work on
05:27computer security and cryptography and
05:29cryptography is actually the science of
05:31encryption basically how do we
05:32communicate securely with one another
05:34and there it's a very very broad area
05:37there are parts of cryptography that are
05:40being deployed and used every day every
05:42time you connect to Google you're using
05:44cryptography to set up a connect a
05:46secure connection an encrypted
05:47connection between you and Google so
05:49there's there are parts of cryptography
05:51they're extremely applied and used by
05:53billions of people every day if they if
05:55only they knew they were using actually
05:56fairly sophisticated math in setting up
05:59those secure connections it's actually
06:01quite fascinating to me that areas of
06:03mathematics that have been completely
06:05pure and studied only for intellectual
06:07curiosity are now being used by billions
06:10of people every day to set up secure
06:12connections across the internet so that
06:14would be more of the applied part of
06:15crypto cryptography also has a
06:17theoretical side of it which start which
06:19asks like basic questions like what are
06:22the minimal set of assumptions we need
06:23to have in order to set up a secure
06:25channel between the two of us and
06:27typically those those kind of if you
06:29want to minimize the set of a set of
06:31assumptions that you use you might not
06:34the most efficient systems that are
06:35possible and so those are those are more
06:38proofs of concept they're not directly
06:40deployed and so as I said it's an it's a
06:43very very broad area of research
06:45spanning all the way from applications
06:48to mathematics to theory to algorithms
06:51to complexity theory and so on so it's
06:53it's it's really quite a broad space and
06:56as I say it's a fascinating area to work
06:59in it's one of the few areas I have to
07:01say where you can do deep mathematics
07:04and at the same time we it would be
07:06extremely applied and deployed and used
07:08by billions of people all over the world
07:09so the applied private well I think we'd
07:11like to pick on that thread a little bit
07:13more because um the fact that your
07:15professor in residence is interesting in
07:17that context because it's sort of the
07:19intersection of like I reach our I mean
07:21not that anyone would probably call
07:22Stanford ivory tower because it's always
07:23had this history of people coming in at
07:25the university but it is sort of this
07:26intersection of university industry you
07:30know business government funding all of
07:32that stuff like how do you see the role
07:35that you play in that and Stanford as
07:37well like where does that sort of all
07:38play out so the students the Stanford's
07:40have always been extremely interpret
07:42oriole so it happens a lot that they
07:48come and do research projects with us
07:50and know those research project projects
07:52turn into companies it's happened to me
07:54twice in the past already oh really how
07:57can you tell by the way if it's at a
07:58research project stage like what can you
08:00tell like what makes it a promising
08:01potential company by looking at a
08:04research project are there things that
08:05you look for you noticed like wow that's
08:07gonna be really interesting in the
08:08future well I have to say that a lot of
08:09it comes from experience but but you
08:11know the rule of thumb is if it solves a
08:13problem that the world really wants to
08:14solve and no one has solved so far well
08:17the a research project project is gonna
08:18turn into a company right are their
08:21skills that you think that the students
08:23who have really neat research project
08:25ideas that can make promising startups
08:26don't have and I don't mean that a
08:28negative way but it's more like what are
08:30the missing pieces there so for example
08:32like design so much of you know
08:34cryptography touching our lives or any
08:36aspect of security touching our lives is
08:38about the usability of it because
08:40there's a lot of things we simply don't
08:41do because they're hard to do yeah I
08:43think that's a that's a really important
08:45point that is very often ignored
08:47that you could have the best technology
08:49but if it's not wrapped in a nice user
08:52interface that people have fun and and
08:54you know they're comfortable using it's
08:55never gonna get to play it's never gonna
08:57work I mean let's talk about second
08:58factor authentication yeah so second
09:01factor authentication is an area that's
09:02close to my heart so today traditionally
09:05when we authenticate to websites we
09:07typically just use passwords and as we
09:09all know passwords are incredibly
09:11insecure a which were we generally we
09:14choose humans generally choose
09:15relatively weak passwords and are not
09:17that difficult to guess and B it's
09:19actually not that hard to extract
09:20someone's password using attacks called
09:23phishing attacks someone can easily fool
09:25you into typing in your password well
09:27you're not supposed to and in doing that
09:28they will have extract that the password
09:30from you well it's actually got even
09:31more sophisticated right because we've
09:32talked about spearfishing where people
09:33actually figure out who you are almost
09:35like what based on your social network
09:37profiles and then actually cloak and
09:40attack kind of using the words I said to
09:42get someone you know absolutely without
09:44any misspellings because that's how you
09:45used to tell if it's an actual phishing
09:47attack absolutely phishing attacks were
09:48actually will go ahead and kind of draw
09:50wide net and and recover password from
09:52lots of random people if you want to
09:54target a particular individual that you
09:56want to extract their password you would
09:57use what's called a spear phishing
09:58attack where you actually gather
10:00information around them and typically
10:01you would just send them an email saying
10:03you know here's a video of you and the
10:05emails coming from your best friend you
10:07know most people will click and fairly
10:10fairly frequently they'll end up
10:11revealing their password so passwords by
10:13themselves we know are quite problematic
10:15as as the only token for authentication
10:18and so what's been proposed is basically
10:21to use what's called second factor
10:22authentication typically the way second
10:25factor authentication is implemented
10:26today is using a smartphone the
10:28smartphone is the second factor so the
10:30smartphone will either present a six
10:32digit PIN that the user types in some
10:34companies will text a message and that
10:36will be typed in more recent startups
10:39actually are working on things like
10:40where you just press a button and on
10:43your phone and in doing that you confirm
10:45a login all those are wonderful second
10:48factor mechanisms so I'm a big fan of
10:51actually making those more more usable
10:54unfortunately today all second factor
10:57authentication schemes are essentially
10:58based on well the smartphone
11:00and what happens if you only interact
11:02with a website through your smartphone
11:04right so in fact we're hearing more and
11:06more people that the only way to
11:08interact with specific websites say with
11:11their bank or with their with their
11:13e-commerce site is specifically on their
11:15phone well in that point the phone is
11:17not exactly a second factor
11:18it's basically well it's almost like
11:23actually this it's about the host device
11:25and the device you're inputting on or
11:27the device that you're computing on and
11:29everything that's one problem the other
11:31problem is often you know I want to
11:33login and maybe my phone is not next to
11:35me right so maybe I maybe I left my
11:37phone in one place in one room and I'm
11:39trying to log in from another room the
11:40direction we'd like to go at to move to
11:43is where the second factor is something
11:45that's always on the on the human body
11:46so one of the beautiful applications for
11:49smart watches is exactly a second factor
11:51right my smart watch my watch actually
11:53is always on me if that could be used of
11:55the second factor then that's a lot
11:57easier to use and you're not gonna
11:59forget forget that at home well I could
12:01use my ring Levin for a second factor
12:04all the time what I see missing for
12:07example is I would love to have a second
12:09factor built into my glasses yeah I mean
12:11my glasses are on me all the time in
12:13fact I can't even use my computer
12:14without my glasses too and that would
12:18work perfectly for me because there are
12:19times where I don't wear watch there are
12:21times where you leave your phone but
12:22your own why are we still embodying the
12:27second factor in objects like why then
12:29not biometric authentication like that's
12:35a really really good question so when
12:36you say biometric you mean something
12:37like a finger prick a fingerprint
12:39exactly so we've actually learned that
12:40fingerprints are not a very good way to
12:43authenticate people for a number of
12:44reasons first of all they're not very
12:46secret every time you hold a glass of
12:48water you're basically leaving your
12:49fingerprint on that car I think I've
12:51seen like 10 movies where there's a
12:52scene where someone steals like the
12:53fingerprints off someone based off the
12:55glass of water well you don't have to go
12:57to Hollywood actually there are people
12:59who YouTube videos that will teach you
13:02how within five minutes you can take a
13:05pick a fingerprint off of it and then
13:07use that to unlock the iPhone for exam
13:09I actually didn't realize it was that
13:10actually it's actually fairly fairly
13:12that's problem number one problem number
13:14two is that if you fingerprint if you
13:16suspect that your fingerprint has been
13:18somehow compromised there's no way for
13:20you to revoke your fingerprints maybe
13:21you can revoke it ten times because you
13:23have ten fingers right once you're done
13:25with your ten fingers you know you
13:26there's nothing no other option for you
13:28I guess you can go to 20 times if you
13:30use your toes but generally there's only
13:33a limited number of times you can revoke
13:34your fingerprint whereas a password or a
13:36second factor in the traditional sense
13:38you can revoke as many times as you want
13:40if you suspect that someone stole your
13:41password you just change your password
13:43if we all know and by we I mean to both
13:45the users and the people who create
13:47these in the end the folks who asked for
13:48us to register them if we all know
13:51they're so insecure what's keeping them
13:54so alive and well is it again because
13:57there's no other good option and that's
14:00what you and your students are all
14:02working on well the simple answer is
14:04inertia right we've all passwords have
14:06been invented you know so many 50 years
14:08ago and we've all gotten accustomed to
14:11using them at this point trying to get
14:13people to switch to something else is
14:15actually quite difficult mm-hm
14:17and so second factor actually is getting
14:20some adoption interestingly there are
14:22now studies that try to estimate how
14:24many people have adopted second factor
14:26on Gmail there was just a paper
14:27published last summer that claims
14:29something like 6% of Gmail users six
14:32tiny so I know actually you say tiny but
14:35to me this actually sounds like a
14:36remarkable success oh really it's
14:38getting people to adopt technology at a
14:41rate of 6 percent is actually quite
14:44yeah these are large numbers of people
14:46already and by the way these are I
14:48should just emphasize these are
14:50estimates based on an academic paper
14:51that did its best to estimate the number
14:54we don't actually know what the real
14:55number is so the current estimate is 6%
14:59some people you know the
15:00glass-half-empty folks would say oh it's
15:02so small it means second factories and
15:04working the glass half-full people would
15:07say wow 6 percent out of however many
15:09hundreds of millions of users they have
15:10is a remarkable success so we're talking
15:12about the consumer world but for example
15:14here we use opt-out does clearly part of
15:17our portfolio but can't you force people
15:20to do second factor or
15:22all right in a way great yeah cuz I
15:25that's easy like I just identic ate once
15:27and I have all my applications so like
15:29okay that's a wonderful question so I
15:31can tell you that at Stanford Stanford
15:34actually hired fantastic CSI OS just
15:37chief security officer and one of the
15:39things that he did is he mandated second
15:41factor access ons to understand for
15:43campus now that's a lot of people that's
15:45like tens without tens of thousands of
15:46people across the Stanford campus and
15:48they now when they want to log in to the
15:50university systems they have to log in
15:52using second factor and guess what I
15:55mean there was some resistance initially
15:56and we're still all alive yeah we're
16:00stopped everybody's using their second
16:03factor and they're still able to do
16:04their job and it just works so
16:06definitely in a more controlled
16:09environment it's much easier to mandate
16:10second fact right I just wish there was
16:12a world where you don't even have to
16:14make an effort to have security like it
16:16should be effortless in my mind because
16:18even though it's great that people learn
16:19technology isn't it possible that like
16:21you know I was thinking if we were
16:23talking earlier about some of the people
16:24we know in common through the park and
16:25Stanford Research a Security Research
16:28world but I was thinking of like some of
16:29like you know implicit authentication or
16:31other ways of finding out like based on
16:33patterns of behavior that this person is
16:35really who they say they are like are
16:37there other things that we can do that
16:38we don't have to work at like I feel
16:39like I'm I have second factor enabled
16:42but I'm lazy I don't want to have to
16:43work at this absolutely so the best
16:46security technology that has had the
16:49most impact in the world is security
16:51technology that is invisible but people
16:54don't even know is there I think
16:56actually encryption is a really good
16:58example of that right when you connect
16:59to Google that entire communication
17:02channel is encrypted and you don't even
17:04know that it's happening you did nothing
17:06to make it happen and yet it's all
17:07encrypted exactly I want more of that
17:09more of that so unfortunately both on
17:12the one hand there is actually a lot
17:13more that we can do and actually things
17:15are being done for example like you meet
17:17you mentioned implicit authentication
17:19the false positive rates on that are
17:21still a little too high for it to be
17:23massively and widely used but that is
17:25definitely a very interesting direction
17:28unfortunately though there's only so
17:30much you can do using implicit but
17:32without any explicit user into
17:35and the reason is again I can always try
17:37to do as an attacker someone might
17:39always try to do a social engineering
17:41attack on you I spear fishing or fishing
17:45and if you just expect if the user just
17:47expects the system to just work and do
17:49the right thing that can't possibly work
17:52because the attacker can make you think
17:54that what you're about to do is secure
17:57is safe where in fact it's not so the
18:01more the attacker knows about you the
18:02easier it is for the attacker to fool
18:04you and so users you know user we always
18:07preach this users have to be vigilant
18:09and make sure they don't just type in
18:11their passwords or enter the second
18:13factor whenever they're asked they
18:15always have to think is that safe for me
18:17to enter my credential here or not and I
18:20wish there was a way to make this
18:21completely ubiquitous so that's
18:23completely transparent to users but
18:25because attackers can become more and
18:28more sophisticated over time there will
18:30always be a need for the for the user to
18:32somehow think about what they do before
18:33right I think ultimately this is where
18:35every security system fails it's because
18:37technology doesn't live in a vacuum it's
18:39in a social context although I have to
18:41say the role of technology is to make it
18:43so that the only attack that's possible
18:45on you is a social engineering attack
18:46but I think that's also why this CS x--
18:50approach is a great one so if it's
18:52computer scientists who are also trained
18:54as unique miner you know designers you
18:56know psychologists etc there's hope for
18:59us to sort of come at things in
19:00different ways there's a lot of room for
19:02education for sure for improving
19:04security a developers need to become
19:07more aware of you know when they
19:08introduce a security vulnerability a bug
19:10in their code that's gonna impact a lot
19:12of people so developers need to be aware
19:14of the need to write secure codes
19:16that's what we try to do in our classes
19:17but also the end user needs to be aware
19:19that you know they shouldn't just trust
19:21their computer or the company or the web
19:24website they're interacting with to make
19:26them secure users have to be vigilant
19:28yeah and users have a responsibility
19:30okay so you've scared me a little bit
19:32already about second factor and how not
19:35that many people are using it and how
19:37we're not as secure as we might like to
19:38believe we are scare me with encryption
19:41what are you working on that well that
19:43our I though either sort of help or are
19:46that I should be worried about you know
19:48we kept talking about
19:49in fact authentication but there is like
19:51a big elephant in the room which is that
19:54the current techniques that are used for
19:56second factor authentication make it so
19:58that stealing the users password does
20:00not let the attacker login as the user
20:02but all these credentials all these user
20:04credentials are still stored in the
20:06cloud they're still stored in one way or
20:08another at you know at a central
20:11repository at websites that the user is
20:13trying to log into well in recent years
20:16as you know again and again and again
20:18hackers don't attack the end users or
20:20not as much and instead they go or in
20:23addition to they go and attack these
20:25central repositories so we've all seen
20:27the attacks on target where they got a
20:30whole bunch of user information Office
20:32of Personnel Management they got a whole
20:33bunch of information Sony attacks there
20:37are many many many of these publicized
20:38attacks and they are not publicized for
20:40that many not publicized indeed where
20:42the attackers actually go after central
20:45repositories rather than out going after
20:47the end users themselves well so second
20:49factor authentication helps protect the
20:51user from losing their passwords but it
20:55does not quite help protect the central
20:57repository where all these credentials
20:59are stored to begin with so what we've
21:01been working on is actually a way to
21:03kind of get the best of both worlds
21:04where you could have an authentication
21:06scheme that is based on second factor
21:09but the central repository only has sort
21:13of public information so even if the
21:14attacker breaks in and is able to steal
21:16this public this information at the
21:18central repository that will not help
21:20them later on log in as that user that's
21:24fascinating interesting well that makes
21:26me feel better I have to say let's
21:28actually segue a little bit to a theme
21:31you've been talking about which is this
21:32power of math in everyone's hands and
21:34you know one of the things that people
21:36talk about when they describe
21:37technologies like Bitcoin and the
21:39blockchain is about putting your trust
21:41in map versus another intermediary and
21:44actually letting that become a form of
21:46trust so we'd love to hear some of your
21:47thoughts and work in the area of Bitcoin
21:50and blockchain absolutely Bitcoin is I
21:52think one of the exciting developments
21:53in the last couple of years I'm a big
21:57in fact we're just starting this fall
21:59we'll be teaching a class on Bitcoin in
22:00Stanford just an entire class devoted
22:02just to Bitcoin blockchain technologies
22:05and other cryptocurrencies this is uh
22:07myself and Joe Bono one of my postdocs
22:10were gonna be teaching this class
22:11together so Bitcoin is really exciting
22:14as you say this security of Bitcoin is
22:16based on math that's based on what's
22:18called digital signatures and the
22:19mathematics that goes into digital
22:21signatures the reason it's so exciting
22:23is first of all well it's for me it's
22:26yet another application of crypto but
22:29beyond that it's actually a there are
22:34lots of people in this world who do not
22:37have access to a banking and financial
22:38system in Bitcoin is a fantastic way for
22:41them to still continue to use currencies
22:45without having to rely on on a
22:47centralized banking system so that's the
22:50power of Bitcoin in the developing world
22:52is enormous and we're gonna be seeing a
22:55lot of growth in fact there are a lot of
22:56start startups going after that space so
22:59we're going to see growth of the use of
23:01Bitcoin in the developing world and
23:02that's really quite fascinating it
23:04really does it really will improve the
23:06lives of the people involved do you
23:07think then from your vantage point that
23:10Bitcoin adoption happens first in the
23:12developing world because of that because
23:14of the lack of you know like you say
23:16first world banking infrastructure etc
23:17well there are many reasons why Bitcoin
23:19is being used today it's obviously it's
23:21used in the developed world as well as
23:24well not just in the developing world
23:25but yeah the the the reason why it's
23:27appeal in the developing world is so
23:29high is exactly because it's it gives
23:32you a way to to to use money without
23:35having to rely on this and the you know
23:37the required banking infrastructure
23:39which just doesn't exist and there like
23:41I said there many startups going after
23:43that space and will see big movements
23:46there so what we've been interested in
23:48in the area of Bitcoin is basically how
23:50can we help scale it up how can we help
23:52improve security and so on so I'll just
23:54maybe mention one thing that we just did
23:55recently again this is work what joint
23:58work with Joe Bono and some of my
24:00students so we have these Bitcoin
24:04exchanges and many of them actually keep
24:07money on behalf of the customers so
24:09companies like coin Bay
24:10and others that actually you know
24:12they're they function as Bitcoin banks
24:14in a sense well we've had examples where
24:17these Bitcoin banks didn't do so well
24:19you might have heard of Mount Cox that
24:20held people's money and the end in the
24:23end it turned out not so well so what
24:26we'd like to do is we'd like to kind of
24:27help Bitcoin exchanges become more
24:32transparent and increase trust in their
24:34holdings so ideally what you'd like to
24:36do is basically every day an exchange
24:40could prove that the amount of assets
24:43that it holds is more than the amount of
24:45obligations that it has right so
24:47obligations are basically the bitcoins
24:50that it collects from its customers and
24:51assets are the bitcoins that it owns
24:54itself and you'd like you'd like it to
24:55prove that the number of bitcoins it
24:57owns is more than a number of bitcoins
24:58that it holds on behalf of its customers
25:01that would mean that the exchange is
25:02solvent right yes well proving that
25:05you're solvent is easy if everything was
25:08it was transparent you could just say
25:10how many bitcoins you you owe and how
25:12many bitcoins you have but most
25:14companies would be reluctant to reveal
25:16that information just because that's too
25:17personal that's too revealing too much
25:20information about your business so what
25:22we designed is basically I'm making a
25:24mechanism that allows you to prove
25:26solvency but do it in a in a way that's
25:29called zero knowledge so you can prove
25:31that you're solvent so in exchange can
25:33prove that an amount of bitcoins it has
25:35is more than the obligations that it has
25:37but do it in a way that reveals nothing
25:39at all beyond the fact that it's solvent
25:41so by enabling that um essentially we
25:45enable these exchanges to every day run
25:48through this proof that they're solvent
25:50anyone who cares can look at the proof
25:52and convince themselves that the
25:54exchange of solvents but there is
25:55nothing revealed nothing personal or
25:57private is revealed in the process of
25:59doing this proof that's fascinating
26:01because it feels like you would have so
26:02many applications if you could take that
26:04that mindset to other problems for how
26:08to engage entrust have trusted
26:12interactions with with stranger parties
26:14where you don't want to have
26:15transparency as a proxy for trust
26:17absolutely I think that's that's that's
26:19a really really good point so there are
26:20lots of other areas in the Bitcoin world
26:23where these zero knowledge mechanisms
26:25are being used there are things like
26:27smart contracts where you might prove
26:28that you're following the contract
26:30correctly but you want to do it in a
26:31zero-knowledge manner so is not to
26:33reveal what exactly it is that you're
26:35doing just that you're following the
26:36contract so this sounds a little bit
26:38like FDI and FDIC insurance for Bitcoin
26:42that like people have this comfort that
26:44you know they're gonna get their money
26:45back if push comes to shove but how do I
26:48trust in that other mechanism so FDIC I
26:51trust because I trust in some sense in
26:53the US government and that it has the
26:55money to pay me back where does my trust
26:58lie then with this mechanism that says
27:00you're solvent like how do I know that
27:01you're telling me the truth right so
27:04basically when I say that so that's a
27:06really really good question and the
27:07answer is like many other things with
27:09Bitcoin that the answer is in the
27:12yeah it's secure I mean it's it's the
27:13reason you have faith in it is because
27:16well it's based on hard problems from
27:19mathematics if the exchange was able to
27:22produce a false proof that necessarily
27:25means that they were able to break some
27:27problem that we believe is unbreakable
27:30right or at least difficult to break
27:32right and so but again much of Bitcoin
27:35depends on these hard problems of
27:36mathematics right so the security of
27:38Bitcoin depends on the security of
27:40digital signatures since we have faith
27:42in the digital signatures that we have
27:44we have faith in the in the in the
27:46currency Ison so I'm gonna ask something
27:48that's probably very blasphemous here
27:50given who I'm speaking to and where I'm
27:52sitting what I'm when I'm asking this is
27:54it naive of us to put our trust in math
27:57as well though because you know when one
27:59hand we're saying we don't trust other
28:00human beings with certain things because
28:02human beings are faulty mechanisms but
28:04it's not like math is this closed loop
28:05perfect system I mean we think about
28:07even I'm just thinking concretely about
28:08the fact that the NSA must have like the
28:11world's best mathematicians employed
28:13working on cracking all kinds of things
28:16not to mention all the failed hedge
28:18funds thank you so really I mean you
28:21guys are bringing up a really really
28:24great point that a lot of the security
28:26that underlie underlies not just Bitcoin
28:29but really all of cryptography right we
28:31talked about these secure channels that
28:33you set up with Google and all that all
28:34those channels the reason they're secure
28:37we believe in the underlying
28:39cryptographic primitives that I used to
28:41secure them now why do we believe those
28:43primitives well to tell you the truth
28:44the answer is because lots of smart
28:46people have looked at the underlying
28:48mathematical problems and no one has
28:51been able to to to show that no one is
28:53able to show that they're not hard so
28:56just to be concrete for example a lot of
28:58the security is based on say just to
29:01give one example the difficulty
29:03difficulty of factoring large numbers
29:05right right well how do we know that
29:07factoring large numbers is hard well the
29:08truth is we don't know that it's all
29:10especially in an age while they're
29:11computing power is increasing
29:13it was hard a hundred years ago right
29:16well actually you know surprisingly the
29:18growth and computing power is actually
29:20helping us secure these problems that's
29:22actually not a problem that's counter
29:23intuitive and the reason is because
29:24because computers get faster we can you
29:30know in end-user machines can actually
29:32handle larger and larger numbers but if
29:33you if you just make the number like
29:35twice as big factoring it is not twice
29:38as hard factoring it becomes
29:40exponentially hard so that the fact that
29:42we that end-user machines can handle
29:43twice numbers that are twice as big
29:45means that attackers now have to work
29:47incredibly hard but the risk that I was
29:49referring to is how do we know that
29:51there isn't a better way to factor
29:52numbers how do we know that there isn't
29:53a better way to break the encryption or
29:56that or the digital signatures that
29:58underlies Bitcoin or Google channels
30:00actually the whole world of crypto in
30:02some sense was invented in the public
30:04key the modern what we call modern
30:05cryptography was started back in 1976
30:08here at Stanford and the problem that by
30:11defeating Hellman and the problem that
30:12they set out that they basically based
30:15their system on still hasn't been solved
30:17yeah it's still it's a hard problem lots
30:18of people have tried to break it but it
30:20has not been broken so far now I should
30:23say and probably some of the listeners
30:24are now thinking there is actually a
30:25looming threat which is really quite why
30:28which against shows why this field is so
30:30much fun yeah there is a looming threat
30:32it turns out there's a whole other class
30:35of computers that we have not been able
30:37to build yet quantum computer yes
30:39exactly I'm so glad you brought this up
30:41they're not based on classical physics
30:43they're based on the fact that our world
30:45is a quantum world and if I can explain
30:47it in one sentence is basically the one
30:49we're thinking about it
30:50is as you know and quantum theory says
30:53that an electron is actually in multiple
30:56places at once and it turns out if
30:59something isn't multiplet multiple
31:01places at once in a very vague level you
31:03can say that each place that it's at can
31:06be used to compute and that allows you
31:08to do many computations at once which we
31:10couldn't do in a classical computer
31:12technically that's not quite accurate
31:13but there is a way to make this precise
31:15and accurate when the bottom line here
31:18is if quantum computers can solve
31:20certain problems that classical
31:21computers can't and in fact all the
31:24world of crypto that we use on the
31:26Internet today and for Bitcoin as well
31:29would be well would be broken if someone
31:33was able to build a quantum computer now
31:35you don't have to lose too much sleep
31:36over this today because no one has been
31:38able to build a quantum computer and
31:40it's not on the horizon even so let's
31:42actually probe on this a little bit more
31:43though because you know we've been
31:45hearing about quantum cryptography and
31:46quantum computing as this potential holy
31:48grail for years why is it really far
31:52away are the enabling conditions at all
31:53changing that can make it possible I
31:55feel like we're seeing a resurgence
31:56again of interest in in advances that
31:59show that they might be more possible to
32:01build than they have been absolutely so
32:04before I answer that actually let me
32:05just make a quick comment here which is
32:07to say that even if tomorrow we found
32:09someone you know open up the New York
32:10Times and it says you know first quantum
32:12computer built don't panic the end of
32:20the world it turns out the crypto
32:21community is not sitting on its on its
32:23hands we've actually been hard at work
32:25in building back up cryptographic
32:27primitives such that even if somebody
32:30builds a quantum computer tomorrow all
32:32we would have to do is switch out the
32:33primitives that we have today move to
32:35these new primitives and we're back on
32:37the horse yeah we're back in business
32:38and as far as we know quantum computers
32:41will not be able to break those new
32:42primitives well the answer is that
32:47building a quantum computer is actually
32:48quite challenging and the reason is I
32:51mentioned electrons before well you can
32:53imagine each quantum computer it's
32:56called a qubit needs to kind of do its
32:58operation but it can't do its operation
33:00on its own it's got to interact with
33:01other qubits well the difficult
33:03in building these quantum computers is
33:05you need to have qubits interacting with
33:07one with one another but not interacting
33:09with the environment and so building
33:11many many bits that interact with one
33:14another but not with anything yet
33:15anything else has turned out to be quite
33:17an engineering challenge but I do have
33:19to say that there's been really quite
33:21remarkable progress in the last couple
33:23of years in making that happen it's not
33:25clear how fast those things can actually
33:29be realized but it looks like there is
33:31actually a path now towards building
33:33quantum computers and so at some point I
33:35would I would speculate I don't know I
33:37wouldn't bet anyone on it but I would
33:39speculate that in my lifetime we'll
33:40probably see some sort of a operating
33:43quantum computer what are some of those
33:44enabling conditions is it like material
33:46science advances like what are the
33:47things that make quantum computers
33:49possible yeah it's actually mostly
33:50physicists and material scientists folks
33:52that are working on this absolutely this
33:54is a you know I would say that the
33:55computer scientists have done their job
33:57here in that you know we have shown very
33:59compelling applications for quantum
34:01computers the ball now is in the
34:03physicists so you mentioned earlier Dan
34:07that um you know that a lot of this is
34:10that cryptographers and security and
34:12computer scientists and you know
34:14security research has been working for
34:15years like with these backup we know
34:17qubit idea I mean these backup ideas for
34:19quantum cryptography and all these other
34:20things clearly a lot of security
34:22research is about anticipating attacks
34:25and not even just on just being attacks
34:27but what types of attacks are gonna
34:29happen because the world is continually
34:30evolving so how does that play out in
34:33your work and what you do with your
34:34students yeah I have to say that kind of
34:37anticipating anticipating what what
34:40attackers are going to do is actually
34:41have quite an important area of research
34:43and computer security in general one of
34:45the things we try to do with my group is
34:47again anticipate kind of what attacks
34:49are gonna come that we haven't seen yet
34:51and of course once we do identify an
34:53attack that we haven't seen yet we do a
34:56lot we work hard to try and make sure
34:57that it doesn't happen and and we
34:59propose ways to fix it I'll give you
35:01maybe a couple of examples so one thing
35:03that we did while a few months ago was
35:06look at the security of password
35:08managers yeah so speaking of user user
35:10authentication we were kind of curious
35:12about how secure our password managers
35:15that are embedded in browsers
35:17so again in the in the vein of
35:19anticipating attacks it turned out well
35:22there are actually quite generic attacks
35:24that could be applied to these password
35:26managers and extract passwords without
35:29the users knowledge or consent so that
35:31was kind of troubling and again it's in
35:34the vein of not you know putting your
35:38hand in your head in the sand the goal
35:40is to kind of understand what how
35:42vulnerable are our systems how secure
35:43are there are they are there places are
35:45there parts of our systems that can be
35:48improved and so looking at password
35:51managers basically we identify places
35:52where password managers could be
35:54strengthened we wrote a paper explaining
35:55what our attacks are we explained
35:57exactly how they could be strengthened
35:59and how to defend against these attacks
36:00and I'm thrilled to say that actually a
36:03lot of the many of the big companies
36:04adopted our proposals and in fact
36:07they've pushed patches to exactly
36:11address the issues that we brought up so
36:13it's an area that's actually quite a lot
36:15of fun to work in our students you know
36:17obviously they get to identify new
36:19attacks before they come out and then
36:21our focus basically is again fixing and
36:23making sure those things are not
36:24exploited when you say identify though
36:26you're not just meaning like there have
36:27seen about and seeking them out in the
36:29wild and then identifying and labeling
36:31them you're actually meaning that you
36:32guys are actually finding creating those
36:34well I wouldn't we look at the security
36:37of systems and we try to identify ways
36:41in which you know perhaps are not as
36:43secure as one would think and it's very
36:46important to do this kind of research
36:47because again if you think that
36:49something is secure you the end user
36:51think that something is secure when in
36:53fact it's not that's doing a lot of harm
36:55overall security didn't used to be the
36:58sort of the first thing or even the
37:00third thing maybe that that people had
37:01in mind when they were building systems
37:03are we getting better you know the
37:05simple answer is yes things really are
37:06getting better but a lot of it has to do
37:08with process so you see that within
37:10companies the large companies for sure
37:13there's actually a much stronger
37:15emphasis on security now and in the
37:18particular point is that the security
37:20teams have a lot more power than they
37:22so in big companies like Microsoft Apple
37:27security teams in fact are involved in
37:29the process from the design phase which
37:31is really important and then if a
37:33product is about to ship out and
37:35security the security team discovers a
37:37big vulnerability they actually have the
37:39power to delay shipping yeah so those
37:42kind of putting those kind of policies
37:43in place really helps companies ensure
37:45that products that they ship out at
37:48least satisfy you know some criteria to
37:51make them more secure so that tension
37:52between like we got to get this thing
37:54out here we got to get you gotta go go
37:56go that versus security it's not as much
37:59of a battle anymore no no I didn't say
38:01that I said that the large and the large
38:02companies security teams have much more
38:05power than they used to when you look at
38:08products coming out of smaller companies
38:09especially startups you know often
38:12there's a there really is a rush to
38:14market and you can understand that
38:16completely right there's no point in
38:18securing a product that's never gonna
38:20get used so you'd first like to build a
38:22user base and then worry about secure
38:24about securing it right you can kind of
38:25see see where that mentality how that
38:28mentality might evolve and what we're
38:30trying to get across is that's actually
38:32quite problematic because once your
38:35product is out there once you build a
38:36user base your users are used to using
38:39the product in a particular way if it
38:41turns out that you have to make changes
38:42in the user interface because of
38:44security concerns that actually would
38:47make it harder to later on make those
38:48those changes to make the product more
38:50secure so my hope is that startups can
38:53also pay attention to security before
38:55they ship products so or you know always
38:57if you're building a start-up if you
38:59even a small group of developers who are
39:01putting a product together always have
39:03some folks who are in charge of looking
39:06at attacks this is often called a threat
39:09modeling so even as a group of
39:12developers you should have meetings and
39:14engage in this activity activity called
39:16threat modeling try to write down
39:18explicitly what are the attacks that are
39:20possible on your product and then try to
39:22design ways to prevent those attacks and
39:24that should be done from day one it
39:26shouldn't be just left to the big
39:27companies to do everybody in the
39:29software world needs to be doing this
39:31it's actually interesting because one of
39:32our partners Frank Chen always talks
39:34also to about our startups and their
39:36security hygiene here well at least in
39:38terms of securing the back ends
39:41these days there's a lot of outsourcing
39:43going on and in terms of back-end
39:46systems you know you you outsource a lot
39:48of operations to the cloud so at least
39:49basic security issues of making sure
39:52your network doesn't fall under a do s
39:54attack it's something that the cloud
39:55cloud takes care of for you and so it at
40:00least kind of even small companies can
40:02do quite a lot by relying on the cloud
40:04they can do quite a lot in securing
40:06their own infrastructure and the backend
40:08system for their own products so that
40:11that is getting that is definitely one
40:13aspect in which things are getting
40:14better we're at a point now where it
40:16sounds to me like I shouldn't assume
40:18anything I can assume in some sense that
40:21like well big company a they'll probably
40:24doing a pretty good job but that doesn't
40:26mean I should also assume that this
40:27other thing that I'm looking at you know
40:29from a big company or from a small
40:31company has the same degree of security
40:34or or control or protection well the
40:37it's basically you know software is
40:41complex software is hard to write
40:43software that just just works is you
40:47know and reliably works is hard to write
40:48software that works reliably and is
40:52resistant to attack is even harder to
40:54write and so know you can't assume that
40:56anything is secure but that's okay
40:59yeah I mean we don't live in the world
41:00that where we expect perfect perfect
41:02security ever right your are our houses
41:05are not perfectly secure and yet we seem
41:07to cope with it quite well so we
41:09shouldn't expect our software artifacts
41:11to be perfectly secure and there's no
41:12such thing I mean that's a good point
41:13whenever you whenever an attacker invest
41:16enough energy in trying to break and
41:18penetrate in into a system by expanding
41:22you're not expending enough energy
41:23they'll be able to do it right it's true
41:25in the physical world and it's true in
41:28you mentioned that you're teaching this
41:29new course are you also I've noticed
41:32that you've taught a couple of MOOCs on
41:33applied crypto or computer science MOOCs
41:36can you tell us share some of your
41:38thoughts on on a why you did that and
41:41then belike your thoughts in the
41:42evolution of education oh I have to say
41:44the MOOC MOOCs are a big deal at
41:47Stanford and they've actually played a
41:48important part in my life so I really
41:52enjoy teaching this is why I'm a
41:54I really really like teaching especially
41:55teaching at Stanford is a lot of fun
41:57lots of smart students so obviously it's
42:01a pleasure to teach to teach them what
42:04I've done though is I've taken my
42:06on-campus applied crypto class and I've
42:08actually made it into and I sat down
42:11recorded it and I made it available to
42:13the public so anyone who wants to can
42:15sign up for the class it's available off
42:18of my home page you can easily find it
42:19and sign up the class repeats every
42:22three months and you can just sign up
42:23and take it it's free you get a
42:26statement of accomplishment once you're
42:28done with it and in fact lots of people
42:30have taken it so there's something like
42:31600,000 people have signed up for this
42:34class and it's been really rewarding for
42:38me first of all I would have to teach at
42:40Stanford for about 2,000 years to reach
42:43600,000 people I have to say I kind of
42:45think of this class as a MOOC it's not a
42:47replacement it's definitely not a
42:48replacement for on-campus classes now
42:51I've come to realize this MOOC is
42:52basically like a 21st century textbook
42:56yeah so if you take the the MOOC online
42:59you should it's almost the same as
43:02actually reading a textbook on crypto
43:03yeah it's a textbook that's maybe a
43:05little easier to read because it's
43:07videos and exercises and it's a little
43:10bit more interactive it's not a passive
43:11experience like a textbook but really it
43:14is just a 21st century textbook and
43:16actually it's improved my on-campus
43:17teaching as well because now when I
43:20teach a class on campus if there's like
43:22a topic that I think is kind of boring
43:24and you know maybe we should move on to
43:26something more interesting and spend
43:28more time on the more interesting stuff
43:29all I do is I kind of give an overview
43:31of the kind of that maybe the easier
43:33topic and then I just say you know go
43:35see the MOOC to to kind of get a more
43:38in-depth the coverage of that topic and
43:41then we move on to the deeper and more
43:43interesting topics that might take
43:44longer and require more class time so it
43:47really has improved my on-campus
43:48teaching as well because I can rely on
43:50it and and direct students to watch it
43:53just like in the old days you might
43:55direct students to read chapters in a
43:57except students wouldn't read the top
43:59chapters in the textbook whereas here
44:01all they have to do is just watch some
44:02videos right they seem to be much more
44:04tuned and and used to that
44:07in the age of YouTube some of you need
44:08to sign up for the MOOC right away quiz
44:13next time we see Dan so just a MOOC I
44:16mean how geographically how does a
44:17distribute and I have you noticed any
44:19like cryptography is hot in the new
44:24cryptographic clusters yeah it's I know
44:26it's actually all over the world it's
44:27fairly there's obviously a strong Center
44:30in the US but no it's from all over the
44:33world India China just all the places
44:35you would imagine then it's fairly
44:36uniform you said that the cs department
44:38at stanford has the highest number of
44:40women as a major are you singing any
44:43kind of distribution a crusher mooc
44:45male/female that that tells you anything
44:49that's a great question but to be honest
44:51I looked at the geographic distribution
44:54I haven't quite looked at the gender
44:56distribution are they are watching the
45:01MOOC um on their phones because not
45:04everyone has computers and yeah they can
45:06watch it however they want they can
45:07watch it on their laptop they if they
45:09have a slow internet connection they can
45:11download the videos overnight and then
45:13watch them the following day they can
45:15watch them on their tablets they can
45:16watch them on their phone they can watch
45:17however however they want so the
45:19platform is actually very general and I
45:21should say that it's not like sitting in
45:23a movie theater and watching a movie
45:25passively these MOOCs basically at least
45:27my lectures they pause every minute or
45:29two and ask the students questions it's
45:32more of a Socratic way of learning where
45:34you know let's develop this material and
45:36by the way what do you think about this
45:37topic and then the student has to answer
45:39and then we continue based on the
45:40students answer so that kind of the the
45:42it's more as really is kind of an
45:44interactive experience as as the course
45:47evolved and our the question that you're
45:48saying you answer answer all these
45:50emails are the questions that you get in
45:52any way different from from the
45:53questions you get from your students at
45:55Stanford I mean in terms of type and
45:57kind of what they're going out there all
45:59over the place some of the MOOC students
46:01are extremely bright yeah they ask
46:02really really good questions and in fact
46:05the answer each other's questions
46:06there's like an online forum as part of
46:08the MOOC and the answer is they answer
46:09each other's questions and I read the
46:11answers and they're extremely insightful
46:12so well you know there are lots of smart
46:16people out there and I'm happy that they
46:18are taking these books it's great that
46:21encouraging it too because you know one
46:22could argue like wait you're paying this
46:24tuition and these are this is our best
46:27asset these professors and then to give
46:29your knowledge away for free I mean some
46:31universities actually have a complete
46:32opposite attitude about that right so as
46:35we said I mean this is not going to
46:36replace on campuses right it's more to
46:38supplement it and the goal is to
46:41basically have our way of looking at the
46:44material be made available to the world
46:46the 21st century text exactly it's not
46:49it's exactly like a textbook I love it
46:51we love that Dan well we're really
46:53excited to have you as our new professor
46:54in residence we can't wait to keep the
46:56conversation going about all of these
46:58exciting topics and more for me I can
47:00tell you that a lot of my research is
47:01being driven by ideas that come out of
47:03startups so working with the startups
47:05that come through andreessen horowitz is
47:07gonna be a lot of fun for me looking at
47:09ideas looking at pitches expressing
47:12opinions obviously all of this I'm
47:13really excited and I'm looking forward
47:15to doing all of it thank you