WEBVTT 00:00:03.660 --> 00:00:06.240 Welcome to the Azure Security Podcast, where 00:00:06.240 --> 00:00:08.779 we discuss topics relating to security, privacy, 00:00:09.060 --> 00:00:11.460 reliability, and compliance on the Microsoft 00:00:11.460 --> 00:00:34.609 Cloud Platform. I'm the Chief Technology Officer 00:00:34.609 --> 00:00:38.090 of Azure. I'm also a Technical Fellow at Microsoft. 00:00:38.469 --> 00:00:40.810 And as of about a year and a half ago, I've got 00:00:40.810 --> 00:00:44.229 some additional titles, Deputy CISO for Azure, 00:00:44.409 --> 00:00:46.609 Deputy CISO for Engineering Systems, and for 00:00:46.609 --> 00:00:48.409 our core operating systems, Linux and Windows. 00:00:48.630 --> 00:00:50.729 So actually, before we get on, what is a Technical 00:00:50.729 --> 00:00:52.289 Fellow? I'm sure a lot of our listeners would 00:00:52.289 --> 00:00:54.429 like to know. Well, that's a great question. 00:00:54.469 --> 00:00:56.549 In fact, Scott Hanselman and I just recorded 00:00:56.549 --> 00:00:59.630 on our Scott and Mark Learn To podcast an episode 00:00:59.630 --> 00:01:02.270 on career trajectories for developers at Microsoft 00:01:02.270 --> 00:01:05.810 where we do discuss in some depth about what 00:01:05.810 --> 00:01:08.230 the distinguished titles of distinguished engineer 00:01:08.230 --> 00:01:10.750 and technical fellow mean. But in a nutshell, 00:01:10.989 --> 00:01:14.989 it means that the engineer at Microsoft has had 00:01:14.989 --> 00:01:18.609 massive impact on the company and likely the 00:01:18.609 --> 00:01:20.709 industry in whatever domain that they happen 00:01:20.709 --> 00:01:25.400 to be working in. Yeah, a good friend of mine 00:01:25.400 --> 00:01:28.379 over in as your data just became distinguished 00:01:28.379 --> 00:01:31.400 engineer. So it's great to see. It's an impressive 00:01:31.400 --> 00:01:34.560 accomplishment to get that because it's also 00:01:34.560 --> 00:01:37.400 typically means that you've been executing at 00:01:37.400 --> 00:01:39.099 that level for a long time to be able to have 00:01:39.099 --> 00:01:41.239 that kind of impact. Yeah. All right, let's get 00:01:41.239 --> 00:01:43.739 stuck into the topic of this, which is all about 00:01:43.739 --> 00:01:46.659 quantum cryptography, basically a podcast based 00:01:46.659 --> 00:01:50.659 on a blog post that you wrote. We just want to 00:01:50.659 --> 00:01:52.560 turn it into sort of an audio format for people 00:01:52.560 --> 00:01:55.560 who want to sort of learn more about this while 00:01:55.560 --> 00:01:57.959 they're driving to the gym or something. So let's 00:01:57.959 --> 00:02:00.560 get stuck into something. I've got the intros 00:02:00.560 --> 00:02:03.280 out the way. My first question is, you know, 00:02:03.299 --> 00:02:05.560 if you could kind of give your take on quantum, 00:02:05.700 --> 00:02:07.400 right? And, you know, because there's quantum 00:02:07.400 --> 00:02:09.139 computing, there's quantum physics, there's quantum 00:02:09.139 --> 00:02:11.379 cartography. So if you kind of, you know, give 00:02:11.379 --> 00:02:14.419 us a quick sense of that, and then very interested 00:02:14.419 --> 00:02:16.539 in this term quantum safe, like, what does that 00:02:16.539 --> 00:02:20.159 mean, you know, to us to Microsoft to you? And, 00:02:20.280 --> 00:02:22.280 you know, why is that, you know, becoming a big 00:02:22.280 --> 00:02:25.919 deal for people? Sure. So in this context, we're 00:02:25.919 --> 00:02:28.680 talking about quantum computing, which is computing. 00:02:29.389 --> 00:02:32.530 that takes advantages of quantum physics. If 00:02:32.530 --> 00:02:34.550 you take a look at classical computing, it's 00:02:34.550 --> 00:02:38.250 very much binary, and it starts with transistors 00:02:38.250 --> 00:02:41.689 that have on and off states. When you talk about 00:02:41.689 --> 00:02:45.889 quantum computing, you're talking about the quantum 00:02:45.889 --> 00:02:50.069 effects at microscopic level, different materials 00:02:50.069 --> 00:02:53.810 that actually live in a superposition state, 00:02:53.969 --> 00:02:57.430 which means that they actually reflect a probability 00:02:57.430 --> 00:03:01.090 of a state. That doesn't reflect an actual state 00:03:01.090 --> 00:03:03.610 until you measure it. And this is kind of the 00:03:03.610 --> 00:03:06.050 bizarre thing about quantum physics. When I started 00:03:06.050 --> 00:03:08.770 to look more closely at quantum physics, which 00:03:08.770 --> 00:03:11.449 I'd never had any education on in high school 00:03:11.449 --> 00:03:15.210 or college, about 10 years ago, as I got more 00:03:15.210 --> 00:03:16.909 familiar with the quantum program that we had, 00:03:17.030 --> 00:03:22.310 my mind was blown by some of the effects. quantum 00:03:22.310 --> 00:03:25.550 physics like the double slit experiment with 00:03:25.550 --> 00:03:27.810 light for example where you shine the light through 00:03:27.810 --> 00:03:30.409 the double slits and if you're measuring the 00:03:30.409 --> 00:03:32.710 number of photons going through you actually 00:03:32.710 --> 00:03:37.689 end up with a pattern on the wall or the reader 00:03:37.689 --> 00:03:41.189 on the other side of the slits that shows that 00:03:41.189 --> 00:03:43.009 the photons went through one slit or another 00:03:43.009 --> 00:03:46.789 but if you don't measure them then you end up 00:03:46.789 --> 00:03:48.750 with a scatter that shows that they actually 00:03:48.750 --> 00:03:51.550 kind of went through both slits and That's just 00:03:51.550 --> 00:03:54.069 like we're not just not used to thinking about 00:03:54.069 --> 00:03:56.330 things like that. What this allows you to do 00:03:56.330 --> 00:04:01.409 is computations that work on maintaining massive 00:04:01.409 --> 00:04:04.210 amounts of state in a very compact way. Because 00:04:04.210 --> 00:04:06.889 if you wanted to simulate a physical environment 00:04:06.889 --> 00:04:09.490 like that light going through the slits with 00:04:09.490 --> 00:04:12.150 a classical computer, basically you have to represent 00:04:12.150 --> 00:04:15.990 for each bit has two to that power of bits of 00:04:15.990 --> 00:04:18.949 state represented in it that in a quantum bit. 00:04:19.290 --> 00:04:21.430 can store all of that state in just that one 00:04:21.430 --> 00:04:24.769 bit. Simulating a quantum computer is exponential 00:04:24.769 --> 00:04:27.970 in a classical system. And if you want to simulate 00:04:27.970 --> 00:04:30.310 100 atoms, now you're talking about 2 to the 00:04:30.310 --> 00:04:33.189 100th states. And you start to explode in terms 00:04:33.189 --> 00:04:36.750 of memory, for one thing. Whereas in a quantum 00:04:36.750 --> 00:04:39.110 computer, you're just talking about 100 qubits. 00:04:39.290 --> 00:04:43.050 And what you can do with qubits is actually simulate 00:04:43.050 --> 00:04:46.069 physical environments. Like Feynman said, quantum 00:04:46.069 --> 00:04:47.810 computing, which he's one of the pioneers of 00:04:47.810 --> 00:04:50.470 quantum computing, is the best way to simulate 00:04:50.470 --> 00:04:53.129 a physical system is with the physical system 00:04:53.129 --> 00:04:55.949 itself, something that represents it. And the 00:04:55.949 --> 00:04:59.269 physical world is quantum and probabilistic. 00:04:59.269 --> 00:05:02.189 And so if you can simulate it with probabilistic 00:05:02.189 --> 00:05:05.370 computing, you can actually simulate exact outcomes. 00:05:05.490 --> 00:05:07.230 And where this becomes interesting is when you 00:05:07.230 --> 00:05:09.269 want to solve problems like, how do these molecules 00:05:09.269 --> 00:05:12.689 bond? How do I develop a new chemical that has 00:05:12.689 --> 00:05:16.139 these properties? How do I simulate traffic, 00:05:16.259 --> 00:05:18.459 which has actually this kind of exponential state 00:05:18.459 --> 00:05:21.480 thing and best and optimal traffic flows? And 00:05:21.480 --> 00:05:24.180 you can look at problems around different domains 00:05:24.180 --> 00:05:27.980 and see where using this kind of power would 00:05:27.980 --> 00:05:29.680 help you solve problems that are intractable 00:05:29.680 --> 00:05:34.720 on classical computers. So back in the early 00:05:34.720 --> 00:05:37.639 2000s, around 2008, Microsoft embarked on a quantum 00:05:37.639 --> 00:05:39.579 computing program to build a quantum computer. 00:05:40.829 --> 00:05:45.129 The key part of a quantum computer is the quantum, 00:05:45.230 --> 00:05:47.490 the qubit that you pick, the physical qubit you 00:05:47.490 --> 00:05:51.430 pick. Which material are you going to use that 00:05:51.430 --> 00:05:54.250 has that quantum physical property to build your 00:05:54.250 --> 00:05:56.350 quantum computer on top of? And there's lots 00:05:56.350 --> 00:05:59.209 of different microscopic materials that exhibit 00:05:59.209 --> 00:06:01.050 these quantum physical properties. Like you can 00:06:01.050 --> 00:06:03.310 take an atom itself. You can take an electron. 00:06:03.470 --> 00:06:06.750 You can take a photon. You can take ions. And 00:06:06.750 --> 00:06:10.680 you can use them as your physical qubit. Now, 00:06:10.699 --> 00:06:13.480 the pros and cons of using different physical 00:06:13.480 --> 00:06:17.100 qubits is they each have different sizes and 00:06:17.100 --> 00:06:20.040 speeds and stability. And so kind of those three 00:06:20.040 --> 00:06:24.600 dimensions. And back in 2008, Microsoft quantum 00:06:24.600 --> 00:06:28.980 researchers concluded that all of the kind of 00:06:28.980 --> 00:06:31.740 materials that I just mentioned or physical qubits 00:06:31.740 --> 00:06:34.660 I just mentioned were not going to get us onto 00:06:34.660 --> 00:06:37.439 a path. to a scalable quantum computer. And I'll 00:06:37.439 --> 00:06:39.439 describe what that is in a second. But they'd 00:06:39.439 --> 00:06:42.240 read about this or knew about this theoretical 00:06:42.240 --> 00:06:44.980 particle called a Majorana fermion, which was 00:06:44.980 --> 00:06:48.519 actually predicted by Enrico Majorana, an Italian 00:06:48.519 --> 00:06:51.319 physicist, back in the, I think it was the 1930s. 00:06:51.399 --> 00:06:54.060 But nobody had ever actually seen one. And they 00:06:54.060 --> 00:06:57.139 said, well, this particle, which is its own antiparticle, 00:06:57.279 --> 00:07:02.540 if it exists, is fast, small, and stable. And 00:07:02.540 --> 00:07:03.980 if we could build a quantum computer with this, 00:07:04.000 --> 00:07:06.430 we could... get to scale of a million qubits 00:07:06.430 --> 00:07:10.329 on a wafer of material that you could actually 00:07:10.329 --> 00:07:13.589 produce. And the benefit of that over looking 00:07:13.589 --> 00:07:16.129 at some of these other physical qubits like transmons 00:07:16.129 --> 00:07:21.389 or ions or photons or electrons is that with 00:07:21.389 --> 00:07:24.189 all those other technologies, you have to create 00:07:24.189 --> 00:07:27.329 a system that has a million logical qubits or 00:07:27.329 --> 00:07:28.750 a few hundred thousand logical qubits. You're 00:07:28.750 --> 00:07:30.670 talking about a system that is the size of a 00:07:30.670 --> 00:07:34.600 conference room or larger. And with that comes 00:07:34.600 --> 00:07:37.399 this big problem of how do I synchronize the 00:07:37.399 --> 00:07:41.000 thing across that kind of scale and how do I 00:07:41.000 --> 00:07:43.240 measure things reliably and how do I keep everything 00:07:43.240 --> 00:07:45.759 coherent? And this is what it's called. You don't 00:07:45.759 --> 00:07:49.420 want the superimposed state to collapse. You 00:07:49.420 --> 00:07:51.860 want it to stay in that state. Once you measure 00:07:51.860 --> 00:07:53.720 it, of course, it collapses and you can inadvertently 00:07:53.720 --> 00:07:55.579 get measurements which cause it to collapse. 00:07:55.740 --> 00:07:57.899 So the bigger your system, the more likely you're 00:07:57.899 --> 00:08:00.610 going to have. And then that means the more error 00:08:00.610 --> 00:08:02.509 correction you need, which means the system gets 00:08:02.509 --> 00:08:05.589 even bigger. But with my own fermions, we could 00:08:05.589 --> 00:08:08.370 avoid all that. And so that's been the focus 00:08:08.370 --> 00:08:11.569 of the program since the start is how do we actually 00:08:11.569 --> 00:08:14.269 prove these things exist? Then how do we make 00:08:14.269 --> 00:08:16.629 them reliably? And then how do we build a qubit 00:08:16.629 --> 00:08:18.689 on top of it? And then how do we build a quantum 00:08:18.689 --> 00:08:22.009 gate on top of that? And we've been hitting each 00:08:22.009 --> 00:08:24.509 one of those one after the other steps on the 00:08:24.509 --> 00:08:27.240 path to. Majorana fermion based system. These 00:08:27.240 --> 00:08:29.980 are called topological qubits. The ones we build 00:08:29.980 --> 00:08:32.139 with Majorana fermions in, I think it was like 00:08:32.139 --> 00:08:33.960 six or seven years ago, we proved that they exist. 00:08:34.120 --> 00:08:36.919 And there was a paper in Nature. Microsoft proves 00:08:36.919 --> 00:08:39.960 that Majorana fermions do exist. And then the 00:08:39.960 --> 00:08:42.980 next paper was Microsoft proves that they can 00:08:42.980 --> 00:08:46.200 make them. And now we actually showed what we 00:08:46.200 --> 00:08:48.639 can create qubits on top of them. And then at 00:08:48.639 --> 00:08:50.860 build, we announced Majorana one, which is an 00:08:50.860 --> 00:08:54.179 eight bit topological qubit based system. That's 00:08:54.179 --> 00:08:56.960 our first one to actually start playing with 00:08:56.960 --> 00:08:58.820 and investigating the properties of it. And then 00:08:58.820 --> 00:09:02.259 the path is, of course, to scale that into hundreds 00:09:02.259 --> 00:09:04.740 of thousands onto a single wafer. And we've been 00:09:04.740 --> 00:09:07.200 building all the supporting infrastructure around 00:09:07.200 --> 00:09:09.159 having a real scalable quantum computer when 00:09:09.159 --> 00:09:12.019 it's ready, like SDKs for how you program the 00:09:12.019 --> 00:09:13.600 quantum computer, getting the algorithms ready 00:09:13.600 --> 00:09:16.580 so when it's ready, it's ready. Getting cryogenic 00:09:16.580 --> 00:09:20.100 CMOS controllers that we can put next to the 00:09:20.100 --> 00:09:22.720 quantum computer so that we can actually measure 00:09:22.720 --> 00:09:26.009 and control it. at scale at scale without worrying 00:09:26.009 --> 00:09:29.269 about the decoherence like this essentially allows 00:09:29.269 --> 00:09:32.809 you to do calculations that were extremely difficult 00:09:32.809 --> 00:09:35.309 before which is essentially what our cryptography 00:09:35.309 --> 00:09:39.590 was built on very quickly right exactly so quantum 00:09:39.590 --> 00:09:41.250 computing is great on one hand and then it's 00:09:41.250 --> 00:09:43.529 terrible for security on the other you're right 00:09:43.529 --> 00:09:46.309 so we're creating this situation where with a 00:09:46.309 --> 00:09:48.409 scalable quantum computer of a few hundred thousand 00:09:48.409 --> 00:09:51.409 qubits you can start to break elliptical curve 00:09:51.409 --> 00:09:54.990 cryptography and rsa cryptography at at the key 00:09:54.990 --> 00:09:58.250 lengths that we're using today you know 256 bit 00:09:58.250 --> 00:10:01.389 uh keys would be breakable by a system of that 00:10:01.389 --> 00:10:04.470 size and that poses obviously this is an existential 00:10:04.470 --> 00:10:07.429 threat to computer security because if somebody 00:10:07.429 --> 00:10:11.850 can break that the tls isn't secure on disk encryption 00:10:11.850 --> 00:10:14.570 isn't secure because the keys themselves are 00:10:14.570 --> 00:10:16.669 encrypted that way and then ultimately there's 00:10:16.669 --> 00:10:19.330 symmetric almost every technical control relies 00:10:19.330 --> 00:10:22.970 on in some form or fashion without that. Yeah, 00:10:22.990 --> 00:10:27.210 hashing gets broken. Like all the fundamentals 00:10:27.210 --> 00:10:29.629 of our computer security are broken once that 00:10:29.629 --> 00:10:30.509 happens. Yeah, isn't there a thing right now 00:10:30.509 --> 00:10:32.269 where people are actually collecting ciphertext? 00:10:33.029 --> 00:10:35.289 They can't break it yet. Yeah, this is break 00:10:35.289 --> 00:10:38.450 now, read later, decrypt later. Harvest now, 00:10:38.570 --> 00:10:41.669 decrypt later. It's like that, yeah. They're 00:10:41.669 --> 00:10:43.149 grabbing it now and they're going to do it later. 00:10:43.970 --> 00:10:46.590 It's harvest now, decrypt later. Decrypt later. 00:10:46.950 --> 00:10:52.889 Yeah, HNDL, like handle, yeah. You can just record 00:10:52.889 --> 00:10:54.870 the TLS communication, the handshake, and then 00:10:54.870 --> 00:10:56.490 break it with a quantum computer at some point. 00:10:56.529 --> 00:10:58.889 And then all that communication is in the clear. 00:10:59.370 --> 00:11:02.009 Yeah, very cool. Well, not very cool at all, 00:11:02.110 --> 00:11:05.590 but anyway. Very scary, actually. So what are 00:11:05.590 --> 00:11:08.330 the biggest challenges, biggest technical challenges 00:11:08.330 --> 00:11:10.350 with migrating to post -quantum cryptography 00:11:10.350 --> 00:11:12.429 that you see? People need to really, really think 00:11:12.429 --> 00:11:13.889 about it. What is it as you need to think about, 00:11:14.029 --> 00:11:16.730 for example? Well, so the first thing is what 00:11:16.730 --> 00:11:18.860 kind of timeline that we've got for this. Because 00:11:18.860 --> 00:11:20.840 I think that's, you know, you need to do a work 00:11:20.840 --> 00:11:22.620 back, which is what we've done, which is saying, 00:11:22.740 --> 00:11:25.480 when do we think we'll get to that kind of scale? 00:11:26.460 --> 00:11:28.960 Or somebody will, and we think Microsoft has 00:11:28.960 --> 00:11:31.100 a good chance of getting there first. And we 00:11:31.100 --> 00:11:34.440 think that in the early 2030s might be the kind 00:11:34.440 --> 00:11:36.299 of timeframe we're talking about for a scalable 00:11:36.299 --> 00:11:38.000 quantum computer to be in the hands of people 00:11:38.000 --> 00:11:41.360 that want to break cryptography. And so when 00:11:41.360 --> 00:11:44.320 we work back from that, we say, what's the timeline 00:11:44.320 --> 00:11:48.429 we need to be ready? to safely ready, conservatively 00:11:48.429 --> 00:11:50.669 ready for that. And so we set ourselves a timeline 00:11:50.669 --> 00:11:53.870 of 2029. And that means, and being called post 00:11:53.870 --> 00:11:56.269 quantum safe means, we've actually switched over 00:11:56.269 --> 00:11:59.029 to using cryptographic algorithms that quantum 00:11:59.029 --> 00:12:01.350 computers can't break, instead of using these 00:12:01.350 --> 00:12:05.129 ones that I mentioned. And that means starting 00:12:05.129 --> 00:12:07.110 with the core dependencies of like your cryptographic 00:12:07.110 --> 00:12:10.669 library support it, and then your ships in the 00:12:10.669 --> 00:12:13.519 operating system, and then your Network traffic, 00:12:13.639 --> 00:12:17.759 TLS is starting to use it, and your on -disk 00:12:17.759 --> 00:12:20.639 key protection and wrapping and your token signing 00:12:20.639 --> 00:12:23.059 are all using those kinds of algorithms. And 00:12:23.059 --> 00:12:25.320 so we've mapped out all the steps we need to 00:12:25.320 --> 00:12:27.620 take, starting with the fundamental one of, hey, 00:12:27.659 --> 00:12:29.659 let's get those algorithms coded up and included 00:12:29.659 --> 00:12:32.200 in our crypto libraries, and then going from 00:12:32.200 --> 00:12:35.679 there. And so quantum safe means you've actually 00:12:35.679 --> 00:12:38.899 re -encrypted your keys. You've actually switched 00:12:38.899 --> 00:12:40.840 over to that for all your network communications 00:12:40.840 --> 00:12:43.639 as well. And you're signing all your code with 00:12:43.639 --> 00:12:46.960 those algorithms as well. So the tool that we 00:12:46.960 --> 00:12:49.480 have started working on, one of those fundamental 00:12:49.480 --> 00:12:52.600 components is SimCrypt, right? Yep. Which is 00:12:52.600 --> 00:12:55.000 available all, it's up on GitHub for Windows 00:12:55.000 --> 00:12:57.200 and Linux and I assume Mac as well, is that? 00:12:57.629 --> 00:12:59.850 Yeah, it is there for Mac, too. So where does 00:12:59.850 --> 00:13:02.570 SimCrypt fit in the hierarchy? So Windows today, 00:13:02.750 --> 00:13:06.629 we have historically a crypto API and then CNG, 00:13:06.669 --> 00:13:08.789 crypto next generation. So where does SimCrypt 00:13:08.789 --> 00:13:12.210 map in that hierarchy? And when are protocols 00:13:12.210 --> 00:13:15.850 like TLS1 .x or 2 .x, whatever happens in the 00:13:15.850 --> 00:13:17.070 future, you're going to switch over to using 00:13:17.070 --> 00:13:21.230 these post -quantum algorithms? So it's like 00:13:21.230 --> 00:13:23.029 the most fundamental piece. It's at the heart. 00:13:23.250 --> 00:13:25.950 The bottom of the dependency stack is SimCrypt. 00:13:26.279 --> 00:13:28.120 And so that's where we started first. And we've 00:13:28.120 --> 00:13:30.240 got two algorithms, post -quantum algorithm shipping 00:13:30.240 --> 00:13:33.779 as part of SimCrypt, ML -DSA and ML -Chem. So 00:13:33.779 --> 00:13:36.639 DSA is digital signatures and Chem is key exchange. 00:13:37.000 --> 00:13:40.399 And those are NIST certified official standards 00:13:40.399 --> 00:13:43.860 for post -quantum cryptographic algorithms. One 00:13:43.860 --> 00:13:45.899 of the challenges, by the way, we faced is that 00:13:45.899 --> 00:13:49.700 these algorithms are showing up. They go through, 00:13:49.740 --> 00:13:52.720 we're waiting for NIST approval. And the risk 00:13:52.720 --> 00:13:55.779 here, even... even as the algorithms get approved, 00:13:55.960 --> 00:13:57.740 and that means cryptographers have beaten on 00:13:57.740 --> 00:14:00.080 this in the public for a few years and nobody's 00:14:00.080 --> 00:14:03.120 found any flaws with them, is that actually even 00:14:03.120 --> 00:14:05.639 the ones that got through the initial gate, NIST 00:14:05.639 --> 00:14:07.860 gates, some of them have fallen by the wayside 00:14:07.860 --> 00:14:10.879 as researchers find problems with them. And we 00:14:10.879 --> 00:14:13.259 don't know for sure that there's not going to 00:14:13.259 --> 00:14:15.600 be problems found with these. This is such a 00:14:15.600 --> 00:14:19.179 complex mathematical space. Like I'm not an expert 00:14:19.179 --> 00:14:20.860 in it. I don't know if you are, Michael, but 00:14:20.860 --> 00:14:25.159 we run this. this risk. And so we've got to be 00:14:25.159 --> 00:14:28.379 quantum crypto agile. And crypto agility now 00:14:28.379 --> 00:14:32.879 means, hey, if something happens to MLDSA, we 00:14:32.879 --> 00:14:34.879 need to be able to swap it out for another one. 00:14:35.460 --> 00:14:37.940 So crypto agility is one of my favorite topics, 00:14:38.159 --> 00:14:41.080 favorite, favorite topics. The biggest mistake 00:14:41.080 --> 00:14:43.620 I find people make, you know, both inside Microsoft, 00:14:43.700 --> 00:14:46.860 to be honest, and outside of Microsoft, is to 00:14:46.860 --> 00:14:50.500 hard code slash embed. Crypto algorithm information. 00:14:50.980 --> 00:14:53.399 So for example, I've actually seen code from 00:14:53.399 --> 00:14:55.019 a customer, believe it or not, that was using 00:14:55.019 --> 00:14:59.440 56 -bit DES, ECB, electronic code book, right? 00:14:59.519 --> 00:15:02.759 So you can imagine how weak that is. And they 00:15:02.759 --> 00:15:04.700 had terabytes of data encrypted with it and they 00:15:04.700 --> 00:15:06.519 couldn't do anything about it easily because 00:15:06.519 --> 00:15:09.980 their code just was hard -coded to use DES electronic 00:15:09.980 --> 00:15:12.759 code book. So I don't know. I mean, I can certainly 00:15:12.759 --> 00:15:16.539 talk at length about practical ways that we've 00:15:16.539 --> 00:15:18.899 done crypto agility inside of Microsoft. Is there 00:15:18.899 --> 00:15:20.179 anything you want to talk about? Because I do 00:15:20.179 --> 00:15:22.340 want to spend probably 60 seconds just to give 00:15:22.340 --> 00:15:24.940 people some flavor about what crypto agility 00:15:24.940 --> 00:15:27.059 actually means from a practical perspective. 00:15:27.500 --> 00:15:28.860 I mean, I think you should run with it. Okay. 00:15:29.259 --> 00:15:31.759 Again, it's one of my pet topics. I'm just a 00:15:31.759 --> 00:15:33.100 huge fan. In fact, in the Microsoft security 00:15:33.100 --> 00:15:34.840 development lifecycle, it's also a requirement. 00:15:35.039 --> 00:15:37.059 Thou shalt be crypto agile. So what does that 00:15:37.059 --> 00:15:38.080 actually mean? Well, it basically means that 00:15:38.080 --> 00:15:41.519 you can change algorithms and aspects of algorithms 00:15:41.519 --> 00:15:44.179 on the fly. So you could change from AES to... 00:15:44.519 --> 00:15:46.659 post -quantum algorithm. You could change from, 00:15:46.720 --> 00:15:48.299 let's say you're still using AES, but you want 00:15:48.299 --> 00:15:51.299 to go from cipher blockchaining to Galois counter 00:15:51.299 --> 00:15:54.399 mode. You can easily do that. And the way you 00:15:54.399 --> 00:15:56.480 do it is essentially, there's two major ways 00:15:56.480 --> 00:15:59.220 of doing it. One of them is the way SQL Server 00:15:59.220 --> 00:16:01.299 does it with always encrypted. When they encrypt 00:16:01.299 --> 00:16:05.779 the data, they use AES -256 with a SHA -256 HMAC. 00:16:06.240 --> 00:16:08.909 And that is version one. And if they decided 00:16:08.909 --> 00:16:11.049 to move to some other algorithm, say post -quantum 00:16:11.049 --> 00:16:13.129 or perhaps Galois counter mode or whatever, that 00:16:13.129 --> 00:16:16.350 could be version two. And so the first byte of 00:16:16.350 --> 00:16:18.169 the ciphertext is the version number. And then 00:16:18.169 --> 00:16:19.629 their code, they just look at what it is and 00:16:19.629 --> 00:16:21.730 they encrypt and decrypt using that. The nice 00:16:21.730 --> 00:16:23.809 thing about that is new stuff can be encrypted 00:16:23.809 --> 00:16:26.070 with version two and they can read the old stuff, 00:16:26.230 --> 00:16:28.250 which is version one, which is really, really 00:16:28.250 --> 00:16:32.509 nice. The other way that it's commonly used is 00:16:32.509 --> 00:16:36.350 in Microsoft Office in their XML data format. 00:16:37.080 --> 00:16:39.179 they have an XML block at the very beginning 00:16:39.179 --> 00:16:43.279 which describes all the Cypher information that's 00:16:43.279 --> 00:16:46.200 used in that document. So it could be AES in 00:16:46.200 --> 00:16:50.059 Cypher block chaining mode, 256. Here's the initialization 00:16:50.059 --> 00:16:52.600 vector, password -based key derivation function 00:16:52.600 --> 00:16:54.620 for deriving the key based on a password. Whatever, 00:16:54.700 --> 00:16:56.379 I don't know, right? All that sort of stuff is 00:16:56.379 --> 00:16:58.120 in there. The nice thing about that is, again, 00:16:58.159 --> 00:17:00.909 you can read it. in whatever format it is, and 00:17:00.909 --> 00:17:03.769 you can write it out with whatever is the current 00:17:03.769 --> 00:17:08.049 version. I don't think Office exposes the individual 00:17:08.049 --> 00:17:11.130 knobs that you can tweak on the cryptography, 00:17:11.269 --> 00:17:13.910 but internally it certainly could. And those 00:17:13.910 --> 00:17:17.509 are two magnificent ways of supporting crypto 00:17:17.509 --> 00:17:19.190 agility because it allows you to read the old 00:17:19.190 --> 00:17:22.430 data, encrypt it in the old credi format, and 00:17:22.430 --> 00:17:25.250 write out using the latest and greatest to your 00:17:25.250 --> 00:17:27.519 point mark. Let's say one of these new algorithms 00:17:27.519 --> 00:17:30.640 has an issue and so version 2 is released, then 00:17:30.640 --> 00:17:32.880 you can upgrade to version 2 and still read the 00:17:32.880 --> 00:17:35.500 old data and then write out using the newer formats 00:17:35.500 --> 00:17:38.740 if you propose that you should do that. Now, 00:17:38.740 --> 00:17:41.259 speaking of formats, I think one of the things 00:17:41.259 --> 00:17:43.799 that, as part of this transition, is that we 00:17:43.799 --> 00:17:46.240 can't just flip over to post -quantum cartography. 00:17:46.400 --> 00:17:48.779 We've got to be compatible with existing systems. 00:17:49.019 --> 00:17:51.940 And so we have now hybrid TLS connections, for 00:17:51.940 --> 00:17:55.849 example, which... we'll use both. So if we find 00:17:55.849 --> 00:17:58.529 that when we're ready to flip, we can flip over, 00:17:58.789 --> 00:18:01.670 it also means we can fall back to the classical 00:18:01.670 --> 00:18:05.049 ones if there's a problem with the quantum safe 00:18:05.049 --> 00:18:08.329 ones or the supposedly quantum safe ones. Yeah, 00:18:08.369 --> 00:18:13.450 so does TLS 1 .3 today have reserved cipher suites 00:18:13.450 --> 00:18:15.029 for post -quantum or is that something that's 00:18:15.029 --> 00:18:16.950 still evolving? Yeah, because that's where we're 00:18:16.950 --> 00:18:18.930 doing it with TLS 1 .3. Very cool. That's really, 00:18:18.970 --> 00:18:22.250 really cool. Yeah, and actually, so TLS, has 00:18:22.250 --> 00:18:25.930 historically also supported crypto agility. Because 00:18:25.930 --> 00:18:28.369 during the negotiation, you negotiate, like, 00:18:28.410 --> 00:18:30.029 here's the cipher suites that I support as the 00:18:30.029 --> 00:18:31.690 server, and here's the cipher suites that I support 00:18:31.690 --> 00:18:34.329 as the client. Then the server selects the strongest 00:18:34.329 --> 00:18:36.670 out of the intersection of the two. And if there 00:18:36.670 --> 00:18:38.630 is no intersection, then there's no communication, 00:18:38.970 --> 00:18:41.190 right? Because we can't agree on the algorithm. 00:18:41.309 --> 00:18:43.589 So TLS has always done a very good job on crypto 00:18:43.589 --> 00:18:45.990 agility as well. In this case, it's encrypted 00:18:45.990 --> 00:18:49.200 with both. Right. So if one breaks, the other 00:18:49.200 --> 00:18:50.920 is still protected by the other one if the other 00:18:50.920 --> 00:18:53.619 one's secure. When you say it's encrypted, you 00:18:53.619 --> 00:18:56.420 mean the keys are encrypted? Yeah, the key, right? 00:18:56.480 --> 00:18:58.859 The symmetric keys that are exchanged. Just stepping 00:18:58.859 --> 00:19:00.279 back for a moment, just I want to make sure that 00:19:00.279 --> 00:19:02.619 this is clear to the audience. We're talking 00:19:02.619 --> 00:19:04.740 about crypto agility in the context of Microsoft 00:19:04.740 --> 00:19:08.359 and the protocols and whatnot. But the reality 00:19:08.359 --> 00:19:10.720 is it's not just, hey, we've got Azure and then 00:19:10.720 --> 00:19:12.519 we get new algorithms from Microsoft through 00:19:12.519 --> 00:19:15.779 Windows Update and the other mechanisms. There's 00:19:15.779 --> 00:19:17.359 a certain amount that's kind of done for you. 00:19:17.960 --> 00:19:20.339 But there's a lot of stuff that uses cryptography, 00:19:20.460 --> 00:19:22.940 different physical devices, whether IoT, OT, 00:19:23.279 --> 00:19:26.440 older software, might be hard -coded stuff, maybe 00:19:26.440 --> 00:19:28.700 custom -built, maybe a vendor's out of business, 00:19:28.839 --> 00:19:31.200 etc. And so organizations really need to start 00:19:31.200 --> 00:19:35.299 thinking through how do we do inventory of all 00:19:35.299 --> 00:19:38.359 of the different... crypto algorithms we have, 00:19:38.420 --> 00:19:41.000 you know, via software, via hardware, or, you 00:19:41.000 --> 00:19:42.980 know, essentially software embedded hardware. 00:19:43.960 --> 00:19:46.400 And it really starts thinking about that, because 00:19:46.400 --> 00:19:50.119 that's the key challenge of quantum is, you know, 00:19:50.119 --> 00:19:52.559 there may be some devices that you simply can't 00:19:52.559 --> 00:19:55.180 update the crypto algorithms for. So definitely 00:19:55.180 --> 00:19:57.359 start that conversation that thinking early, 00:19:57.559 --> 00:20:00.599 because you do not want to be caught flat footed 00:20:00.599 --> 00:20:03.039 trying to buy new devices when, you know, it's 00:20:03.039 --> 00:20:05.180 sort of like, I live in Florida. So it's like 00:20:05.180 --> 00:20:06.759 toilet paper in a hurricane. You don't want to 00:20:06.759 --> 00:20:09.119 be trying to buy the same thing everybody else 00:20:09.119 --> 00:20:11.200 is all at the same time because there's only 00:20:11.200 --> 00:20:13.299 going to be so many replacement devices and whatnot. 00:20:13.700 --> 00:20:15.640 You bring up a good point around hardware because 00:20:15.640 --> 00:20:18.619 that's what everybody's recognized we need to 00:20:18.619 --> 00:20:22.259 be on top of right away. And in fact, at Microsoft, 00:20:22.460 --> 00:20:26.059 we pioneered and launched with a group of partners, 00:20:26.240 --> 00:20:30.160 AMD and NVIDIA, Google and others, an open source 00:20:30.160 --> 00:20:32.920 root of trust. for our data center hardware. 00:20:33.059 --> 00:20:36.059 And Root of Trust is the core component that 00:20:36.059 --> 00:20:40.059 launches the whole platform and does the measurement 00:20:40.059 --> 00:20:42.539 and the attestation for the security posture 00:20:42.539 --> 00:20:44.740 of the platform. If that thing is broken, then 00:20:44.740 --> 00:20:47.440 you have no security in hardware. And even your 00:20:47.440 --> 00:20:51.079 software systems on top rely on that. And so 00:20:51.079 --> 00:20:55.359 this core Root of Trust called Calyptra now has 00:20:55.359 --> 00:20:58.460 in Calyptra 2 .0 This Adams bridge accelerators 00:20:58.460 --> 00:21:00.599 component of it, which is a post quantum safe 00:21:00.599 --> 00:21:03.700 cryptographic accelerator to support the post 00:21:03.700 --> 00:21:05.819 quantum algorithms on part of that we're to trust 00:21:05.819 --> 00:21:08.200 in this. And so that is part of OCP, the open 00:21:08.200 --> 00:21:10.720 compute project, anybody can take and use it 00:21:10.720 --> 00:21:13.359 where all of our hardware that we're building 00:21:13.359 --> 00:21:15.740 in ourselves in Azure uses Calypter. And like 00:21:15.740 --> 00:21:17.579 I mentioned, some of those partners and, and 00:21:17.579 --> 00:21:19.839 a broader hardware ecosystem are now using Calypter 00:21:19.839 --> 00:21:22.730 as well, because it takes from the time you Put 00:21:22.730 --> 00:21:25.369 it in your design three years effectively until 00:21:25.369 --> 00:21:28.910 it shows up in production hardware. Cool. Now, 00:21:28.950 --> 00:21:31.190 you'd mentioned a little bit of work with NIST. 00:21:31.250 --> 00:21:33.009 Can you talk a little bit more about, in general, 00:21:33.170 --> 00:21:35.549 how we work with standards bodies like NIST, 00:21:35.589 --> 00:21:38.769 ISO, and the like on this topic and how we're 00:21:38.769 --> 00:21:41.210 sort of contributing in those ways in addition 00:21:41.210 --> 00:21:42.750 to the open source stuff you mentioned? Sure. 00:21:42.809 --> 00:21:44.950 Well, I mean, the standards are extremely important, 00:21:45.069 --> 00:21:47.529 right? The standards bodies are defining for 00:21:47.529 --> 00:21:50.789 governments what crypto algorithms they consider. 00:21:51.490 --> 00:21:53.769 secure. And ideally, you know, we settled just 00:21:53.769 --> 00:21:56.529 like we have with classical crypto on some standards 00:21:56.529 --> 00:21:59.250 for the whole world for the whole industry. In 00:21:59.250 --> 00:22:01.950 the case of the post quantum algorithms, NIST 00:22:01.950 --> 00:22:04.470 took a lead on this and they had in 2017, they 00:22:04.470 --> 00:22:07.960 had a call for submissions for post quantum safe 00:22:07.960 --> 00:22:10.400 algorithms for these various operations like 00:22:10.400 --> 00:22:14.140 digital signatures and key exchange. And Microsoft 00:22:14.140 --> 00:22:16.720 actually submitted four submissions. So these 00:22:16.720 --> 00:22:19.480 are four algorithms that we are security or cryptographic 00:22:19.480 --> 00:22:21.799 researchers came up with into that call. And 00:22:21.799 --> 00:22:24.059 I think there's one in the current one. So we've 00:22:24.059 --> 00:22:27.240 been hard at work at coming up with crypto algorithms 00:22:27.240 --> 00:22:30.940 that we that look like they'll be post quantum 00:22:30.940 --> 00:22:35.279 safe and submitting them to NIST. And so And 00:22:35.279 --> 00:22:37.380 then we're working with other standardization 00:22:37.380 --> 00:22:40.259 bodies, ISO and ITF, again, on defining the standards 00:22:40.259 --> 00:22:42.759 for what does hybrid key exchange look like for 00:22:42.759 --> 00:22:47.319 TLS 1 .3, as well as whatever those standards 00:22:47.319 --> 00:22:49.500 bodies are defining as requirements around cryptography 00:22:49.500 --> 00:22:52.099 that we make sure that post -quantum is reflected 00:22:52.099 --> 00:22:55.119 there. So at a practical perspective, I mean, 00:22:55.140 --> 00:22:58.400 what impact is this going to have on Azure, Windows, 00:22:58.859 --> 00:23:00.359 Office, and so on? I mean, will people actually 00:23:00.359 --> 00:23:03.059 see any real changes? Or do we expect to see 00:23:03.059 --> 00:23:06.569 sort of Perhaps UI change or configuration changes? 00:23:07.349 --> 00:23:09.589 Or do we expect this to be pretty much hidden 00:23:09.589 --> 00:23:12.809 from most end users? That's an awesome question. 00:23:12.910 --> 00:23:14.710 And I think our goal is to make it hidden from 00:23:14.710 --> 00:23:17.109 everybody. Anybody that doesn't need to know 00:23:17.109 --> 00:23:19.250 about it shouldn't have to worry about it. It 00:23:19.250 --> 00:23:21.349 should just be there, baked in. I think most 00:23:21.349 --> 00:23:25.369 people aren't even aware of the classical cryptography 00:23:25.369 --> 00:23:27.690 algorithms that we're using. The vast majority 00:23:27.690 --> 00:23:29.869 of people, right? It's just typically a few people 00:23:29.869 --> 00:23:32.009 that are worried about crypto that are looking 00:23:32.009 --> 00:23:34.049 and saying, oh, time to upgrade our, you know, 00:23:34.049 --> 00:23:36.990 retire TLS 1 .2 and time to retire this algorithm. 00:23:37.130 --> 00:23:40.849 Time to move from MD5 to secure hashing, right? 00:23:41.809 --> 00:23:43.950 And most people don't even know what MD5 is, 00:23:43.990 --> 00:23:45.829 so. Yeah, so you're telling me people don't need 00:23:45.829 --> 00:23:48.289 to learn quantum superposition? Yeah. That's 00:23:48.289 --> 00:23:50.029 good. That's a good thing. That's a really good 00:23:50.029 --> 00:23:53.210 thing. So put your philosophical hat on, your 00:23:53.210 --> 00:23:55.710 technical. I know you're actually very good at 00:23:55.710 --> 00:23:57.089 this. I actually enjoy listening to you when 00:23:57.089 --> 00:23:58.950 you talk about things like this. But where do 00:23:58.950 --> 00:24:01.789 you see the intersection? We live in really amazing 00:24:01.789 --> 00:24:04.569 times, right? All of a sudden, everyone's had 00:24:04.569 --> 00:24:06.329 to learn about AI. Whether you wanted to or not, 00:24:06.430 --> 00:24:08.490 if you're a nerd, you've got to learn about AI, 00:24:08.690 --> 00:24:10.509 right? You just have to. And I see that on the 00:24:10.509 --> 00:24:12.329 horizon as well with quantum. All of a sudden, 00:24:12.349 --> 00:24:14.809 people are learning about superposition and all 00:24:14.809 --> 00:24:17.109 sorts of things like that. Where do you see that 00:24:17.109 --> 00:24:19.650 intersection in the future, say 20 years from 00:24:19.650 --> 00:24:22.859 now? where it's in sections of AI and security 00:24:22.859 --> 00:24:25.839 and quantum and massive compute in the cloud 00:24:25.839 --> 00:24:28.460 and massive storage. Where do we see that going 00:24:28.460 --> 00:24:31.380 in the future? Yeah. Well, so first, I think 00:24:31.380 --> 00:24:33.839 the reason a lot of people are talking about 00:24:33.839 --> 00:24:35.799 quantum and post -quantum cryptography today 00:24:35.799 --> 00:24:37.519 is because they're worried about it, not because 00:24:37.519 --> 00:24:40.119 they need to know about it. Like if we could 00:24:40.119 --> 00:24:41.920 do this transparently, like we talked about, 00:24:42.059 --> 00:24:43.819 the problem solved, they're not going to talk 00:24:43.819 --> 00:24:45.960 about it. When it talks about quantum computers, 00:24:46.890 --> 00:24:48.130 The only people that are going to be looking 00:24:48.130 --> 00:24:49.769 at quantum computers are the people writing quantum 00:24:49.769 --> 00:24:52.190 algorithms. If you think about a quantum computer, 00:24:52.309 --> 00:24:54.549 it's not a replacement for a classical computer. 00:24:54.750 --> 00:24:57.250 You should think of it as an accelerator. And 00:24:57.250 --> 00:25:00.089 just like very few people write CUDA kernels 00:25:00.089 --> 00:25:03.390 for GPUs, very few people are going to be writing 00:25:03.390 --> 00:25:06.609 quantum algorithms for quantum computers. And 00:25:06.609 --> 00:25:09.410 most cases, and there's very few applications, 00:25:09.829 --> 00:25:12.430 the kind of specialized ones I talked about, 00:25:12.549 --> 00:25:17.569 like chemical simulation. new molecule discovery, 00:25:17.809 --> 00:25:21.549 those kinds of applications are going to be the 00:25:21.549 --> 00:25:23.670 only ones that care about quantum accelerators. 00:25:24.049 --> 00:25:26.490 So the vast majority of people will continue 00:25:26.490 --> 00:25:28.930 about their AI related business without even 00:25:28.930 --> 00:25:32.829 thinking about quantum computing or quantum cryptography. 00:25:33.509 --> 00:25:36.069 But where it is applied, it can have a huge impact. 00:25:36.170 --> 00:25:38.210 Like we can come up with artificial fertilizer 00:25:38.210 --> 00:25:41.190 and carbon capture molecules that They allow 00:25:41.190 --> 00:25:44.529 us to reverse greenhouse gas effects in our atmosphere 00:25:44.529 --> 00:25:48.210 and come up with new chemicals that have really 00:25:48.210 --> 00:25:50.789 cool properties very efficiently. Wasn't there 00:25:50.789 --> 00:25:52.910 something just recently we did with Pacific Northwest 00:25:52.910 --> 00:25:56.250 Labs with like a lithium battery? Yeah, a new 00:25:56.250 --> 00:26:01.309 type of battery. So one of the things that we 00:26:01.309 --> 00:26:05.069 ask all of our guests is, you know, what is a... 00:26:05.359 --> 00:26:07.779 day in the life look like for Mark Krasinovich? 00:26:08.299 --> 00:26:10.460 That's, that's always sort of, you know, we ask 00:26:10.460 --> 00:26:12.220 of all of our guests, but you know, in particular, 00:26:12.400 --> 00:26:14.640 you know, everybody knows your, your sister internal 00:26:14.640 --> 00:26:17.640 history and, you know, the deputy CISO role and 00:26:17.640 --> 00:26:19.920 all the cool stuff that you do and share with 00:26:19.920 --> 00:26:22.019 Scott. But like, what's, what's, what's a day 00:26:22.019 --> 00:26:24.299 in the life look like for you? It depends on 00:26:24.299 --> 00:26:26.559 the day. It's very like every day is a new adventure. 00:26:27.279 --> 00:26:30.339 But I'd say if you'd said the average of all 00:26:30.339 --> 00:26:34.329 my days, the average of all my days is. 80 % 00:26:34.329 --> 00:26:38.750 meetings. And those meetings are divided into 00:26:38.750 --> 00:26:42.609 meetings with my team to do checkpoints and reviews 00:26:42.609 --> 00:26:45.390 on the work we're doing. Meetings that are broader, 00:26:45.509 --> 00:26:48.589 architectural, typically meetings across Azure. 00:26:48.750 --> 00:26:52.410 One -on -ones with key technical leaders across 00:26:52.410 --> 00:26:55.650 Azure and other parts of the company. Outside 00:26:55.650 --> 00:26:57.759 of the meetings, then, it's reading. Reading 00:26:57.759 --> 00:27:00.119 papers, internal papers. It's reading external 00:27:00.119 --> 00:27:02.200 papers. It's looking at what's going on with 00:27:02.200 --> 00:27:04.220 technology. And it's also playing with AI and 00:27:04.220 --> 00:27:06.960 spending a lot of time just in between meetings 00:27:06.960 --> 00:27:10.220 and in evenings and weekends researching, doing 00:27:10.220 --> 00:27:13.519 AI research and researching AI. So I want to 00:27:13.519 --> 00:27:16.259 just pull on that thread just a little bit. I'm 00:27:16.259 --> 00:27:18.799 a big fan of just constant learning. Constant 00:27:18.799 --> 00:27:21.920 learning. You can't. You've got to do it, right? 00:27:21.980 --> 00:27:24.640 You can't just ignore things. So what's your 00:27:24.640 --> 00:27:27.289 little strategies for learning things? My father 00:27:27.289 --> 00:27:29.410 actually gave me some advice when I was growing 00:27:29.410 --> 00:27:31.349 up. He's like, when you want to learn a new subject, 00:27:31.450 --> 00:27:33.690 go find the thinnest book you can on it. And 00:27:33.690 --> 00:27:36.230 I was like, that's really sunk in over time of 00:27:36.230 --> 00:27:38.009 I know what he's saying. It's basically like, 00:27:38.029 --> 00:27:40.849 go read the most high level description of the 00:27:40.849 --> 00:27:42.789 subject, because that'll give you an overview. 00:27:42.910 --> 00:27:44.950 And then you can dive in from there. I'm a huge 00:27:44.950 --> 00:27:46.950 fan of that. I actually have that concept, not 00:27:46.950 --> 00:27:48.690 the thin book. That's a new one on me. Yeah. 00:27:48.769 --> 00:27:51.769 But just the whole, get an idea of what the thing 00:27:51.769 --> 00:27:54.440 is. Because obviously, sometimes you just don't 00:27:54.440 --> 00:27:56.819 know what you don't know. Yeah. And so getting 00:27:56.819 --> 00:27:59.259 an idea of what the thing is, now you've got 00:27:59.259 --> 00:28:01.880 an idea of the things you probably should understand. 00:28:03.149 --> 00:28:06.569 and then go a bit deeper from that point forward. 00:28:06.690 --> 00:28:08.390 And in fact, if you follow your dad's wisdom, 00:28:08.450 --> 00:28:10.509 if you think about it, I've heard many, many 00:28:10.509 --> 00:28:12.750 years ago, someone say, if you are a technical 00:28:12.750 --> 00:28:16.390 person, you can't explain something simply. Richard 00:28:16.390 --> 00:28:18.390 Feynman. Was it Feynman? That's right, it was 00:28:18.390 --> 00:28:21.210 Feynman who said that. A person said that. Okay, 00:28:21.289 --> 00:28:22.910 Feynman said that. If you can't explain it simply, 00:28:23.029 --> 00:28:24.349 then you probably don't really understand the 00:28:24.349 --> 00:28:26.950 topic that well. Yeah, kind of coincidentally, 00:28:26.950 --> 00:28:28.309 since we've been talking about quantum computing, 00:28:28.450 --> 00:28:30.400 and he's the father of quantum computing. Yeah, 00:28:30.420 --> 00:28:32.799 it is kind of, yes. That's why I asked the question, 00:28:32.880 --> 00:28:36.519 Mark. You knew that. I mean, I love that, you 00:28:36.519 --> 00:28:38.059 know, read the thinnest book thing because like 00:28:38.059 --> 00:28:40.539 I used to like worry because I have a lot of 00:28:40.539 --> 00:28:42.200 books, right? And people see the bookshelf behind 00:28:42.200 --> 00:28:45.000 me oftentimes, the videos. And I sometimes only 00:28:45.000 --> 00:28:47.660 make it to chapter like two or three. And I used 00:28:47.660 --> 00:28:49.700 to feel guilty about that. Like, oh, I had to 00:28:49.700 --> 00:28:52.619 learn everything technically. But if I can get 00:28:52.619 --> 00:28:54.119 the gist of it and the idea of it in the first 00:28:54.119 --> 00:28:56.220 couple of chapters, I don't necessarily need 00:28:56.220 --> 00:29:00.250 to know. the 10 X level of detail. Yeah. Yeah. 00:29:00.329 --> 00:29:02.349 And that you can decide if you want to, because 00:29:02.349 --> 00:29:03.890 you need to, or because you're interested. So 00:29:03.890 --> 00:29:06.849 for the other thing that I do is get hands on. 00:29:06.990 --> 00:29:08.789 Like if you're, if you really want to understand 00:29:08.789 --> 00:29:11.349 something, you need to actually in, in the world 00:29:11.349 --> 00:29:13.549 of code, of course, it's like go code it or go 00:29:13.549 --> 00:29:15.829 use the product. You want to go level deeper, 00:29:16.069 --> 00:29:19.069 go right about it. So actually the windows internals 00:29:19.069 --> 00:29:22.690 books that I worked on, that was one of my favorite 00:29:22.690 --> 00:29:25.690 activities is one that has multiple benefits. 00:29:26.599 --> 00:29:31.059 And writing about something both makes you, forces 00:29:31.059 --> 00:29:32.779 you to learn and understand it to the point you 00:29:32.779 --> 00:29:35.460 can explain it like we just talked about. Also 00:29:35.460 --> 00:29:37.819 gets your name out there and helps other people 00:29:37.819 --> 00:29:39.480 understand it. I remember when I was working 00:29:39.480 --> 00:29:41.480 on designing and developing secure Azure solutions, 00:29:41.700 --> 00:29:44.220 it was when the hardware security modules like 00:29:44.220 --> 00:29:46.420 the original managed HSMs were coming on stream 00:29:46.420 --> 00:29:49.200 in Azure. The team was kind enough to give me 00:29:49.200 --> 00:29:51.880 access to one while I was writing the book. And 00:29:51.880 --> 00:29:54.000 it was interesting because I found issues in 00:29:54.000 --> 00:29:57.539 the SDK because I was, tinkering in certain areas 00:29:57.539 --> 00:29:59.559 that you might not normally tinker in don't get 00:29:59.559 --> 00:30:01.440 me wrong there weren't massive serious issues 00:30:01.440 --> 00:30:03.799 but there are many documentation problems But 00:30:03.799 --> 00:30:06.400 even so, you find issues while you're learning. 00:30:06.839 --> 00:30:10.819 And also, the managed HSM support symmetric encryption, 00:30:11.019 --> 00:30:13.599 not just asymmetric encryption. And that leads 00:30:13.599 --> 00:30:14.920 to all sorts of different things you need to 00:30:14.920 --> 00:30:17.099 think about. So yeah, I agree. Writing about 00:30:17.099 --> 00:30:19.700 something really forces you to think about what 00:30:19.700 --> 00:30:22.539 you're working on. And you learn a lot when you 00:30:22.539 --> 00:30:24.519 start writing about it. That's why I urge people, 00:30:24.660 --> 00:30:26.720 write blog posts. If you've got a topic of something, 00:30:26.880 --> 00:30:28.619 write a blog post on it. People will read it. 00:30:28.640 --> 00:30:30.039 You'll be surprised. Well, here's something I'm 00:30:30.039 --> 00:30:32.339 wondering. The problem we're going to run into 00:30:32.339 --> 00:30:34.740 now is it's so easy to have AI write your blog 00:30:34.740 --> 00:30:37.559 post for you. If you rely on AI to do the writing, 00:30:37.660 --> 00:30:39.740 you're not going to get that kind of, I need 00:30:39.740 --> 00:30:42.720 to conceptualize this thing, understand it in 00:30:42.720 --> 00:30:45.859 a way that I can express it. You short circuit 00:30:45.859 --> 00:30:48.259 that. which I think is a risk to people really 00:30:48.259 --> 00:30:51.599 learning. I'm always very careful because I have 00:30:51.599 --> 00:30:53.319 the same effect when I build a PowerPoint slide. 00:30:53.460 --> 00:30:55.420 I know people make fun of me for saying PowerPoint 00:30:55.420 --> 00:30:57.480 slides are a serious thing, but when you're actually 00:30:57.480 --> 00:30:58.940 trying to model the thing out and make something 00:30:58.940 --> 00:31:02.079 make sense, you find gaps visually too. But I'm 00:31:02.079 --> 00:31:04.940 always very careful about how I use AI because 00:31:04.940 --> 00:31:07.099 I want to tap the power of it and the knowledge. 00:31:07.720 --> 00:31:09.619 We're doing roles and responsibility for security, 00:31:09.759 --> 00:31:11.920 so tell me what a CFO does for a living, and 00:31:11.920 --> 00:31:14.519 then I'll tell you what they have to do for security 00:31:14.519 --> 00:31:16.509 to integrate it into their business. job or a 00:31:16.509 --> 00:31:20.029 COO or lawyers or whatever. And so it's great 00:31:20.029 --> 00:31:22.650 for tapping into things I don't know, but I always 00:31:22.650 --> 00:31:24.490 want to make sure that I'm doing some original 00:31:24.490 --> 00:31:26.690 thinking of my own on it, that I don't want to 00:31:26.690 --> 00:31:28.650 just take it as a final product and do a couple 00:31:28.650 --> 00:31:32.369 tweaks and minor copy edit things. I want to 00:31:32.369 --> 00:31:35.730 make sure I'm actually processing it. All right, 00:31:35.829 --> 00:31:38.369 let's start to bring this episode to an end. 00:31:38.529 --> 00:31:40.930 So another question we ask our guests, Mark, 00:31:41.069 --> 00:31:43.450 is if you had just one final thought to leave 00:31:43.450 --> 00:31:45.539 our listeners with, what would it be? Breathe. 00:31:47.799 --> 00:31:50.700 Breathe? That would be the shortest final thought 00:31:50.700 --> 00:31:52.500 ever. I can explain what I mean there. Like, 00:31:52.619 --> 00:31:55.640 it's stressful times. Stressful times in technology, 00:31:55.779 --> 00:31:59.140 stressful times in the world. And actually, one 00:31:59.140 --> 00:32:02.440 of the things that I found, I kind of discovered, 00:32:02.460 --> 00:32:05.920 was mindfulness, which is effectively learning 00:32:05.920 --> 00:32:08.740 how to breathe and focus on breathing as a way 00:32:08.740 --> 00:32:11.519 to relieve stress and kind of ground yourself. 00:32:12.000 --> 00:32:14.380 I know it's not technical, but it helps in everything 00:32:14.380 --> 00:32:16.599 you do, whether it's technical or not. So that's 00:32:16.599 --> 00:32:19.720 what I'd leave people with. If you said one thing, 00:32:19.900 --> 00:32:22.279 you didn't scope it, so that's the thing. No, 00:32:22.339 --> 00:32:25.079 and it's not scoped on purpose, right? We just 00:32:25.079 --> 00:32:27.039 want people to be really honest, and I'll be 00:32:27.039 --> 00:32:28.539 frank, we've never had anything even close to 00:32:28.539 --> 00:32:30.559 that. Everyone's given purely technical advice, 00:32:30.779 --> 00:32:32.500 so I think it's good to have something that's 00:32:32.500 --> 00:32:35.200 a bit more grounded. I think it's fantastic. 00:32:35.799 --> 00:32:37.940 All right. So let's bring this episode to an 00:32:37.940 --> 00:32:40.119 end. Again, Mark, thank you. I know you're a 00:32:40.119 --> 00:32:42.059 really, really busy guy, so I really appreciate 00:32:42.059 --> 00:32:44.039 you taking the time. And Mark does too. Thanks. 00:32:44.180 --> 00:32:47.140 Fun conversation. Fun to talk to people like 00:32:47.140 --> 00:32:50.079 yourself, you and Mark, that know that you're 00:32:50.079 --> 00:32:52.099 living what I'm talking. And so we can have a 00:32:52.099 --> 00:32:54.900 great conversation. You bet. Absolutely. That's 00:32:54.900 --> 00:32:58.000 100 % true. 100 % true. All right. So again, 00:32:58.059 --> 00:32:59.920 thank you so much for joining us. And to all 00:32:59.920 --> 00:33:01.440 our listeners out there, we hope you found this 00:33:01.440 --> 00:33:04.279 episode interesting. Stay safe and we'll see 00:33:04.279 --> 00:33:04.720 you next time.