Ian Avrum Goldberg | |
---|---|
Born | March 31, 1973 |
Alma mater |
|
Known for | Off-the-Record Messaging |
Scientific career | |
Fields | Computer Science |
Institutions | University of Waterloo |
Thesis | "A Pseudonymous Communications Infrastructure for the Internet" (2000) |
Doctoral advisor | Eric Brewer |
Website | www |
Ian Avrum Goldberg (born March 31, 1973) is a cryptographer and cypherpunk. He is best known for breaking Netscape's implementation of SSL (with David Wagner), [1] and for his role as chief scientist of Radialpoint (formerly Zero Knowledge Systems), a Canadian software company. Goldberg is currently a professor at the Faculty of Mathematics of the David R. Cheriton School of Computer Science within the University of Waterloo, and the Canada Research Chair in Privacy Enhancing Technologies. [2] He was formerly Tor Project board of directors chairman, [3] and is one of the designers of off the record messaging. [4]
He attended high school at the University of Toronto Schools, graduating in 1991. In 1995, he received a B.Math from the University of Waterloo in pure mathematics and computer science. He obtained a Ph.D. from the University of California, Berkeley in December 2000. His thesis was entitled A Pseudonymous Communications Infrastructure for the Internet. [5] His advisor was Eric Brewer.
As a high school student, Goldberg was a member of Canada's team to the International Math Olympiad from 1989 to 1991, where he received a bronze, silver, and gold medal respectively. [6] He was also a member of University of Waterloo team that won the ACM International Collegiate Programming Contest in 1994. [7] In 1998, Wired Magazine chose him as a member of the "Wired 25". [8] In 2011 he won the EFF Pioneer Award. [9] In 2019, he won the USENIX Security Test of Time Award along with his colleagues David Wagner and Randi Thomas and former PhD supervisor Eric Brewer. [10] In 2023, he was named an ACM Fellow. [11]
In 1995, Goldberg with David Wagner discovered a flaw in the random number generator used for temporary key generation in the SSL implementation of Netscape Navigator. [1] [12]
One of the first cryptanalyses on the WEP wireless encryption protocol was conducted by Goldberg with Nikita Borisov and David Wagner, revealing serious flaws in its design. [13] [14]
Goldberg was a co-author of the Off-the-Record instant messaging encryption protocol. He is also the author of the Perl script included in the novel Cryptonomicon by Neal Stephenson. [15]
In 2009 Goldberg was co-author of the Sphinx Mix Format, [16] which is nowadays implemented with the extension of a per-hop payload to increase the privacy of both payer and payee while routing Bitcoin payments through the Lightning Network. [17]
Vitalik Buterin, co-founder of Ethereum, was a research assistant of Goldberg while a student at the University of Waterloo. [18] [19]
Goldberg is a member of the Cryptography, Security and Privacy group as well as the Cybersecurity and Privacy Institute (CPI). He has been collaborating with the CPI works on the development of a new interdisciplinary research and education program. [2]
Hypertext Transfer Protocol Secure (HTTPS) is an extension of the Hypertext Transfer Protocol (HTTP). It uses encryption for secure communication over a computer network, and is widely used on the Internet. In HTTPS, the communication protocol is encrypted using Transport Layer Security (TLS) or, formerly, Secure Sockets Layer (SSL). The protocol is therefore also referred to as HTTP over TLS, or HTTP over SSL.
In cryptography, RC4 is a stream cipher. While it is remarkable for its simplicity and speed in software, multiple vulnerabilities have been discovered in RC4, rendering it insecure. It is especially vulnerable when the beginning of the output keystream is not discarded, or when nonrandom or related keys are used. Particularly problematic uses of RC4 have led to very insecure protocols such as WEP.
A cypherpunk is any individual advocating widespread use of strong cryptography and privacy-enhancing technologies as a route to social and political change. Originally communicating through the Cypherpunks electronic mailing list, informal groups aimed to achieve privacy and security through proactive use of cryptography. Cypherpunks have been engaged in an active movement since at least the late 1980s.
Leonard Harris Sassaman was an American technologist, information privacy advocate, and the maintainer of the Mixmaster anonymous remailer code and operator of the randseed remailer. Much of his career gravitated towards cryptography and protocol development.
In cryptography, an initialization vector (IV) or starting variable is an input to a cryptographic primitive being used to provide the initial state. The IV is typically required to be random or pseudorandom, but sometimes an IV only needs to be unpredictable or unique. Randomization is crucial for some encryption schemes to achieve semantic security, a property whereby repeated usage of the scheme under the same key does not allow an attacker to infer relationships between segments of the encrypted message. For block ciphers, the use of an IV is described by the modes of operation.
David Lee Chaum is an American computer scientist, cryptographer, and inventor. He is known as a pioneer in cryptography and privacy-preserving technologies, and widely recognized as the inventor of digital cash. His 1982 dissertation "Computer Systems Established, Maintained, and Trusted by Mutually Suspicious Groups" is the first known proposal for a blockchain protocol. Complete with the code to implement the protocol, Chaum's dissertation proposed all but one element of the blockchain later detailed in the Bitcoin whitepaper. He has been referred to as "the father of online anonymity", and "the godfather of cryptocurrency".
David A. Wagner is a professor of computer science at the University of California, Berkeley and a well-known researcher in cryptography and computer security. He is a member of the Election Assistance Commission's Technical Guidelines Development Committee, tasked with assisting the EAC in drafting the Voluntary Voting System Guidelines. He is also a member of the ACCURATE project.
Wired Equivalent Privacy (WEP) was a severely flawed security algorithm for 802.11 wireless networks. Introduced as part of the original IEEE 802.11 standard ratified in 1997, its intention was to provide data confidentiality comparable to that of a traditional wired network. WEP, recognizable by its key of 10 or 26 hexadecimal digits, was at one time widely used, and was often the first security choice presented to users by router configuration tools.
An anonymous P2P communication system is a peer-to-peer distributed application in which the nodes, which are used to share resources, or participants are anonymous or pseudonymous. Anonymity of participants is usually achieved by special routing overlay networks that hide the physical location of each node from other participants.
A5/2 is a stream cipher used to provide voice privacy in the GSM cellular telephone protocol. It was designed in 1992-1993 as a replacement for the relatively stronger A5/1, to allow the GSM standard to be exported to countries "with restrictions on the import of products with cryptographic security features".
The security of cryptographic systems depends on some secret data that is known to authorized persons but unknown and unpredictable to others. To achieve this unpredictability, some randomization is typically employed. Modern cryptographic protocols often require frequent generation of random quantities. Cryptographic attacks that subvert or exploit weaknesses in this process are known as random number generator attacks.
In cryptography, a related-key attack is any form of cryptanalysis where the attacker can observe the operation of a cipher under several different keys whose values are initially unknown, but where some mathematical relationship connecting the keys is known to the attacker. For example, the attacker might know that the last 80 bits of the keys are always the same, even though they don't know, at first, what the bits are.
Off-the-Record Messaging (OTR) is a cryptographic protocol that provides encryption for instant messaging conversations. OTR uses a combination of AES symmetric-key algorithm with 128 bits key length, the Diffie–Hellman key exchange with 1536 bits group size, and the SHA-1 hash function. In addition to authentication and encryption, OTR provides forward secrecy and malleable encryption.
David Ross Cheriton is a Canadian computer scientist, businessman, philanthropist, and venture capitalist. He is a computer science professor at Stanford University, where he founded and leads the Distributed Systems Group.
Aircrack-ng is a network software suite consisting of a detector, packet sniffer, WEP and WPA/WPA2-PSK cracker and analysis tool for 802.11 wireless LANs. It works with any wireless network interface controller whose driver supports raw monitoring mode and can sniff 802.11a, 802.11b and 802.11g traffic. Packages are released for Linux and Windows.
Nikita Borisov is a cryptographer and computer security researcher, currently an associate professor at the University of Illinois at Urbana-Champaign (UIUC). His notable work includes one of the first cryptanalyses of the WEP wireless encryption protocol together with Ian Goldberg and David Wagner, and the design of the Off-the-Record Messaging protocol with Goldberg.
Adam Back is a British cryptographer and cypherpunk. He is the CEO of Blockstream, which he co-founded in 2014. He invented Hashcash, which is used in the Bitcoin mining process.
Privacy-enhancing technologies (PET) are technologies that embody fundamental data protection principles by minimizing personal data use, maximizing data security, and empowering individuals. PETs allow online users to protect the privacy of their personally identifiable information (PII), which is often provided to and handled by services or applications. PETs use techniques to minimize an information system's possession of personal data without losing functionality. Generally speaking, PETs can be categorized as hard and soft privacy technologies.
Zero-Knowledge Systems was a Canadian privacy technology software and services company, best known for the Freedom Network, its privacy network. It was founded by brothers Austin Hill & Hamnett Hill and their father Hamnett Hill Sr. in 1997. Its headquarters were in Montreal, Quebec. Early investors and board members were Mike Santer and Alex Hern co-founder Inktomi. The company rebranded under the new name Radialpoint though was no longer a developer of privacy-enhancing technologies. . Most recently it was acquired by AppDirect and rebranded as AppHelp.
Nadarajah Asokan is a professor of computer science and the David R. Cheriton Chair in Software Systems at the University of Waterloo's David R. Cheriton School of Computer Science. He is also an adjunct professor in the Department of Computer Science at Aalto University.