This page uses content from Wikipedia and is licensed under CC BY-SA.
Daniel J. Bernstein
|Alma mater||University of California, Berkeley|
New York University
|Known for||qmail, djbdns, Salsa20, ChaCha20, Poly1305, Curve25519|
|Institutions||University of Illinois at Chicago, Eindhoven University of Technology|
|Doctoral advisor||Hendrik Lenstra|
Daniel Julius Bernstein (sometimes known as djb; born October 29, 1971) is a German-American mathematician, cryptologist, and programmer. He is a Personal professor ("Persoonlijk hoogleraar") in the department of mathematics and computer science at the Eindhoven University of Technology, as well as a Research Professor of Computer Science at the University of Illinois at Chicago.
Bernstein attended Bellport High School, a public high school on Long Island, graduating in 1987 at the age of 15. The same year, he ranked fifth in the Westinghouse Science Talent Search. In 1987 (at the age of 16), he achieved a Top 10 ranking in the William Lowell Putnam Mathematical Competition. Bernstein earned a B.A. in Mathematics from New York University (1991) and a Ph.D. in Mathematics from the University of California, Berkeley (1995), where he studied under Hendrik Lenstra.
The export of cryptography from the United States was controlled as a munition starting from the Cold War until recategorization in 1996, with further relaxation in the late 1990s. In 1995, Bernstein brought the court case Bernstein v. United States. The ruling in the case declared that software was protected speech under the First Amendment, which contributed to regulatory changes reducing controls on encryption. Bernstein was originally represented by the Electronic Frontier Foundation. He later represented himself.
Bernstein designed the Salsa20 stream cipher in 2005 and submitted it to eSTREAM for review and possible standardization. A closely related stream cipher, ChaCha20, was published by him in 2008. He also proposed the elliptic curve Curve25519 as a basis for public-key schemes in 2005, and worked as the lead researcher on the Ed25519 version of EdDSA.
Nearly a decade later Edward Snowden's disclosure of mass surveillance by the National Security Agency and the discovery of a backdoor in their Dual_EC_DRBG, raised suspicions of the elliptic curve parameters proposed by NSA and standardized by NIST. Many researchers feared that the NSA had chosen curves that gave them a cryptanalytic advantage. Google selected ChaCha20 along with Bernstein's Poly1305 message authentication code for use in TLS, which is widely used for Internet security. Many protocols based on his works have been adopted by various standards organizations and are used in a variety of applications, such as Apple iOS, the Linux kernel, OpenSSH, and Tor.
In 2011, Bernstein published RFSB, a variant of the Fast Syndrome Based Hash function.
He is one of the editors of the 2009 book Post-Quantum Cryptography.
Bernstein criticized the leading DNS package at the time, BIND, and wrote djbdns as a DNS package with security as a primary goal. Bernstein offers "security guarantees" for qmail and djbdns in the form of monetary rewards for the identification of flaws. A purported exploit targeting qmail running on 64-bit platforms was published in 2005, but Bernstein believes that the exploit does not fall within the parameters of his qmail security guarantee. In March 2009, Bernstein awarded $1000 to Matthew Dempsky for finding a security flaw in djbdns.
In August 2008, Bernstein announced DNSCurve, a proposal to secure the Domain Name System. DNSCurve applies techniques from elliptic curve cryptography to provide a vast increase in performance over the RSA public-key algorithm used by DNSSEC. It uses the existing DNS hierarchy to propagate trust by embedding public keys into specially formatted, backward-compatible DNS records.
Since 2014, when OpenSSH is compiled without OpenSSL, only Bernstein's algorithms are included: Ed25519 keys, Curve25519 key exchange and ChaCha20-Poly1305 transport cipher (though complemented by AES-CTR). Additionally, the cryptography used by OpenBSD for release and package authentication is also based on the algorithms of Bernstein. The signature mechanism for package releases and the non-OpenSSL options in OpenSSH first appeared in OpenBSD 5.5, which was the first release to contain any of Bernstein's cryptographic code.
Bernstein proposed Internet Mail 2000, an alternative system for electronic mail, intended to replace the Simple Mail Transfer Protocol (SMTP), the Post Office Protocol (POP3) and the Internet Message Access Protocol (IMAP).
Bernstein has published a number of papers on mathematics and computation. Many of his papers deal with algorithms or implementations. He also wrote a survey in 2001 titled "Multidigit multiplication for mathematicians".
In 2001 Bernstein circulated "Circuits for integer factorization: a proposal," which suggested that, if physical hardware implementations could be brought close to their theoretical efficiency, the then-popular estimates of adequate security parameters might be off by a factor of three. Since 512-bit RSA was breakable at the time, so might be 1536-bit RSA. Bernstein was careful not to make any actual predictions, and emphasized the importance of correctly interpreting asymptotic expressions. Several prominent researchers (among them Arjen Lenstra, Adi Shamir, Jim Tomlinson, and Eran Tromer) disagreed strongly with Bernstein's conclusions. Bernstein has received funding to investigate whether this potential can be realized.
Bernstein is also the author of the mathematical libraries DJBFFT, a fast portable FFT library, and primegen, an asymptotically fast small prime sieve with low memory footprint based on the sieve of Atkin (rather than the more usual sieve of Eratosthenes). Both have been used effectively in the search for large prime numbers.
In February 2015, Bernstein and others published a paper on stateless post-quantum hash-based signatures, called SPHINCS.
In April 2017, Bernstein and others published a paper on Post-Quantum RSA that includes an integer factorization algorithm claimed to be "often much faster than Shor's".
Bernstein's paper on Faster batch forgery identification has been implemented in the libsecp256k1 crypto library used in Bitcoin.
In 2004, Bernstein taught a course on computer software security where he assigned each student to find ten vulnerabilities in published software. The 25 students discovered 44 vulnerabilities, and the class published security advisories about the issues.
As of 2017, Jacob Appelbaum was pursuing a Ph.D. under Bernstein and Tanja Lange at the Eindhoven University of Technology. Appelbaum's work continued there after several allegations of sexual abuse against Appelbaum in 2016.
|Wikimedia Commons has media related to Daniel J. Bernstein.|
|Wikiquote has quotations related to: Daniel J. Bernstein|