Peter Gutmann (computer scientist)

Last updated
Gutmann speaking at Kawaiicon in Wellington, New Zealand in 2019 Kawaiicon 2019 Peter Gutmann (2) (cropped).jpg
Gutmann speaking at Kawaiicon in Wellington, New Zealand in 2019

Peter Claus Gutmann is a computer scientist in the Department of Computer Science at the University of Auckland, Auckland, New Zealand. He has a Ph.D. in computer science from the University of Auckland. [1] His Ph.D. thesis and a book based on the thesis were about a cryptographic security architecture. [2] He is interested in computer security issues, including security architecture, security usability (or more usually the lack thereof), and hardware security; he has discovered several flaws in publicly released cryptosystems and protocols. He is the developer of the cryptlib open source software security library and contributed to PGP version 2. In 1994 he developed the Secure FileSystem (SFS). [3] He is also known for his analysis of data deletion on electronic memory media, magnetic and otherwise, and devised the Gutmann method for erasing data from a hard drive more or less securely. Having lived in New Zealand for some time, he has written on such subjects as weta (a group of insects endemic to New Zealand), and the Auckland power crisis of 1998, during which the electrical power system failed completely in the central city for five weeks, which he has blogged about. He has also written on his career as an "arms courier" for New Zealand, detailing the difficulties faced in complying with customs control regulations with respect to cryptographic products, which were once classed as "munitions" by various jurisdictions including the United States.

Contents

Criticism of Windows Vista

His white paper "Cost Analysis of Windows Vista Content Protection", in which he described the content protection specification as "the longest suicide note in history", [4] generated considerable public interest since it was first posted in 2006. He discussed this with Steve Gibson in episode #74 of the Security Now! podcast on 2007-01-11. [5]

Response to Criticism

In an article [6] written on September 1, 2007, George Ou offers a rebuttal to Gutmann's statements on Windows Vista. Peter Gutmann is quoted in reference to Windows Vista as saying, "Can others confirm this? I don't run Vista yet, but if this is true then it would seem to disconfirm Microsoft's Claims that the content protection doesn't interfere with playback and is only active when premium content is present.". This garnered criticism from audiences who didn't trust the primary use of secondhand information for detailed data, which was often found on forums. When the quality of Gutmann's research came into question, George Ou himself tested certain assertions from the white paper. He found significant differences between what was reported to be true and what was revealed to occur when performed firsthand, and failed to reproduce multiple alleged results in his own tests.

See also

Bibliography

Related Research Articles

In computing, Internet Protocol Security (IPsec) is a secure network protocol suite that authenticates and encrypts packets of data to provide secure encrypted communication between two computers over an Internet Protocol network. It is used in virtual private networks (VPNs).

Trusted Computing (TC) is a technology developed and promoted by the Trusted Computing Group. The term is taken from the field of trusted systems and has a specialized meaning that is distinct from the field of confidential computing. With Trusted Computing, the computer will consistently behave in expected ways, and those behaviors will be enforced by computer hardware and software. Enforcing this behavior is achieved by loading the hardware with a unique encryption key that is inaccessible to the rest of the system and the owner.

<span class="mw-page-title-main">Next-Generation Secure Computing Base</span> Software architecture by Microsoft

The Next-Generation Secure Computing Base is a software architecture designed by Microsoft which claimed to provide users of the Windows operating system with better privacy, security, and system integrity. NGSCB was the result of years of research and development within Microsoft to create a secure computing solution that equaled the security of closed platforms such as set-top boxes while simultaneously preserving the backward compatibility, flexibility, and openness of the Windows operating system. Microsoft's primary stated objective with NGSCB was to "protect software from software."

In cryptography, plaintext usually means unencrypted information pending input into cryptographic algorithms, usually encryption algorithms. This usually refers to data that is transmitted or stored unencrypted.

The Gutmann method is an algorithm for securely erasing the contents of computer hard disk drives, such as files. Devised by Peter Gutmann and Colin Plumb and presented in the paper Secure Deletion of Data from Magnetic and Solid-State Memory in July 1996, it involved writing a series of 35 patterns over the region to be erased.

The OpenBSD operating system focuses on security and the development of security features. According to author Michael W. Lucas, OpenBSD "is widely regarded as the most secure operating system available anywhere, under any licensing terms."

Data Protection Application Programming Interface (DPAPI) is a simple cryptographic application programming interface available as a built-in component in Windows 2000 and later versions of Microsoft Windows operating systems. In theory, the Data Protection API can enable symmetric encryption of any kind of data; in practice, its primary use in the Windows operating system is to perform symmetric encryption of asymmetric private keys, using a user or system secret as a significant contribution of entropy. A detailed analysis of DPAPI inner-workings was published in 2011 by Bursztein et al.

There are a number of security and safety features new to Windows Vista, most of which are not available in any prior Microsoft Windows operating system release.

Windows Vista, an operating system released by Microsoft for consumers on January 30, 2007, has been widely criticized by reviewers and users. Due to issues with new security features, performance, driver support and product activation, Windows Vista has been the subject of a number of negative assessments by various groups.

cryptlib is an open-source cross-platform software security toolkit library. It is distributed under the Sleepycat License, a free software license compatible with the GNU General Public License. Alternatively, cryptlib is available under a proprietary license for those preferring to use it under proprietary terms.

In cryptography, the Intel Cascaded Cipher is a high bandwidth block cipher, used as an optional component of the Output Content Protection DRM scheme of the Microsoft Windows Vista operating system. The cipher is based on Advanced Encryption Standard (AES) operating in counter mode, used for generating keys, and a 3-round version of Serpent for encrypting actual content.

The Assertion Definition Language (ADL) is a specification language providing a predicate logic based behaviour, as well as interfaces, for computer software.

<span class="mw-page-title-main">Security of Advanced Access Content System</span>

The security of Advanced Access Content System (AACS) has been a subject of discussion amongst security researchers, high definition video enthusiasts, and consumers at large since its inception. A successor to Content Scramble System (CSS), the digital rights management mechanism used by commercial DVDs, AACS was intended to improve upon the design of CSS by addressing flaws which had led to the total circumvention of CSS in 1999. The AACS system relies on a subset difference tree combined with a certificate revocation mechanism to ensure the security of high definition video content in the event of a compromise.

The various versions of Microsoft's desktop operating system, Windows, have received various criticisms since Microsoft's inception.

Data erasure is a software-based method of data sanitization that aims to completely destroy all electronic data residing on a hard disk drive or other digital media by overwriting data onto all sectors of the device in an irreversible process. By overwriting the data on the storage device, the data is rendered irrecoverable.

<span class="mw-page-title-main">Alexander Sotirov</span>

Alexander Sotirov is a computer security researcher. He has been employed by Determina and VMware. In 2012, Sotirov co-founded New York based Trail of Bits with Dino Dai Zovi and Dan Guido, where he currently serves as co-CEO.

<span class="mw-page-title-main">Hardware-based encryption</span> Use of computer hardware to assist software in the process of data encryption

Hardware-based encryption is the use of computer hardware to assist software, or sometimes replace software, in the process of data encryption. Typically, this is implemented as part of the processor's instruction set. For example, the AES encryption algorithm can be implemented using the AES instruction set on the ubiquitous x86 architecture. Such instructions also exist on the ARM architecture. However, more unusual systems exist where the cryptography module is separate from the central processor, instead being implemented as a coprocessor, in particular a secure cryptoprocessor or cryptographic accelerator, of which an example is the IBM 4758, or its successor, the IBM 4764. Hardware implementations can be faster and less prone to exploitation than traditional software implementations, and furthermore can be protected against tampering.

Secure Network Programming (SNP) is a prototype of the first Secure Sockets Layer, designed and built in 1993 by the Networking Research Laboratory at the University of Texas at Austin, led by Simon S. Lam. This work was published in the 1994 USENIX Summer Technical Conference. For this project, the authors won the 2004 ACM Software System Award.

In computing, defense strategy is a concept and practice used by computer designers, users, and IT personnel to reduce computer security risks.

Peter John Bartlett was a New Zealand architect and professor of architectural design.

References

  1. Gutmann, Peter (2000). The Design and Verification of a Cryptographic Security Architecture (Doctoral thesis). ResearchSpace@Auckland, University of Auckland. hdl:2292/2310.
  2. Gutmann, Peter (2000), The Design and Verification of a Cryptographic Security Architecture, ResearchSpace@Auckland, hdl:2292/2310, Wikidata   Q111963905
  3. Brown, Ralf D., ed. (2000-07-17). "INTERRUP.1ST". Ralf Brown's Interrupt List (61 ed.). Archived from the original on 2017-08-23. Retrieved 2017-08-23. (NB. See file INTERRUP.1ST.)
  4. Gutmann, Peter (December 26, 2006). "A Cost Analysis of Windows Vista Content Protection". School of Computer Science. Faculty of Science . University of Auckland . Retrieved 2019-08-12.
  5. Gibson, Steve (January 11, 2007). "Peter Gutmann on Vista Content Protection". Security Now . Episode 74. TWiT.tv. GRC Security Now! Transcript . Retrieved 2019-08-12.
  6. https://www.zdnet.com/article/gutmann-vista-drm-paper-uses-shoddy-web-forums-as-source/

Further reading

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.