Ian Goldberg

Last updated
Ian Avrum Goldberg
Professor Ian A. Goldberg.jpg
Born (1973-03-31) March 31, 1973 (age 50)
Alma mater
Known for Off-the-Record Messaging
Scientific career
Fields Computer Science
Institutions University of Waterloo
Thesis "A Pseudonymous Communications Infrastructure for the Internet"  (2000)
Doctoral advisor Eric Brewer
Website www.cypherpunks.ca/~iang/

Ian Avrum Goldberg (born March 31, 1973) is a cryptographer and cypherpunk. He is best known for breaking Netscape's implementation of SSL (with David Wagner), [1] and for his role as chief scientist of Radialpoint (formerly Zero Knowledge Systems), a Canadian software company. Goldberg is currently a professor at the Faculty of Mathematics of the David R. Cheriton School of Computer Science within the University of Waterloo, and the Canada Research Chair in Privacy Enhancing Technologies. [2] He was formerly Tor Project board of directors chairman, [3] and is one of the designers of off the record messaging. [4]

Contents

Education

He attended high school at the University of Toronto Schools, graduating in 1991. In 1995, he received a B.Math from the University of Waterloo in pure mathematics and computer science. He obtained a Ph.D. from the University of California, Berkeley in December 2000. His thesis was entitled A Pseudonymous Communications Infrastructure for the Internet. [5] His advisor was Eric Brewer.

Accomplishments

As a high school student, Goldberg was a member of Canada's team to the International Math Olympiad from 1989 to 1991, where he received a bronze, silver, and gold medal respectively. [6] He was also a member of University of Waterloo team that won the ACM International Collegiate Programming Contest in 1994. [7] In 1998, Wired Magazine chose him as a member of the "Wired 25". [8] In 2011 he won the EFF Pioneer Award. [9] In 2019, he won the USENIX Security Test of Time Award along with his colleagues David Wagner and Randi Thomas and former PhD supervisor Eric Brewer. [10] In 2023, he was named an ACM Fellow. [11]

Work in cryptography

In 1995, Goldberg with David Wagner discovered a flaw in the random number generator used for temporary key generation in the SSL implementation of Netscape Navigator. [1] [12]

One of the first cryptanalyses on the WEP wireless encryption protocol was conducted by Goldberg with Nikita Borisov and David Wagner, revealing serious flaws in its design. [13] [14]

Goldberg was a co-author of the Off-the-Record instant messaging encryption protocol. He is also the author of the Perl script included in the novel Cryptonomicon by Neal Stephenson. [15]

In 2009 Goldberg was co-author of the Sphinx Mix Format, [16] which is nowadays implemented with the extension of a per-hop payload to increase the privacy of both payer and payee while routing Bitcoin payments through the Lightning Network. [17]

Vitalik Buterin, co-founder of Ethereum, was a research assistant of Goldberg while a student at the University of Waterloo. [18] [19]

Goldberg is a member of the Cryptography, Security and Privacy group as well as the Cybersecurity and Privacy Institute (CPI). He has been collaborating with the CPI works on the development of a new interdisciplinary research and education program. [2]

See also

Notes and references

  1. 1 2 Ian Goldberg (1995-09-18). "Netscape SSL implementation cracked!". Newsgroup:  hks.lists.cypherpunks . Retrieved 2006-09-12.
  2. 1 2 "Privacy and cybersecurity can foster 21st Century democracy". Waterloo News. 2022-01-10. Retrieved 2022-04-19.
  3. Perlroth, Nicole (13 July 2016). "Tor Project, a Digital Privacy Group, Reboots With New Board". The New York Times. Retrieved 2016-07-13.
  4. "Tor Project Board of Directors". Tor Project. Retrieved January 26, 2015.
  5. "A Pseudonymous Communications Infrastructure for the Internet" (PDF). 30 October 2001. Archived from the original (PDF) on 30 October 2001. Retrieved 5 February 2019.
  6. "International Mathematical Olympiad: Hall of fame".
  7. "1993-94 18th Annual ACM International Collegiate Programming Contest Final Report". 2002-04-01. Archived from the original on 2011-01-02.
  8. "The Wired 25". Wired. Vol. 6, no. 11. November 1998. Retrieved 2006-10-30.
  9. "EFF Celebrates the 2011 Pioneer Award Winners". 18 November 2011. Retrieved 10 December 2011.
  10. "Ian Goldberg Colleagues Honoured Security Research Test of Time". 14 August 2019. Retrieved 2021-02-02.
  11. "Ian Goldberg". awards.acm.org. Retrieved 2024-01-26.
  12. "The Cypherpunks Who Cracked Netscape". people.eecs.berkeley.edu.
  13. Nikita Borisov; Ian Goldberg; David Wagner (2001). "Intercepting Mobile Communications: The Insecurity of 802.11" (PDF). Retrieved 2006-09-12.
  14. "(In)Security of the WEP algorithm". www.isaac.cs.berkeley.edu.
  15. Neal Stephenson (1999). Cryptonomicon . New York: Avon Books. p. Acknowledgements. ISBN   978-0-380-97346-0.
  16. "Sphinx: A Compact and Provably Secure Mix Format" (PDF). cypherpunks.ca/~iang/.
  17. "Basics Of Lightning Technology #4: Onion Routing Protocol". www.github.com/lightningnetwork/lightning-rfc. 21 July 2022.
  18. "The Uncanny Mind That Built Ethereum". Wired. 13 July 2017. Archived from the original on 2017-07-13.
  19. Hitt, Tarpley (2021-05-05). "Meet the World's Youngest Crypto Billionaire". The Daily Beast. Retrieved 2022-04-19.

Related Research Articles

<span class="mw-page-title-main">HTTPS</span> Extension of the HTTP communications protocol to support TLS encryption

Hypertext Transfer Protocol Secure (HTTPS) is an extension of the Hypertext Transfer Protocol (HTTP). It uses encryption for secure communication over a computer network, and is widely used on the Internet. In HTTPS, the communication protocol is encrypted using Transport Layer Security (TLS) or, formerly, Secure Sockets Layer (SSL). The protocol is therefore also referred to as HTTP over TLS, or HTTP over SSL.

In cryptography, RC4 is a stream cipher. While it is remarkable for its simplicity and speed in software, multiple vulnerabilities have been discovered in RC4, rendering it insecure. It is especially vulnerable when the beginning of the output keystream is not discarded, or when nonrandom or related keys are used. Particularly problematic uses of RC4 have led to very insecure protocols such as WEP.

A cypherpunk is any individual advocating widespread use of strong cryptography and privacy-enhancing technologies as a route to social and political change. Originally communicating through the Cypherpunks electronic mailing list, informal groups aimed to achieve privacy and security through proactive use of cryptography. Cypherpunks have been engaged in an active movement since at least the late 1980s.

<span class="mw-page-title-main">Len Sassaman</span> American technologist and cryptographer (1980–2011)

Leonard Harris Sassaman was an American technologist, information privacy advocate, and the maintainer of the Mixmaster anonymous remailer code and operator of the randseed remailer. Much of his career gravitated towards cryptography and protocol development.

In cryptography, an initialization vector (IV) or starting variable is an input to a cryptographic primitive being used to provide the initial state. The IV is typically required to be random or pseudorandom, but sometimes an IV only needs to be unpredictable or unique. Randomization is crucial for some encryption schemes to achieve semantic security, a property whereby repeated usage of the scheme under the same key does not allow an attacker to infer relationships between segments of the encrypted message. For block ciphers, the use of an IV is described by the modes of operation.

<span class="mw-page-title-main">David Chaum</span> American computer scientist and cryptographer

David Lee Chaum is an American computer scientist, cryptographer, and inventor. He is known as a pioneer in cryptography and privacy-preserving technologies, and widely recognized as the inventor of digital cash. His 1982 dissertation "Computer Systems Established, Maintained, and Trusted by Mutually Suspicious Groups" is the first known proposal for a blockchain protocol. Complete with the code to implement the protocol, Chaum's dissertation proposed all but one element of the blockchain later detailed in the Bitcoin whitepaper. He has been referred to as "the father of online anonymity", and "the godfather of cryptocurrency".

<span class="mw-page-title-main">David A. Wagner</span> American computer scientist

David A. Wagner is a professor of computer science at the University of California, Berkeley and a well-known researcher in cryptography and computer security. He is a member of the Election Assistance Commission's Technical Guidelines Development Committee, tasked with assisting the EAC in drafting the Voluntary Voting System Guidelines. He is also a member of the ACCURATE project.

Wired Equivalent Privacy (WEP) was a severely flawed security algorithm for 802.11 wireless networks. Introduced as part of the original IEEE 802.11 standard ratified in 1997, its intention was to provide data confidentiality comparable to that of a traditional wired network. WEP, recognizable by its key of 10 or 26 hexadecimal digits, was at one time widely used, and was often the first security choice presented to users by router configuration tools.

An anonymous P2P communication system is a peer-to-peer distributed application in which the nodes, which are used to share resources, or participants are anonymous or pseudonymous. Anonymity of participants is usually achieved by special routing overlay networks that hide the physical location of each node from other participants.

A5/2 is a stream cipher used to provide voice privacy in the GSM cellular telephone protocol. It was designed in 1992-1993 as a replacement for the relatively stronger A5/1, to allow the GSM standard to be exported to countries "with restrictions on the import of products with cryptographic security features".

The security of cryptographic systems depends on some secret data that is known to authorized persons but unknown and unpredictable to others. To achieve this unpredictability, some randomization is typically employed. Modern cryptographic protocols often require frequent generation of random quantities. Cryptographic attacks that subvert or exploit weaknesses in this process are known as random number generator attacks.

In cryptography, a related-key attack is any form of cryptanalysis where the attacker can observe the operation of a cipher under several different keys whose values are initially unknown, but where some mathematical relationship connecting the keys is known to the attacker. For example, the attacker might know that the last 80 bits of the keys are always the same, even though they don't know, at first, what the bits are.

Off-the-Record Messaging (OTR) is a cryptographic protocol that provides encryption for instant messaging conversations. OTR uses a combination of AES symmetric-key algorithm with 128 bits key length, the Diffie–Hellman key exchange with 1536 bits group size, and the SHA-1 hash function. In addition to authentication and encryption, OTR provides forward secrecy and malleable encryption.

David Ross Cheriton is a Canadian computer scientist, businessman, philanthropist, and venture capitalist. He is a computer science professor at Stanford University, where he founded and leads the Distributed Systems Group.

<span class="mw-page-title-main">Aircrack-ng</span> Software suite

Aircrack-ng is a network software suite consisting of a detector, packet sniffer, WEP and WPA/WPA2-PSK cracker and analysis tool for 802.11 wireless LANs. It works with any wireless network interface controller whose driver supports raw monitoring mode and can sniff 802.11a, 802.11b and 802.11g traffic. Packages are released for Linux and Windows.

Nikita Borisov is a cryptographer and computer security researcher, currently an associate professor at the University of Illinois at Urbana-Champaign (UIUC). His notable work includes one of the first cryptanalyses of the WEP wireless encryption protocol together with Ian Goldberg and David Wagner, and the design of the Off-the-Record Messaging protocol with Goldberg.

<span class="mw-page-title-main">Adam Back</span> British cryptographer and cypherpunk (born 1970)

Adam Back is a British cryptographer and cypherpunk. He is the CEO of Blockstream, which he co-founded in 2014. He invented Hashcash, which is used in the Bitcoin mining process.

Privacy-enhancing technologies (PET) are technologies that embody fundamental data protection principles by minimizing personal data use, maximizing data security, and empowering individuals. PETs allow online users to protect the privacy of their personally identifiable information (PII), which is often provided to and handled by services or applications. PETs use techniques to minimize an information system's possession of personal data without losing functionality. Generally speaking, PETs can be categorized as hard and soft privacy technologies.

Zero-Knowledge Systems was a Canadian privacy technology software and services company, best known for the Freedom Network, its privacy network. It was founded by brothers Austin Hill & Hamnett Hill and their father Hamnett Hill Sr. in 1997. Its headquarters were in Montreal, Quebec. Early investors and board members were Mike Santer and Alex Hern co-founder Inktomi. The company rebranded under the new name Radialpoint though was no longer a developer of privacy-enhancing technologies. . Most recently it was acquired by AppDirect and rebranded as AppHelp.

<span class="mw-page-title-main">N. Asokan</span> Professor of Computer Science at University of Waterloo

Nadarajah Asokan is a professor of computer science and the David R. Cheriton Chair in Software Systems at the University of Waterloo's David R. Cheriton School of Computer Science. He is also an adjunct professor in the Department of Computer Science at Aalto University.

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.