{"id":468,"date":"2014-05-30T11:44:06","date_gmt":"2014-05-30T15:44:06","guid":{"rendered":"http:\/\/dev.bcreativegroup.com\/jhuwse\/?p=468"},"modified":"2014-06-04T13:10:26","modified_gmt":"2014-06-04T17:10:26","slug":"guru-cyber-cryptography","status":"publish","type":"post","link":"https:\/\/engineering.jhu.edu\/magazine-archive\/2014\/05\/guru-cyber-cryptography\/","title":{"rendered":"The Guru of Cyber-Cryptography"},"content":{"rendered":"

Matt Green aims to fundamentally change the way we interact with the electronic world\u2014to ensure complete privacy “so that nobody else can see what you’re doing.”<\/strong><\/em><\/p>\n\"guru-of-cyber-crypto_lead\"\n

On the third floor of<\/strong>\u00a0Shaffer Hall, on a frozen, sunny Monday, there is music. To be precise, it is a piece of music coded early in the 19th century in flats and sharps and semiquavers by an immortal German genius.<\/p>\n

But while Beethoven\u2019s Symphony No. 5 in C Minor wafts down the hallway from Course AS.376.215\u2014Western Classical Music\u2014a different kind of air is being played at the opposite end of the corridor. It goes like this:<\/p>\n

\/bool ObfuscatedSuperSecretPasswordProtectedStuff(string passwd)\r\n{\r\n    static string HARDCODED_SALT = 0x......; \/\/ this is a salt value\r\n    static string HARDCODED_PASSWORD_ HASH = 0x......; \/\/ this value is H(salt + target password)\r\n\r\n    \/\/ First, hash the input password with the salt\r\n    hashedPass = H(HARDCODED_SALT + passwd);\r\n    if (hashedPass == HARDCODED_PASSWORD_HASH) {\r\n        return true;\r\n    } else {\r\n        return false;\r\n    }\r\n}<\/pre>\n
This is the 21st-century sonata of spaghetti code and random oracles, rainbow tables, and obfuscating hash. To most smartphone, tablet, and computer users, it is invisible\u2014the background Muzak of ones and zeroes that enables our digital age. But to cyber-criminals, colliding governments, colluding hackers, and the hard-wired cryptographers who are working to deter them, it is a temptation to invade our deepest secrets.<\/p>\n
At the front of the room is Matthew Green, MS \u201907 , PhD \u201909, assistant research professor in the Department of Computer Science, bearded, glib, self-assured, personable, and energetic, racing through material as if there is not a millisecond to lose. He is talking, this day, about Internet privacy\u2014and the \u201cman in the middle attacks\u201d that plague it.<\/p>\n
The course is named Practical Cryptographic Systems, and the room is packed.<\/p>\n
\u201cWith a shared secret, you can do lots of stuff,\u201d Green declaims, launching into a rapid-fire chalk-on-blackboard discussion of the privacy signatures, extended Euclidean algorithms, and randomly generated large primes that currently are used to individualize our emails, texts, and online business dealings.<\/p>\n
\u201cHow do the privacy signatures work?\u201d a student asks.<\/p>\n
\u201cMagic,\u201d Green replies.<\/p>\n
And then, a moment later: \u201cMagic is not an answer.\u201d<\/p>\n
<\/p>\n
On the Homewood campus,<\/strong> and beyond into the wider world of less-savvy laymen who are appalled to learn that their every keystroke may be audited by someone in Beijing or Moscow or Fort Meade, Matt Green has become the go-to guru of cyber-crypto, quoted and cited by The New York Times<\/em>, the Washington Post<\/em>, PBS\u2019s Frontline<\/em>, The New Yorker<\/em>, and WIRED<\/em>, to mention only a few.<\/p>\n
In a world where, as he tells today\u2019s class, anyone\u2019s computer can be enfiladed by 30,000 hacking attempts in just a few minutes, engineering a way to exchange bulletproof envelopes of information has become a task of vital importance to individuals, businesses, governments, and nations.<\/p>\n
Case in point: the theft of more than 70 million credit- and debit-card numbers from people who shopped at Target stores late in 2013. Among the victims: Professor Matthew Green.<\/p>\n
\u201cIf I had to sum up what we\u2019ve learned over the past year,\u201d he tweeted in early March, \u201cit\u2019s fricking hard to stay anonymous on the Internet.\u201d<\/p>\n
The quest to engineer new ways to secure\u2014or disrupt\u2014our online lives is leading Green and his research team into twin realms, both of them prominent in recent headlines, for better or for worse: personal privacy and digital currency.<\/p>\n
\u201cThere seems to be a growing community of people who are aware of, and are interested in, information security on the Web,\u201d he says in an\u00a0interview. \u201cFor me, when I have a thought, [I go] right into Google and I don\u2019t think about it at the time, but then I realize that you could pretty much read my mind if you have access to what I put on there.<\/p>\n\"\"\n
\u201cOlder people like my parents don\u2019t use computers in the same way that [I do] and younger people do, so it\u2019s not as big a problem for them. But so much of your mind goes into these devices\u2014I\u2019d be less concerned about someone putting a bug in my room than in one of my devices.\u201d<\/p>\n
Last summer, the revelations of the runaway cyber-patriot (or traitor) Edward Snowden made it shockingly clear that the National Security Agency was moving toward intercepting, auditing, and archiving every single email, text, and telephone call placed in the United States\u2014and those made by the leaders of its putative allies abroad. Green says he was \u201cpretty appalled. It\u2019s clear that if the NSA wants to get you, then they can get you and there\u2019s nothing you can do about it. But there\u2019s also a growing feeling that there are people who want to do something about this.\u201d<\/p>\n
\u201cWhat is the answer?\u201d he is asked.<\/p>\n
\u201cThe antidote is either to make people stop spying on us, which seems hard, or do something technological. Congress can only stop the ones who actually work for us.\u201d<\/p>\n
Thwarting all the other folks who are peeping through our digital keyholes, Green says, is a major part of the allure of Practical Cryptographic Systems.<\/p>\n
\u201cSome of the students really love crypto,\u201d Green reports. \u201cThey love working on issues involving online privacy. They love the idea that you can use cryptography to do things to fundamentally change the way we interact with the electronic world\u2014powers that would mean that nobody else can see what you\u2019re doing.\u201d<\/p>\n
There was a time<\/strong> when the cyber-cryptographer was on a path that might have made him, if not quite the next Beethoven, then at least the first Matt Green. Raised in Vermont, just across the Connecticut River from Dartmouth University, where his mother (French) and his father (Religion and Philosophy) were professors, he remembers dinner-table arguments about computer-age ethics and Gallic literature.<\/p>\n
\u201cMy Dad became an ethicist, and he wrote a program called \u2018The Ethical Manager\u2019 for the IBM PC,\u201d Green says. \u201cDepending on your answers to certain questions, it drew a big face and you could make it smile more or less.\u201d Attracted to computers, the younger Green enrolled at Oberlin\u00a0College in Ohio intending to catch the early wave of electronic music, then added computing as a second major.<\/p>\n
\u201cWhat I liked about electronic music,\u201d he says, \u201cis that I could sit in a lab and produce pieces without ever having to perform in public. I took three and a half years of music theory. Just like computer code, music is very mathematical and when it fits together right, it\u2019s beautiful and when it doesn\u2019t, it\u2019s awful and frustrating.\u201d<\/p>\n
After Oberlin, Green went to work at AT&T Laboratories as the company dabbled in what he remembers as \u201cthis crazy new idea of selling music over the Internet. We were researching this question of how do you sell music securely so people can\u2019t make copies themselves and cost us money?\u201d<\/p>\n
It was a question that the Apple Corporation\u2014 and not AT&T\u2014would answer with iTunes and the portable MP3 player. About that time, Green came to an epiphany:<\/p>\n
\u201cInstead of implementing other people\u2019s ideas, you could have your own.\u201d<\/p>\n
<\/p>\n
\"guru-of-cyber-crypto_body2\"
Christina Garman (left) with Matt Green<\/figcaption><\/figure>\n
The pioneering digital currency<\/strong> known as Bitcoin made plenty of news last winter, nearly all of it for the wrong reasons. It was invented in 2009 by a coder named \u201cSatoshi Nakamoto,\u201d whose authorship was widely assumed to be pseudonymous until Nakamoto himself was outed in March by Newsweek<\/em> as a 50-something California programmer who had\u00a0worked for military contractors. (Nakamoto subsequently sued the magazine, averring that they had corralled the wrong Nakamoto.)<\/p>\n