Ian Goldberg

Last updated
Ian Avrum Goldberg
Professor Ian A. Goldberg.jpg
Born (1973-03-31) March 31, 1973 (age 51)
Alma mater
Known for Off-the-Record Messaging
Scientific career
Fields Computer Science
Institutions University of Waterloo
Thesis "A Pseudonymous Communications Infrastructure for the Internet"  (2000)
Doctoral advisor Eric Brewer
Website www.cypherpunks.ca/~iang/

Ian Avrum Goldberg (born March 31, 1973) is a cryptographer and cypherpunk. He is best known for breaking Netscape's implementation of SSL (with David Wagner), [1] and for his role as chief scientist of Radialpoint (formerly Zero Knowledge Systems), a Canadian software company. Goldberg is currently a professor at the Faculty of Mathematics of the David R. Cheriton School of Computer Science within the University of Waterloo, and the Canada Research Chair in Privacy Enhancing Technologies. [2] He was formerly Tor Project board of directors chairman, [3] and is one of the designers of off the record messaging. [4]

Contents

Education

Goldberg attended high school at the University of Toronto Schools, graduating in 1991. In 1995, he received a B.Math from the University of Waterloo in pure mathematics and computer science. He obtained a Ph.D. from the University of California, Berkeley in December 2000. His thesis was entitled A Pseudonymous Communications Infrastructure for the Internet. [5] His advisor was Eric Brewer.

Accomplishments

As a high school student, Goldberg was a member of Canada's team to the International Math Olympiad from 1989 to 1991, where he received a bronze, silver, and gold medal respectively. [6] He was also a member of University of Waterloo team that won the ACM International Collegiate Programming Contest in 1994. [7] In 1998, Wired Magazine chose him as a member of the "Wired 25". [8] In 2011 he won the EFF Pioneer Award. [9] In 2019, he won the USENIX Security Test of Time Award along with his colleagues David Wagner and Randi Thomas and former PhD supervisor Eric Brewer. [10] In 2023, he was named an ACM Fellow. [11]

Work in cryptography

In 1995, Goldberg with David Wagner discovered a flaw in the random number generator used for temporary key generation in the SSL implementation of Netscape Navigator. [1] [12]

One of the first cryptanalyses on the WEP wireless encryption protocol was conducted by Goldberg with Nikita Borisov and David Wagner, revealing serious flaws in its design. [13] [14]

Goldberg was a co-author of the Off-the-Record instant messaging encryption protocol. He is also the author of the Perl script included in the novel Cryptonomicon by Neal Stephenson. [15]

In 2009 Goldberg was co-author of the Sphinx Mix Format, [16] which is nowadays implemented with the extension of a per-hop payload to increase the privacy of both payer and payee while routing Bitcoin payments through the Lightning Network. [17]

Vitalik Buterin, co-founder of Ethereum, was a research assistant of Goldberg while a student at the University of Waterloo. [18] [19]

Goldberg is a member of the Cryptography, Security and Privacy group as well as the Cybersecurity and Privacy Institute (CPI). He has been collaborating with the CPI works on the development of a new interdisciplinary research and education program. [2]

See also

Notes and references

  1. 1 2 Ian Goldberg (1995-09-18). "Netscape SSL implementation cracked!". Newsgroup:  hks.lists.cypherpunks . Retrieved 2006-09-12.
  2. 1 2 "Privacy and cybersecurity can foster 21st Century democracy". Waterloo News. 2022-01-10. Retrieved 2022-04-19.
  3. Perlroth, Nicole (13 July 2016). "Tor Project, a Digital Privacy Group, Reboots With New Board". The New York Times. Retrieved 2016-07-13.
  4. "Tor Project Board of Directors". Tor Project. Retrieved January 26, 2015.
  5. "A Pseudonymous Communications Infrastructure for the Internet" (PDF). 30 October 2001. Archived from the original (PDF) on 30 October 2001. Retrieved 5 February 2019.
  6. "International Mathematical Olympiad: Hall of fame".
  7. "1993-94 18th Annual ACM International Collegiate Programming Contest Final Report". 2002-04-01. Archived from the original on 2011-01-02.
  8. "The Wired 25". Wired. Vol. 6, no. 11. November 1998. Retrieved 2006-10-30.
  9. "EFF Celebrates the 2011 Pioneer Award Winners". 18 November 2011. Retrieved 10 December 2011.
  10. "Ian Goldberg Colleagues Honoured Security Research Test of Time". 14 August 2019. Retrieved 2021-02-02.
  11. "Ian Goldberg". awards.acm.org. Retrieved 2024-01-26.
  12. "The Cypherpunks Who Cracked Netscape". people.eecs.berkeley.edu.
  13. Nikita Borisov; Ian Goldberg; David Wagner (2001). "Intercepting Mobile Communications: The Insecurity of 802.11" (PDF). Retrieved 2006-09-12.
  14. "(In)Security of the WEP algorithm". www.isaac.cs.berkeley.edu.
  15. Neal Stephenson (1999). Cryptonomicon . New York: Avon Books. p. Acknowledgements. ISBN   978-0-380-97346-0.
  16. "Sphinx: A Compact and Provably Secure Mix Format" (PDF). cypherpunks.ca/~iang/.
  17. "Basics Of Lightning Technology #4: Onion Routing Protocol". www.github.com/lightningnetwork/lightning-rfc. 21 July 2022.
  18. "The Uncanny Mind That Built Ethereum". Wired. 13 July 2017. Archived from the original on 2017-07-13.
  19. Hitt, Tarpley (2021-05-05). "Meet the World's Youngest Crypto Billionaire". The Daily Beast. Retrieved 2022-04-19.

Related Research Articles

<span class="mw-page-title-main">HTTPS</span> Extension of the HTTP communications protocol to support TLS encryption

Hypertext Transfer Protocol Secure (HTTPS) is an extension of the Hypertext Transfer Protocol (HTTP). It uses encryption for secure communication over a computer network, and is widely used on the Internet. In HTTPS, the communication protocol is encrypted using Transport Layer Security (TLS) or, formerly, Secure Sockets Layer (SSL). The protocol is therefore also referred to as HTTP over TLS, or HTTP over SSL.

In cryptography, RC4 is a stream cipher. While it is remarkable for its simplicity and speed in software, multiple vulnerabilities have been discovered in RC4, rendering it insecure. It is especially vulnerable when the beginning of the output keystream is not discarded, or when nonrandom or related keys are used. Particularly problematic uses of RC4 have led to very insecure protocols such as WEP.

A cypherpunk is any individual advocating widespread use of strong cryptography and privacy-enhancing technologies as a route to social and political change. Originally communicating through the Cypherpunks electronic mailing list, informal groups aimed to achieve privacy and security through proactive use of cryptography. Cypherpunks have been engaged in an active movement since at least the late 1980s and early 1990s.

<span class="mw-page-title-main">David Chaum</span> American computer scientist and cryptographer (born 1955)

David Lee Chaum is an American computer scientist, cryptographer, and inventor. He is known as a pioneer in cryptography and privacy-preserving technologies, and widely recognized as the inventor of digital cash. His 1982 dissertation "Computer Systems Established, Maintained, and Trusted by Mutually Suspicious Groups" is the first known proposal for a blockchain protocol. Complete with the code to implement the protocol, Chaum's dissertation proposed all but one element of the blockchain later detailed in the Bitcoin whitepaper. He has been referred to as "the father of online anonymity", and "the godfather of cryptocurrency".

<span class="mw-page-title-main">David A. Wagner</span> American computer scientist (born 1974)

David A. Wagner is a professor of computer science at the University of California, Berkeley and a well-known researcher in cryptography and computer security. He is a member of the Election Assistance Commission's Technical Guidelines Development Committee, tasked with assisting the EAC in drafting the Voluntary Voting System Guidelines. He was also a member of the ACCURATE project.

Wired Equivalent Privacy (WEP) is an obsolete, severely flawed security algorithm for 802.11 wireless networks. Introduced as part of the original IEEE 802.11 standard ratified in 1997, its intention was to provide data confidentiality comparable to that of a traditional wired network. WEP, recognizable by its key of 10 or 26 hexadecimal digits, was at one time widely used, and was often the first security choice presented to users by router configuration tools.

The V operating system is a discontinued microkernel distributed operating system that was developed by faculty and students in the Distributed Systems Group at Stanford University from 1981 to 1988, led by Professors David Cheriton and Keith A. Lantz. V was the successor to the Thoth operating system and Verex kernel that Cheriton had developed in the 1970s. Despite similar names and close development dates, it is unrelated to UNIX System V.

A5/2 is a stream cipher used to provide voice privacy in the GSM cellular telephone protocol. It was designed in 1992-1993 as a replacement for the relatively stronger A5/1, to allow the GSM standard to be exported to countries "with restrictions on the import of products with cryptographic security features".

The security of cryptographic systems depends on some secret data that is known to authorized persons but unknown and unpredictable to others. To achieve this unpredictability, some randomization is typically employed. Modern cryptographic protocols often require frequent generation of random quantities. Cryptographic attacks that subvert or exploit weaknesses in this process are known as random number generator attacks.

Off-the-record Messaging (OTR) is a cryptographic protocol that provides encryption for instant messaging conversations. OTR uses a combination of AES symmetric-key algorithm with 128 bits key length, the Diffie–Hellman key exchange with 1536 bits group size, and the SHA-1 hash function. In addition to authentication and encryption, OTR provides forward secrecy and malleable encryption.

<span class="mw-page-title-main">Srinivasan Keshav</span> Canadian computer scientist

Srinivasan Keshav is a Computer Scientist who is currently the Robert Sansom Professor of Computer Science at the University of Cambridge.

David Ross Cheriton is a Canadian computer scientist, businessman, philanthropist, and venture capitalist. He is a computer science professor at Stanford University, where he founded and leads the Distributed Systems Group.

<span class="mw-page-title-main">Aircrack-ng</span> Software suite

Aircrack-ng is a network software suite consisting of a detector, packet sniffer, WEP and WPA/WPA2-PSK cracker and analysis tool for 802.11 wireless LANs. It works with any wireless network interface controller whose driver supports raw monitoring mode and can sniff 802.11a, 802.11b and 802.11g traffic. Packages are released for Linux and Windows.

A Sybil attack is a type of attack on a computer network service in which an attacker subverts the service's reputation system by creating a large number of pseudonymous identities and uses them to gain a disproportionately large influence. It is named after the subject of the book Sybil, a case study of a woman diagnosed with dissociative identity disorder. The name was suggested in or before 2002 by Brian Zill at Microsoft Research. The term pseudospoofing had previously been coined by L. Detweiler on the Cypherpunks mailing list and used in the literature on peer-to-peer systems for the same class of attacks prior to 2002, but this term did not gain as much influence as "Sybil attack".

Nikita Borisov is a cryptographer and computer security researcher, currently an associate professor at the University of Illinois at Urbana-Champaign (UIUC). His notable work includes one of the first cryptanalyses of the WEP wireless encryption protocol together with Ian Goldberg and David Wagner, and the design of the Off-the-Record Messaging protocol with Goldberg.

Zero-Knowledge Systems was a Canadian privacy technology software and services company, best known for the Freedom Network, its privacy network. It was founded by brothers Austin Hill & Hamnett Hill and their father Hamnett Hill Sr. in 1997. Its headquarters were in Montreal, Quebec. Early investors and board members were Mike Santer and Alex Hern co-founder Inktomi. The company rebranded under the new name Radialpoint though was no longer a developer of privacy-enhancing technologies. Most recently, it was acquired by AppDirect and rebranded as AppHelp.

Sylvia Ratnasamy is a Belgian–Indian computer scientist. She is best known as one of the inventors of the distributed hash table (DHT). Her doctoral dissertation proposed the content-addressable networks, one of the original DHTs, and she received the ACM Grace Murray Hopper Award in 2014 for this work. She is currently a professor at the University of California, Berkeley.

<span class="mw-page-title-main">Ihab Ilyas</span> Canadian-Egyptian computer scientist (born 1973)

Ihab Francis Ilyas is a computer scientist who works in data science. He is currently a professor of computer science in the David R. Cheriton School of Computer Science at the University of Waterloo. He also led the Knowledge Platform team at Apple Inc. Ihab is the holder of the Thomson Reuters-NSERC Industrial Research Chair in Data Cleaning at the University of Waterloo.

<span class="mw-page-title-main">N. Asokan</span> Professor of Computer Science at University of Waterloo

Nadarajah Asokan is a professor of computer science and the David R. Cheriton Chair in Software Systems at the University of Waterloo's David R. Cheriton School of Computer Science. He is also an adjunct professor in the Department of Computer Science at Aalto University.

Thoth is a real-time, message passing operating system (OS) developed at the University of Waterloo in Waterloo, Ontario Canada.

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.