The following hitched up their digital wagons to blaze new trails in cybersecurity.
Whitfield Diffie, consulting professor, Center for International Security and Cooperation (CISAC), Stanford University; co-Invented public key cryptography
Whitfield Diffie gained notoriety for discovering the concept of public key cryptography in 1975, alongside cryptographers Martin Hellman and Ralph Merkle. The concept, now known as the Diffie-Hellman key exchange, pioneered a radical method of distributing cryptographic keys and, in 1976, Diffie and Hellman published New Directions in Cryptography, sharing the method with the community. Diffie, who now serves as a consulting professor at the Center for International Security and Cooperation (CISAC) at Stanford University, was a manager of secure systems research at Northern Telecom in the 1980s. In the early 1990s, Diffie joined Sun Microsystems as distinguished engineer, where he later earned the distinction of Sun fellow. The co-author of Privacy on the Line: the Politics of Wiretapping and Encryption, Diffie has stood as a major proponent of privacy on the individual and business level via encryption. In 1996, the National Institute of Standards and Technology (NIST) and the National Security Agency (NSA) awarded him the National Computer Systems Security Award. Diffie is also a Marconi fellow, a distinction he and Hellman earned for their contributions to the field of communication and information science. He is also a recipient of the Franklin Institute’s Levy Prize, among other awards.
Dan Geer, CISO, In-Q-Tel
A security visionary, Dan Geer’s scientific accomplishments stretch just as far as his philosophical contributions to the field. At Black Hat 2014, the CISO of venture capital firm In-Q-Tel, which invests in technology that supports the Central Intelligence Agency, challenged practitioners to take a radical approach to security and remember that “policy matters are now the most important matters,” as they pertain to the future of the field. While delivering a keynote called, “Cybersecurity as Realpolitik,” he advocated mandatory reporting of security events at companies, as well as policy that would force businesses to be held liable for the integrity of their software, among other concepts. Having served as an integral contributor to the development of the X Window System and the Kerberos authentication protocol, Geer has boldly etched his spot among the industry’s grouping of IT security pioneers. The MIT and Harvard alum created the first information security consulting firm on Wall Street in the early 90s, and was bestowed the USENIX Association’s Lifetime Achievement Award in 2011. Geer has also testified numerous times before Congress on cybersecurity matters and in 2011 he created the Index of Cyber Security. In 2012, Geer also developed the Cyber Security Decision Market.
Martin Hellman, professor emeritus of electrical engineering, Stanford University; co-Invented public key cryptography
Martin Hellman is one of three cryptographers who invented public key cryptography and a method for public key distribution, now known as the Diffie-Hellman key exchange. The key exchange, which serves as the underpinning for secure online communications and transactions, enables two parties to establish a shared key over an insecure communications channel using publicly known protocols. Hellman, a New York native, served on the electrical engineering faculty at MIT and Stanford University and is now professor emeritus of electrical engineering at Stanford. He has authored more than 70 technical papers over his years in academia. While earning his electrical engineering Ph.D. at Stanford in the late 1960s, Hellman worked at IBM’s Watson Research Center where he met famed cryptographer Horst Feistel, credited with stimulating development of the Data Encryption Standard (DES). A glider pilot, speed skater and hiker, Hellman now devotes much of his time to helping “resolve the nuclear dilemma,” as he puts it on his website NuclearRisk.org. Last year, he was inducted into the Silicon Valley Hall of Fame and the Information Systems Security Association Hall of Fame. Other notable honors include his election to the National Academy of Engineering, being named a Stanford Engineering Hero in 2012, and receiving the Marconi International Fellow Award in 2000, as well as the IEEE Richard W. Hamming Medal in 2010.
Bruce Schneier, CTO, Co3 Systems
According to Bruce Schneier, his career in IT security has been an endeavor he naturally “flowed into.” Schneier, a prominent cryptologist who developed numerous encryption algorithms, including Blowfish and Twofish, has continued to contribute to the industry through his musings and insight on his esteemed blog “Schneier on Security,” and newsletter “Crypto-Gram,” which have garnered a major following in the community. Having gotten his start in cryptography, Schneier says he eventually moved into computer security, network security and security technology as a focus. In his attempt to “understand context” as it pertains to the threat landscape, Schneier also turned to examining the economics, psychology and sociology of security and now he primarily studies and shares his views on the political science of security, he tells SC Magazine. Schneier is currently working on a book called Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World (due late February), and at Co3 Systems, he focuses on building coordination software for incident response, “a long-neglected aspect of IT security,” as he puts it. The security guru began his career as an independent consultant, doing cryptography and computer security consulting through his company Counterpane Systems. He is currently a fellow at the Berkman Center for Internet and Society at Harvard Law School, a board member of the Electronic Frontier Foundation, an advisory board member of the Electronic Privacy Information Center, and a program fellow at the New America Foundation’s Open Technology Institute.
Phil Zimmermann, president and co-founder, Silent Circle; creator of email encryption software Pretty Good Privacy (PGP)
When Phil Zimmermann published his email encryption software, Pretty Good Privacy (PGP), online in 1991 – making the tool freely available to the public – he found himself at the center of a three-year criminal investigation. The case against Zimmermann, which hinged on the government’s argument that he had violated U.S. export restrictions on cryptographic software, was ultimately dropped, however, and the cryptography legend soon founded PGP, which was acquired by Network Associates in 1997. Continuing his fight for digital privacy, Zimmermann went on to champion secure internet phone calls through his development of the ZRTP protocol, which is used by Zfone to set up the cryptographic key agreement, and Silent Phone, another product he created. In 2011, security expert Mike Janke approached Zimmermann with the hopes of creating a communications network focused on privacy, and the two went on to co-found global encrypted communications firm Silent Circle. As the mind behind the most widely used email encryption software across the globe, Zimmermann was inducted into the Internet Hall of Fame in 2012 by the Internet Society. This year, he was inducted into the Cyber Security Hall of Fame.