Vincent Moscaritolo

Last updated
Vincent "Vinnie" Moscaritolo
Vinnie Moscaritolo.jpg
American Computer Security Expert
Occupationsemi-retired
Known forCryptographic engineering and Internet security
Website https://vinthewrench.substack.com

Vincent (Vinnie) Moscaritolo is a retired American computer security expert known for his work in encryption applications for mobile devices. After decades in the computer industry, he now volunteers as a search and rescue professional. He holds NREMT, WFR, and Amateur Radio Extra Class and a General Radiotelephone Operator with Ships Radar License.

Contents

As of recent, Vinnie has been prolifically writing on Substack on topics such as automotive hacking, software-defined radio, Raspberry Pi, and Search and Rescue.

From 2012 to 2015, he was the Distinguished Member of Technical Staff at Silent Circle, where he designed the original messaging technologies Silent Circle uses. [1] [2] In 2015, he left Silent Circle to co-found 4th-A Technologies, LLC with Robbie Hanson. 4th-A Technologies develops technologies to restore to people their inalienable right to be “secure in their documents”. They designed ZeroDark.cloud [3] a framework that simplifies the development of apps that interact with the cloud, and performs tasks such as syncing, messaging & collaboration. It uses zero-knowledge encryption, ensuring the data in the cloud cannot be compromised. They also produced the Storm4 secure cloud storage service. [4]

Vincent has been involved in the design, invention, and production of system software and network applications for more than 30 years. In addition to producing cryptographic products, his concern about the use of encryption technology by criminal and terrorist actors has compelled him to offer assistance and training to both law enforcement and the intelligence community on cryptographic issues. He has participated at specialized venues such as with federal as well as local law enforcement agencies and the Cloud Security Alliance.[ citation needed ]

Career

Vincent Moscaritolo's experience includes roles as Distinguished Member of Technical Staff at Silent Circle, Principal Cryptographic Engineer for PGP Corporation, Senior Operating System engineer for Apple Computer, and Principal Software Specialist at Digital Equipment Corporation.

Vincent was one of the co founders of Silent Circle, and developer of the secure messaging technology used by Silent Circle / Blackphone. He designed the Silent Circle Instant Messaging Protocol (SCIMP) and was the inventor of Progressive Encryption used by the Silent Text app.

While at PGP, he focused on the engineering of cryptographic products on the OS X platform including the cross platform core crypto library, secure file deletion, virtual disk client, network kernel engine redirection module. He was also responsible for obtaining and maintaining NIST FIPS-140 validation for PGP cryptographic core.

At Apple, he was notable for founding the Mac-Crypto Conference, where key Mac developers, industry leaders and legends met to discuss topics ranging from Cryptosystems, Digital Cash and Security issues to feedback sessions where developers were able to directly discuss their requirements with Apple engineers. [5] He was also involved in the original Cypherpunk group.

In the mid 1980s he founded a startup called DataVox, which produced BankTalk, one of the first voice response systems for the financial marketplace. This included a user-tailorable audio menu system that provided general information, balance, account transactions and was able to communicate with bank mainframes over the existing ATM network.

Works

Vincent is currently actively publishing articles on Substack [6] about his Search and Rescue, Emergency Medicine, Ham Radio and Raspberry PI. There are some works archived about zero-trust on Medium [7]

His last privacy project was the ZeroDark.cloud framework. [8]

Moscaritolo published an article about the S4 open-source crypto library [9] and Verifying Authenticity of Public Keys. [10]

Moscaritolo designed the Silent Circle Instant Messaging Protocol (SCIMP), which uses a new progressive encryption technology. [11] [12]

Other cryptographic projects include the development of a public key authentication extension for file servers, [13] authoring of IETF draft for a secure authorization protocol for distributed systems, [14] development of code and technotes for PGP cryptographic toolkit, and a number of presentations and tutorials on modern cryptosystems and security. [15] [16] He was also a contributor to the Vanish, Self destructing Data project at University of Washington [17]

He holds patents related to cryptographic techniques and designs. [18]

Quotes

"If we can just pass a few more laws, we could all be criminals”

Personal life

Vincent currently volunteers with the Jackson County Sheriff's Search and Rescue team. He has a background in a variety of fields, including motorcycle racing and a number of martial arts.

Related Research Articles

<span class="mw-page-title-main">Encryption</span> Process of converting plaintext to ciphertext

In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can decipher a ciphertext back to plaintext and access the original information. Encryption does not itself prevent interference but denies the intelligible content to a would-be interceptor.

Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partitions and to increase the security of e-mail communications. Phil Zimmermann developed PGP in 1991.

<span class="mw-page-title-main">Phil Zimmermann</span> Creator of Pretty Good Privacy (PGP)

Philip R. Zimmermann is an American computer scientist and cryptographer. He is the creator of Pretty Good Privacy (PGP), the most widely used email encryption software in the world. He is also known for his work in VoIP encryption protocols, notably ZRTP and Zfone. Zimmermann is co-founder and Chief Scientist of the global encrypted communications firm Silent Circle.

<span class="mw-page-title-main">Public-key cryptography</span> Cryptographic system with public and private keys

Public-key cryptography, or asymmetric cryptography, is the field of cryptographic systems that use pairs of related keys. Each key pair consists of a public key and a corresponding private key. Key pairs are generated with cryptographic algorithms based on mathematical problems termed one-way functions. Security of public-key cryptography depends on keeping the private key secret; the public key can be openly distributed without compromising security.

A cypherpunk is any individual advocating widespread use of strong cryptography and privacy-enhancing technologies as a route to social and political change. Originally communicating through the Cypherpunks electronic mailing list, informal groups aimed to achieve privacy and security through proactive use of cryptography. Cypherpunks have been engaged in an active movement since at least the late 1980s.

In cryptography, the ElGamal encryption system is an asymmetric key encryption algorithm for public-key cryptography which is based on the Diffie–Hellman key exchange. It was described by Taher Elgamal in 1985. ElGamal encryption is used in the free GNU Privacy Guard software, recent versions of PGP, and other cryptosystems. The Digital Signature Algorithm (DSA) is a variant of the ElGamal signature scheme, which should not be confused with ElGamal encryption.

Articles related to cryptography include:

In cryptography, rubber-hose cryptanalysis is a euphemism for the extraction of cryptographic secrets from a person by coercion or torture—such as beating that person with a rubber hose, hence the name—in contrast to a mathematical or technical cryptanalytic attack.

<span class="mw-page-title-main">Clipper chip</span> Encryption device promoted by the NSA in the 1990s

The Clipper chip was a chipset that was developed and promoted by the United States National Security Agency (NSA) as an encryption device that secured "voice and data messages" with a built-in backdoor that was intended to "allow Federal, State, and local law enforcement officials the ability to decode intercepted voice and data transmissions." It was intended to be adopted by telecommunications companies for voice transmission. Introduced in 1993, it was entirely defunct by 1996.

Key management refers to management of cryptographic keys in a cryptosystem. This includes dealing with the generation, exchange, storage, use, crypto-shredding (destruction) and replacement of keys. It includes cryptographic protocol design, key servers, user procedures, and other relevant protocols.

Homomorphic encryption is a form of encryption that allows computations to be performed on encrypted data without first having to decrypt it. The resulting computations are left in an encrypted form which, when decrypted, result in an output that is identical to that produced had the operations been performed on the unencrypted data. Homomorphic encryption can be used for privacy-preserving outsourced storage and computation. This allows data to be encrypted and out-sourced to commercial cloud environments for processing, all while encrypted.

Cryptography is the practice and study of encrypting information, or in other words, securing information from unauthorized access. There are many different cryptography laws in different nations. Some countries prohibit export of cryptography software and/or encryption algorithms or cryptoanalysis methods. Some countries require decryption keys to be recoverable in case of a police investigation.

In cryptography, a hybrid cryptosystem is one which combines the convenience of a public-key cryptosystem with the efficiency of a symmetric-key cryptosystem. Public-key cryptosystems are convenient in that they do not require the sender and receiver to share a common secret in order to communicate securely. However, they often rely on complicated mathematical computations and are thus generally much more inefficient than comparable symmetric-key cryptosystems. In many applications, the high cost of encrypting long messages in a public-key cryptosystem can be prohibitive. This is addressed by hybrid systems by using a combination of both.

<span class="mw-page-title-main">Jon Callas</span> American computer security expert

Jon Callas is an American computer security expert, software engineer, user experience designer, and technologist who is the co-founder and former CTO of the global encrypted communications service Silent Circle. He has held major positions at Digital Equipment Corporation, Apple, PGP, and Entrust, and is considered "one of the most respected and well-known names in the mobile security industry." Callas is credited with creating several Internet Engineering Task Force (IETF) standards, including OpenPGP, DKIM, and ZRTP, which he wrote. Prior to his work at Entrust, he was Chief Technical Officer and co-founder of PGP Corporation and the former Chief Technical Officer of Entrust.

<span class="mw-page-title-main">Cryptography</span> Practice and study of secure communication techniques

Cryptography, or cryptology, is the practice and study of techniques for secure communication in the presence of adversarial behavior. More generally, cryptography is about constructing and analyzing protocols that prevent third parties or the public from reading private messages. Modern cryptography exists at the intersection of the disciplines of mathematics, computer science, information security, electrical engineering, digital signal processing, physics, and others. Core concepts related to information security are also central to cryptography. Practical applications of cryptography include electronic commerce, chip-based payment cards, digital currencies, computer passwords, and military communications.

<span class="mw-page-title-main">Moti Yung</span>

Mordechai M. "Moti" Yung is a cryptographer and computer scientist known for his work on cryptovirology and kleptography.

Silent Circle is an encrypted communications firm based in Washington DC. Silent Circle provides multi-platform secure communication services for mobile devices and desktop. Launched October 16, 2012, the company operates under a subscription business model. The encryption part of the software used is free software/open source and peer-reviewed. For the remaining parts of Silent Phone and Silent Text, the source code is available on GitHub, but under proprietary software licenses.

The Silent Circle Instant Message Protocol (SCIMP) was an encryption scheme that was developed by Vincent Moscaritolo of Silent Circle. It enabled private conversation over instant message transports such as XMPP (Jabber).

<span class="mw-page-title-main">Crypto Wars</span> Attempts to limit access to strong cryptography

Attempts, unofficially dubbed the "Crypto Wars", have been made by the United States (US) and allied governments to limit the public's and foreign nations' access to cryptography strong enough to thwart decryption by national intelligence agencies, especially the National Security Agency (NSA).

<span class="mw-page-title-main">Hugo Krawczyk</span> Argentine Israeli cryptographer

Hugo Krawczyk is an Argentine-Israeli cryptographer best known for co-inventing the HMAC message authentication algorithm and contributing in fundamental ways to the cryptographic architecture of central Internet standards, including IPsec, IKE, and SSL/TLS, in particular, both IKEv2 and TLS 1.3 use Krawczyk’s SIGMA protocol as the cryptographic core of their key exchange procedures. He has also contributed foundational work in the areas of threshold and proactive cryptosystems and searchable symmetric encryption, among others.

References

  1. "Secure Enterprise Communication Solutions". Silent Circle.
  2. "Crypto wiz Phil Zimmermann leads charge to make phone calls really private". August 8, 2014.
  3. ZeroDark.cloud
  4. Storm4
  5. Mac Crypto Workshop
  6. Moscaritolo, Vinnie. "Vinnie's Views". vinthewrench.substack.com.
  7. "Vinnie Moscaritolo". Medium.
  8. https://medium.com/@vmoscaritolo/zerodark-cloud-enables-a-new-class-of-privacy-focused-applications-17b09a878530 ZeroDark.cloud enables a new class of privacy-focused applications
  9. https://medium.com/storm4/s4-a-modern-open-source-crypto-library-39f05bf345eb S4 open-source crypto library
  10. https://medium.com/storm4/how-do-i-know-its-really-you-verifying-authenticity-of-public-keys-1cba1ca36db6 Verifying Authenticity of Public Keys
  11. "Silent Text 2.0: The next generation of private messaging | Silent Circle Blog". July 22, 2014. Archived from the original on 2014-07-22.
  12. "Better Security, 'Progressive Encryption' in Silent Text 2.0". threatpost.com.
  13. PGPuam December 1998
  14. "draft-moscaritolo-openpgp-literal-01". datatracker.ietf.org.
  15. Publications, Lectures & Presentations
  16. Moscaritolo, V., & Hettinga, R. (1996) Digital Commerce for the Rest of US: Apple in a Geodesic Economy
  17. "Vanish: Enhancing the Privacy of the Web with Self-Destructing Data". Vanish.cs.washington.edu. Retrieved 2022-10-31.
  18. "ininventor:"Vincent E. Moscaritolo" - Google Search". www.google.com.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.