Appendix C
Organisations and People in Cryptography
C.1 Organisations in Cryptography and Security
C.1.1 National Institute of Standards and Technology
National Institute of Standards and Technology (NIST) https://www.nist.gov/
C.1.2 International Association for Cryptologic Research
International Association for Cryptologic Research (IACR) https://www.iacr.org/
C.1.3 Australian Signals Directorate
Australian Signals Directorate (ASD) https://www.asd.gov.au/
C.1.4 National Security Agency
National Security Agency (NSA) https://www.nsa.gov/
C.1.5 Government Communications Headquarters
Government Communications Headquarters (GCHQ) https://www.gchq.gov.uk/
C.1.6 Institute of Electrical and Electronics Engineers
Institute of Electrical and Electronic Engineers (IEEE) https://www.ieee.org/
C.1.7 Internet Engineering Task Force
Internet Engineering Task Force (IETF) https://www.ietf.org/
C.2 People in Cryptography and Security
This section lists a selection of people that have made important and/or interesting contributions to security and cryptography. The list does not attempt to be definitive, and some key people are omitted. The biographies are brief, with information mainly taken from Wikipedia. Again, the biographies doe not attempt to cover all aspects of the person’s life, but rather to trigger your interest to explore the backgrounds of these and other people further.
C.2.1 Diffie, Hellman and Merkle
While studying his Bachelor degree in computer science in 1974, Ralph Merkle developed a set of puzzles that allowed two users to agree upon a shared secret key by exchanging messages over an unsecure channel, even if they have no common secrets known beforehand. This was unique as up until then, as it was normally assumed users must manually exchange a secret before than can send messages. Ralph continued his studies in a PhD with Martin Hellman as his adviser.
In 1976 Whitfield Diffie and Martin Hellman used Merkle’s scheme as motivation for their own, improving the security by basing the problem of the attacker on solving discrete logarithms (Merkle’s puzzles only involved quadratic complexity problems, much easier than discrete logarithms). Their scheme, called Diffie-Hellman key exchange, was the first secure example of public key cryptography. It is still in use today, in particular in TLS (e.g. when you SSH into another computer).
In the 1990’s it was announced that Clifford Cocks and others at GCHQ had designed similar public key cryptography concepts earlier than Merkle, Diffie and Hellman.
C.2.2 Rivest, Shamir and Adleman
At MIT in the 1970’s, Rivest, Shamir and Adleman created the RSA algorithm for public key cryptography. The algorithm defines how a user creates a public-private key pair, and can then encrypt a message using one of the keys such that it can only be successfully be decrypted by the other key of the pair. The strength of RSA is based on the difficult to factor large numbers into their prime factors.
Although their were other public key algorithms developed, before RSA symmetric key encryption was primarily used in practice. With RSA patented, Rivest, Shamir and Adleman co-founded RSA Security to commercialise the use of the algorithm. In 2006 it was acquired by EMC for $US2 billion. RSA is mainly used for digital signatures and authentication tokens. Verisign was formed as a spin-off company from RSA Security that used the algorithm to sign digital certificates.
Rivest, Shamir and Adleman continue their cryptography research. Rivest developed ciphers RC2, RC4, RC5 and RC6 and hash functions MD2, MD4, MD5 and MD6; Shamir discovered differential crytpanalysis; Adleman is a leader of DNA computing and coined the term ’computer virus’.
C.2.3 Alan Turing
In 1934 Alan Turing obtained a Bachelor degree in Mathematics at King’s College, Cambridge. He continued there as a researcher and in 1936 published his famous paper that: presented a Turing machine; provided that the halting problem is undecidable; and therefore proved that there is no solution for the Entscheidungsproblem (“decision problem”).
Turing then worked at Princeton, obtaining his PhD in 1938, which introduced ordinal logic and the computing oracle, which has been highly influential in computational complexity theory.
In 1938 Turing returned to the England, and during World War II worked for the British code breaking organisation (which is now GCHQ) in Bletchley Park. He made major contributions to breaking the Enigma cryptosystem used by Germans, as well as developing a secure voice scrambler and using statistical techniques to break codes. In 1948 Turing lead the development of one of the first computers. As a contribution to artificial intelligence, he also developed the Turing test, a way to determine if a machine is “intelligent”. He also developed LU decomposition, a method used to solve matrix equations.
Turing was convicted and chemically castrated for being homosexual in 1952. He committed suicide in 1954.
C.2.4 Claude Shannon
After obtaining bachelor degrees in electrical engineering and mathematics at the University of Michigan, Claude Shannon studied a Masters at MIT where he applied Boolean algebra to design telephone circuit switches. The ideas presented in his thesis had a significant impact on the design of digital circuits used in computers today. In 1940 Shannon completed his PhD at MIT, applying similar techniques to genetics.
During World War II Shannon worked at Bell Labs and started developing ideas which would become key contributions to communications theory and cryptography. In particular, he investigated the theoretical limits of storing and communication data; this is now known as the field of information theory. Shannon and others developed theorems for the maximum amount of data that can be communicated over a bandwidth limited channel in the presence of noise (Shannon capacity), the average amount of information contained in a message (Shannon entropy), and the rate at which analog signals should be sampled to create accurate digital signals (Nyquist-Shannon sampling theorem). He also proved the one-time pad is unbreakable, that other unbreakable ciphers must have the same characteristics as the OTP, and defined diffusion and confusion to be used to secure practical ciphers.
Shannon and others used principles of information theory to make substantial winnings in Las Vegas casinos and on the stock market.
C.2.5 Hedy Lamarr
In the early 1930’s Hedy Lamarr acted in several movies in Europe, before moving the Hollywood in 1938. She had a leading role in multiple top movies in the 1940’s, alongside the most popular actors of the time.
While acting during World War II, Lamar was inspired to contribute to the war effort and worked with George Antheil on inventions. They focussed on remote control torpedoes, in particular how to design communications between a ship and torpedo so that the signal could not jammed. They developed a method of rapidly switching or “hopping” between different frequencies (initially 88 frequencies, matching the number of keys on the piano of Antheil). An attacker would need to transmit on all frequencies to jam the signal, which would require too much power, making the attack impractical. Lamarr and Antheil were granted a US patent in 1942.
Although Lamarr did not commercialise the technique, it started to be used by the US military in the 1960’s, and more widely in the 1990’s. The concept of frequency hopping serves as the basis of spread spectrum communications used today. It is used in Bluetooth, WiFi and CDMA mobile phones.
Lamarr continued acting, gaining a star on the Hollywood Walk of Fame, as well as being inducted into the Inventors Hall of Fame.
C.2.6 Phil Zimmermann
In 1991 Phil Zimmermann wrote Pretty Good Privacy (PGP), which used public key cryptography for email encryption. PGP encrypts the email message with a symmetric key cipher using a random key, and then encrypts that random key with a public key cipher, such as RSA. The sender uses the receives public key to encrypt the random key. For PGP to be useful, people must have potential destinations public keys. Zimmermann used the web of trust to ensure public keys were valid: the more people that you trust that trust a public key, the more you trust that public key.
At the time, exporting cryptography software from the US was illegal, and Zimmermann was investigated for 3 years. He even published the entire source code in a book; the US government were unlikely to stop the exportation of a book that could be legally purchased.
Zimmermann continues activities in security and privacy, developing ZRTP for encrypted real-time VOIP calls, and founding Silent Circle which offers secure text, email and phones.
C.2.7 Other People
- Bruce Schneier
- Ross Anderson
- Daniel J. Bernstein
- Dan Boneh
- Joan Daemen