Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
The Internet Cloud

Crypto Gurus Diffie, Hellman Win 2015 Turing Award (networkworld.com) 55

alphadogg writes: Whitfield Diffie and Martin Hellman, whose names have been linked since their seminal paper introduced the concepts of public key encryption and digital signatures some 40 years ago, have been named winners of the $1M A.M. Turing Award for 2015 (a.k.a., the 'Nobel Prize of Computing'). The work of Diffie, formerly chief security officer of Sun Microsystems, and Hellman, professor emeritus of electrical engineering at Stanford University, has had a huge impact on the secure exchange of information across the Internet, the cloud and email.
This discussion has been archived. No new comments can be posted.

Crypto Gurus Diffie, Hellman Win 2015 Turing Award

Comments Filter:
  • by Anonymous Coward

    Congrats!! Well deserved. And thanks for all the fish.

    • In 2002, Hellman suggested the algorithm be called Diffie-Hellman-Merkle key exchange in recognition of Ralph Merkle's contribution to the invention of public-key cryptography (Hellman, 2002), writing:

      The system...has since become known as Diffie-Hellman key exchange. While that system was first described in a paper by Diffie and me, it is a public key distribution system, a concept developed by Merkle, and hence should be called 'Diffie-Hellman-Merkle key exchange' if names are to be associated with it. I

  • So when will the FBI arrest them? After all, if you have nothing to hide from the government, then you don't need encryption. Wanting encryption proves you MUST be a criminal. Creating encryption makes you the accomplice.

    Even worse, if you want encryption you must be a future criminal planning how to hide the evidence!

    Actually, you better wave bye-bye to what little privacy is left. Even the multi-millionaires and billionaires can't buy privacy now. Ask Mitt Romney, eh?

    (Maybe I spoke too soon? I really wish

  • by jonwil ( 467024 ) on Tuesday March 01, 2016 @04:27PM (#51617849)

    Probably the greatest claim to fame for Diffie and Hellman would be the paper "New Directions in Cryptography" which described Diffie-Hellman key exchange and is one of the first public descriptions of strong (or strong for its day) cryptography. (back then most cryptography was controlled by governments, militaries and intelligence agencies).

    I cant find a cite but I could swear the government tried to censor Diffie and Hellman and prevent them from publishing their work (or maybe I am thinking of some other cryptographic paper or presentation from that era)

    • by mikael ( 484 ) on Tuesday March 01, 2016 @04:38PM (#51617913)

      That was GCHQ with their implementation:

      http://www.ics.uci.edu/~ics54/... [uci.edu]

      • Diffie testified in the NewEgg patent troll case [arstechnica.com] and was grilled pretty hard by the attorney, specifically about the work and role of Ellis/GCHQ. He has never tried to deny them credit for their work, but in most practical senses, they didn't invent it.

        "Dr. Diffie, you were not the first to invent public key cryptography, were you?"

        "I believe that I may have been," said Diffie, speaking cautiously. "But perhaps you could be more specific?"

        "In fact, a gentleman named James Ellis in England invented it before you, right?"

        Diffie sighed. He seemed, suddenly, almost tired. He had heard this one before. "I spent a lot of time talking to James Ellis, and I can't figure it out," he said. "James Ellis did very fine work."

        [...]

        "So, in fact, according to the IEEE, someone else invented public key cryptography before you, correct?"

        "I disagree," said Diffie. "Ellis' paper is in no sense enabling. [His partner] Malcolm Williamson's paper enables Diffie-Hellman, and it was an internal secret note written two months after I presented that at the largest computer conference in the world."

        [...]

        "The alleged prior inventors not only kept it secret but did very little with it," said Diffie. "In James Ellis' words to me: 'You did a lot more with it than we did.'"

        [...]

        "The short answer would be that James Ellis' work in 1969 and 1970 certainly does not teach the methods. Personally, I find that paper incomprehensible. I'm not clear how anybody became convinced of anything from it."

    • by sconeu ( 64226 ) on Tuesday March 01, 2016 @05:09PM (#51618103) Homepage Journal

      I attended Hellman's talk in 2014 at "Pohlfest" (celebrating Ira Pohl on his retirement). Hellman flat out said that a Three Letter Agency tried to censor him.

    • I believe that you're thinking of the DES controversy.
    • by AHuxley ( 892839 )
      jonwil the "Charles Babbage Institute Center for the History of Information Technology University of Minnesota" Martin Hellman Interview 22 November 2004 might have some info.
      pdf at: https://conservancy.umn.edu/bi... [umn.edu]
      ".... involvement with and the broader context of the debate about the federal government’s cryptography policy—regarding to the National Security Agency’s (NSA) early efforts to contain and discourage academic work in the field"
  • It is about time. (Score:5, Informative)

    by JoshuaZ ( 1134087 ) on Tuesday March 01, 2016 @04:34PM (#51617891) Homepage

    It is about time. The primary Diffie-Hellman key exchange https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange [wikipedia.org] is one of the most basic cryptographic algorithms out there and is still used practically today. The simplest version of it is simple enough that you can explain it to a bright 8th grader. Variants of it, including both the original version and others such as those using elliptic curves are mainstays of practical crypto today.

    Moreover, DH key exchange along with RSA started modern crypto in a fundamental way. Prior to that work, the idea was to have the key be completely secret and maximize the fundamental entropy of the encrypted messages, leading to the ultimate logical conclusion of the one-time pad. RSA and DH both showed that instead of relying on high entropy, one can rely on the computational difficulty of actually understanding the order that really is in the encrypted message.

    The upshot of DH key exchange is that two people (or computers) have a conversation and at the end of it they will have a shared secret, but no one who is listening even if they hear the entire conversation will have any hope of finding out the shared secret unless they have far more computational power. This is a wildly counterintuitive claim once you hear it, and that lasts for about ten minutes (about as long as it takes to explain their algorithm). It is true that DH iand RSA are both only conjecturally secure, since the difficulty of discrete log and factoring would imply that P != NP (and in fact appear to be much stronger claims), and there are some serious thinkers who have expressed skepticism that such systems really are theoretically secure. (See for example Henry Cohn's short essay here http://research.microsoft.com/en-us/um/people/cohn/Thoughts/factoring.html [microsoft.com] which focuses on factoring but most of it applies just as well to discrete log). And we know that if we can ever get practical quantum computers working then DH will be breakable, but the overall impact of this work is absolutely undeniable.

    • Agreed, awarding this to them was way overdue. I think Linus Torvalds and John Carmack should get it eventually as well.

  • One of the questions from the audience still strikes me 10 years later. Someone asked how he felt about his Cryptography being used by bad people to do bad things. His reply is he didn't think anything of it. He provides a tool - what people do with the tool is on them, not himself. This was a very interesting response - why do we blame scientists for their inventions rather than the criminals for their behavior
  • by wonkey_monkey ( 2592601 ) on Tuesday March 01, 2016 @04:51PM (#51617981) Homepage

    Crypto Gurus Diffie, Hellman Win 2015 Turing Award

    What is the big problem with using the word "and" in a headline? It's the internet. You're not paying per byte and you don't have a fixed width to squeeze your headline into.

    Throw off the shackles of your printed media forebears!

    • I am reading Slashdot on a smartwatch, you insensitive clod!

    • Fighting the irrationalities of written English style is an admirable pursuit, but I must warn you that those windmills can take a ridiculous amount of punishment without toppling.

    • by Harik ( 4023 )

      Headline. On physical newspaper, or in the sidebar with related links. Extremely limited in terms of space, so it's an art form to eliminate extraneous words.

      God knows writers are happy to more than make up for it in the articles themselves.

  • Public-key cryptography is the source of locked-down computers. It's clear that the entire industry is headed toward locking down computers to run only software signed by the conglomerates. Just look at the major operating systems other than non-proprietary Linux. Linux itself is going to face hard times as the hardware that can run it dwindles to the point that only small devices can use it, or devices made (and locked down) by a large corporation.

    I truly hope that either quantum computers come along to

    • by dargaud ( 518470 )

      I truly hope that either quantum computers come along to ruin public-key cryptography

      Then you'll love Travelling Salesman [imdb.com].

    • I don't like locked-down computers any more than you do. I hate ransomware even more; it's the single most despicable use of public key cryptography there is. But consider that without public key cryptography Apple wouldn't even be in a position to stop the FBI from hacking the iPhone. Individuals wouldn't even have the option to secure their personal communications, at least not in practice. (Yes, I know all about one-time pads. That's why I said "in practice"). Nor would we have the Internet, or at leas
      • The feds are only thwarted by public-key crypto in Apple's case because their hardware on the 5C trusts the software too much. If Apple had designed their hardware crypto correctly in the first place, the software wouldn't matter. The actual device encryption is 100% symmetric-key (and the key derivation probably involves hash functions, which are another beast entirely). However, the lockout / device wipe is in software, and it's that software the feds want to replace. Code signing (public key) stops them

    • Not only locked down computers: locked-down Internet. Eventually it will be that you need an "approved and signed" Internet connection device in order to use the Internet. It is only a matter of time and will be done to catch terrorists and protect the children, or vice versa.
  • by Phil Karn ( 14620 ) <karn@@@ka9q...net> on Tuesday March 01, 2016 @05:15PM (#51618135) Homepage
    I really can't think of more deserving recipients. I've never met Hellman, but I've met Diffie a few times, including when we testified to the Senate Commerce Committee during the 1990s Crypto Wars. He's a national asset whenever the NSA and FBI get a little too far out of line. Which is most of the time.

Some people manage by the book, even though they don't know who wrote the book or even what book.

Working...