| Dan Bernstein |
Article Index for Dan |
Website Links For Daniel |
Information AboutDan Bernstein |
| CATEGORIES ABOUT DANIEL J. BERNSTEIN | |
| 1971 births | |
| living people | |
| modern cryptographers | |
| american mathematicians | |
| jewish american scientists | |
| computer security specialists | |
| university of illinois at chicago faculty | |
|
Bernstein brought the court case Bernstein V. United States . As a result of the ruling in that case, software was declared protected speech under the First Amendment and national restrictions on Encryption software were overturned. Bernstein was originally represented by the EFF . During later phases of the suit, Bernstein represented himself in court despite having no formal training as a lawyer. Bernstein has also proposed Internet Mail 2000 , an alternative system for electronic mail, intended to replace SMTP , POP3 and IMAP . SOFTWARE SECURITY In the autumn of . Virtually no security holes have been found in Bernstein's own software, qmail and djbdns, despite their widespread use and a US$5000 reward for qmail and a US$500 reward for djbdns. Some security professionals believe that one qmail bug (an Integer Overflow ) does qualify as a security hole, because it could lead to remote root compromise when qmail is installed on a hypothetical 64-bit system.1 Bernstein believes it is possible to write secure software if the programmer is sufficiently dedicated. Thus believing that the widespread prevalence of security holes results from programmer laziness and incompetence, Bernstein argues: :Immediate full disclosure, with a working exploit punishes the programmer for his bad code. He panics; he has to rush to fix the problem; he loses users. :You're whining that punishment is painful. You're ignoring the effect that punishment has on future behavior. It encourages programmers to invest the time and effort necessary to eliminate security problems.2 Bernstein has recently explained that he is pursuing a strategy to "produce invulnerable computer systems". Bernstein plans to achieve this by putting the vast majority of computer software into an "extreme sandbox" that prevents it from doing anything besides transforming input into output and by writing bugfree replacements (like qmail and djbdns) for the remaining components that need additional privileges. He concludes: "I won’t be satisfied until I've put the entire security industry out of work." 3 As Of Spring 2005 , Bernstein was teaching a course on "High Speed Cryptography".4 Bernstein demonstrated new results against AES in the same time period.5 MATHEMATICS Bernstein is a prolific publisher of papers in Mathematics and computation. Many of his papers introduce advances in the state of the art for Algorithms or implementations. However, he's also a meticulous chronicler of previous advances, for instance his brief but encyclopaedic "Multidigit multiplication for mathematicians".6 In 2001 Bernstein published "Circuits for integer factorization: a proposal,"7 which caused a stir as it potentially suggested that if physical hardware implementations could be close to their theoretical efficiency, then perhaps current views about how large numbers have to be before they are impractical to factor might be out by a factor of three. Thus as 512-digit RSA was then breakable, then perhaps 1536-bit RSA would be too. Bernstein was careful not to make any actual predictions, and emphasised the importance of correctly interpreting Asymptotic expressions. However several other important names in the field, Arjen Lenstra , Adi Shamir , Jim Tomlinson, and Eran Tromer disagreed strongly with Bernstein's conclusions.8 Bernstein has received funding to investigate whether this potential can be realized. Bernstein is also the author of the mathematical Libraries DJBFFT, a fast portable FFT library, and of primegen, an asymptotically fast small prime Sieve with low memory footprint based on the Atkins Sieve rather than the more usual Sieve Of Eratosthenes . Both have been used effectively to aid the search for large Prime Numbers . Bernstein is a controversial figure. On Usenet and his website, he has criticized those whose views differ from his own. Notable Bernstein controversies have involved Wietse Venema and Paul Vixie regarding software and security; Matteo Frigo , author of FFTW , regarding FFT implementation and Benchmarking ; and Bruce Schneier and Arjen Lenstra regarding computational cost. REFERENCES FURTHER READING |
|
|