Daniel Julius Bernstein (sometimes known as djb; born October 29, 1971) is an American

German German(s) may refer to: * Germany (of or related to) **Germania (historical use) * Germans, citizens of Germany, people of German ancestry, or native speakers of the German language ** For citizens of Germany, see also German nationality law **Ge ...

mathematician A mathematician is someone who uses an extensive knowledge of mathematics in their work, typically to solve mathematical problems. Mathematicians are concerned with numbers, data, quantity, structure, space, models, and change. History On ...

cryptologist This is a list of cryptographers. Cryptography is the practice and study of techniques for secure communication in the presence of third parties called adversaries. Pre twentieth century * Al-Khalil ibn Ahmad al-Farahidi: wrote a (now lost) bo ...

, and

computer scientist A computer scientist is a person who is trained in the academic study of computer science. Computer scientists typically work on the theoretical side of computation, as opposed to the hardware side on which computer engineers mainly focus (a ...

. He is a visiting professor at CASA at

Ruhr University Bochum The Ruhr University Bochum (, ) is a public research university located in the southern hills of the central Ruhr area, Bochum, Germany. It was founded in 1962 as the first new public university in Germany after World War II. Instruction beg ...

, as well as a research professor of Computer Science at the

University of Illinois at Chicago The University of Illinois Chicago (UIC) is a public research university in Chicago, Illinois. Its campus is in the Near West Side community area, adjacent to the Chicago Loop. The second campus established under the University of Illinois ...

. Before this, he was a professor (" persoonlijk hoogleraar") in the department of mathematics and computer science at the Eindhoven University of Technology.

Early life

Bernstein attended

Bellport High School Bellport High School is the public high school for the South Country Central School District, which is located in Suffolk County, Long Island in the United States. It serves students in grades 9-12 in Bellport, East Patchogue, Brookhaven ...

, a public high school on

Long Island Long Island is a densely populated island in the southeastern region of the U.S. state of New York, part of the New York metropolitan area. With over 8 million people, Long Island is the most populous island in the United States and the 18 ...

, graduating in 1987 at the age of 15. The same year, he ranked fifth in the

Westinghouse Science Talent Search Westinghouse may refer to: Businesses Current companies *Westinghouse Electric Corporation, the company that manages the Westinghouse brand, with licensees: ** Westinghouse Electric Company, providing nuclear power-related services **Westingho ...

. In 1987 (at the age of 16), he achieved a Top 10 ranking in the

William Lowell Putnam Mathematical Competition The William Lowell Putnam Mathematical Competition, often abbreviated to Putnam Competition, is an annual mathematics competition for undergraduate college students enrolled at institutions of higher learning in the United States and Canada (regar ...

. Bernstein earned a B.A. in mathematics from

New York University New York University (NYU) is a private research university in New York City. Chartered in 1831 by the New York State Legislature, NYU was founded by a group of New Yorkers led by then- Secretary of the Treasury Albert Gallatin. In 1832, th ...

(1991) and a Ph.D. in mathematics from the

University of California, Berkeley The University of California, Berkeley (UC Berkeley, Berkeley, Cal, or California) is a public land-grant research university in Berkeley, California. Established in 1868 as the University of California, it is the state's first land-grant un ...

(1995), where he studied under

Hendrik Lenstra Hendrik Willem Lenstra Jr. (born 16 April 1949, Zaandam) is a Dutch mathematician. Biography Lenstra received his doctorate from the University of Amsterdam in 1977 and became a professor there in 1978. In 1987 he was appointed to the faculty o ...

''Bernstein v. United States''

The

export of cryptography from the United States The export of cryptography from the United States to other countries has experienced various levels of restrictions over time. World War II illustrated that code-breaking and cryptography can play an integral part in national security and the a ...

was controlled as a munition starting from the Cold War until recategorization in 1996, with further relaxation in the late 1990s. In 1995, Bernstein brought the court case ''

Bernstein v. United States ''Bernstein v. United States'' is a set of court cases brought by Daniel J. Bernstein challenging restrictions on the export of cryptography from the United States. History The case was first brought in 1995, when Bernstein was a student at U ...

''. The ruling in the case declared that software was protected speech under the

First Amendment First or 1st is the ordinal form of the number one (#1). First or 1st may also refer to: *World record, specifically the first instance of a particular achievement Arts and media Music * 1$T, American rapper, singer-songwriter, DJ, and reco ...

, which contributed to regulatory changes reducing controls on encryption. Bernstein was originally represented by the

Electronic Frontier Foundation The Electronic Frontier Foundation (EFF) is an international non-profit digital rights group based in San Francisco, California. The foundation was formed on 10 July 1990 by John Gilmore, John Perry Barlow and Mitch Kapor to promote Internet ...

. He later represented himself.

Cryptography

Bernstein designed the

Salsa20 Salsa20 and the closely related ChaCha are stream ciphers developed by Daniel J. Bernstein. Salsa20, the original cipher, was designed in 2005, then later submitted to the eSTREAM European Union cryptographic validation process by Bernstein. Ch ...

stream cipher stream cipher is a symmetric key cipher where plaintext digits are combined with a pseudorandom cipher digit stream (keystream). In a stream cipher, each plaintext digit is encrypted one at a time with the corresponding digit of the keystream ...

in 2005 and submitted it to

eSTREAM eSTREAM is a project to "identify new stream ciphers suitable for widespread adoption", organised by the EU ECRYPT network. It was set up as a result of the failure of all six stream ciphers submitted to the NESSIE project. The call for primi ...

for review and possible standardization. He later published the

ChaCha20 Salsa20 and the closely related ChaCha are stream ciphers developed by Daniel J. Bernstein. Salsa20, the original cipher, was designed in 2005, then later submitted to the eSTREAM European Union cryptographic validation process by Bernstein. Ch ...

variant of Salsa in 2008. In 2005, he proposed the

elliptic curve In mathematics, an elliptic curve is a smooth, projective, algebraic curve of genus one, on which there is a specified point . An elliptic curve is defined over a field and describes points in , the Cartesian product of with itself. I ...

Curve25519 In cryptography, Curve25519 is an elliptic curve used in elliptic-curve cryptography (ECC) offering 128 bits of security (256-bit key size) and designed for use with the elliptic curve Diffie–Hellman (ECDH) key agreement scheme. It is one of t ...

as a basis for

public-key Public-key cryptography, or asymmetric cryptography, is the field of cryptographic systems that use pairs of related keys. Each key pair consists of a public key and a corresponding private key. Key pairs are generated with cryptographic alg ...

schemes. He worked as the lead researcher on the

Ed25519 In public-key cryptography, Edwards-curve Digital Signature Algorithm (EdDSA) is a digital signature scheme using a variant of Schnorr signature based on twisted Edwards curves. It is designed to be faster than existing digital signature schem ...

version of EdDSA. The algorithms made their way into popular software. For example, since 2014, when

OpenSSH OpenSSH (also known as OpenBSD Secure Shell) is a suite of secure networking utilities based on the Secure Shell (SSH) protocol, which provides a secure channel over an unsecured network in a client–server architecture. Network Working Gro ...

is compiled without

OpenSSL OpenSSL is a software library for applications that provide secure communications over computer networks against eavesdropping or need to identify the party at the other end. It is widely used by Internet servers, including the majority of HT ...

they power most of its operations, and

OpenBSD OpenBSD is a security-focused, free and open-source, Unix-like operating system based on the Berkeley Software Distribution (BSD). Theo de Raadt created OpenBSD in 1995 by forking NetBSD 1.0. According to the website, the OpenBSD project e ...

package signing is based on Ed25519. Nearly a decade later,

Edward Snowden Edward Joseph Snowden (born June 21, 1983) is an American and naturalized Russian former computer intelligence consultant who leaked highly classified information from the National Security Agency (NSA) in 2013, when he was an employee and su ...

disclosed mass surveillance by the

National Security Agency The National Security Agency (NSA) is a national-level intelligence agency of the United States Department of Defense, under the authority of the Director of National Intelligence (DNI). The NSA is responsible for global monitoring, collecti ...

, and researchers discovered a backdoor in the Agency's

Dual_EC_DRBG Dual_EC_DRBG (Dual Elliptic Curve Deterministic Random Bit Generator) is an algorithm that was presented as a cryptographically secure pseudorandom number generator (CSPRNG) using methods in elliptic curve cryptography. Despite wide public crit ...

algorithm. These events raised suspicions of the elliptic curve parameters proposed by NSA and standardized by NIST. Many researchers feared that the NSA had chosen curves that gave them a

cryptanalytic Cryptanalysis (from the Greek ''kryptós'', "hidden", and ''analýein'', "to analyze") refers to the process of analyzing information systems in order to understand hidden aspects of the systems. Cryptanalysis is used to breach cryptographic s ...

advantage.

Google Google LLC () is an American Multinational corporation, multinational technology company focusing on Search Engine, search engine technology, online advertising, cloud computing, software, computer software, quantum computing, e-commerce, ar ...

selected ChaCha20 along with Bernstein's

Poly1305 Poly1305 is a universal hash family designed by Daniel J. Bernstein for use in cryptography. As with any universal hash family, Poly1305 can be used as a one-time message authentication code to authenticate a single message using a key shared b ...

message authentication code In cryptography, a message authentication code (MAC), sometimes known as a ''tag'', is a short piece of information used for authenticating a message. In other words, to confirm that the message came from the stated sender (its authenticity) and ...

for use in

TLS TLS may refer to: Computing * Transport Layer Security, a cryptographic protocol for secure computer network communication * Thread level speculation, an optimisation on multiprocessor CPUs * Thread-local storage, a mechanism for allocating vari ...

, which is widely used for Internet security. Many protocols based on his works have been adopted by various standards organizations and are used in a variety of applications, such as

Apple iOS iOS (formerly iPhone OS) is a mobile operating system created and developed by Apple Inc. exclusively for its hardware. It is the operating system that powers many of the company's mobile devices, including the iPhone; the term also includes ...

, the

Linux Linux ( or ) is a family of open-source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically packaged as a Linux distribution, whi ...

kernel,

, and Tor. In spring 2005, Bernstein taught a course on "high speed cryptography." He introduced new attacks against implementations of AES ( cache attacks) in the same time period. In April 2008, Bernstein's

" was selected as a member of the final portfolio of the

project, part of a

European Union The European Union (EU) is a supranational union, supranational political union, political and economic union of Member state of the European Union, member states that are located primarily in Europe, Europe. The union has a total area of ...

research directive. In 2011, Bernstein published RFSB, a variant of the Fast Syndrome Based Hash function. He is one of the editors of the 2009 book ''Post-Quantum Cryptography''.

Software

Starting in the mid-1990s, Bernstein has written a number of security-aware programs, including

qmail qmail is a mail transfer agent (MTA) that runs on Unix. It was written, starting December 1995, by Daniel J. Bernstein as a more secure replacement for the popular Sendmail program. Originally license-free software, qmail's source cod ...

ezmlm ezmlm is mailing list management software (MLM) by Daniel J. Bernstein. It is similar to GNU Mailman and Majordomo but only works with the qmail mail transfer agent. It is released into the public domain. The latest version, 0.53, came out in ...

djbdns The djbdns software package is a DNS implementation. It was created by Daniel J. Bernstein in response to his frustrations with repeated security holes in the widely used BIND DNS software. As a challenge, Bernstein offered a $1000 prize for the ...

ucspi-tcp ucspi-tcp is a public domain Unix TCP command-line tool for building TCP client-server applications. It consists of super-server ''tcpserver'' and ''tcpclient'' application. Fro"Life with qmail" Dave Sill, 2 January 200 ''ucspi-tcp'' is an ac ...

daemontools daemontools is a process supervision toolkit written by Daniel J. Bernstein as an alternative to other system initialization and process supervision tools, such as Init. Some of the features of daemontools are: * Easy service installation and ...

, and publicfile. Bernstein criticized the leading DNS package at the time,

BIND BIND () is a suite of software for interacting with the Domain Name System (DNS). Its most prominent component, named (pronounced ''name-dee'': , short for ''name daemon''), performs both of the main DNS server roles, acting as an authoritative ...

, and wrote djbdns as a DNS package with security as a primary goal. Bernstein offers "security guarantees" for qmail and djbdns in the form of monetary rewards for the identification of flaws. A purported exploit targeting qmail running on 64-bit platforms was published in 2005, but Bernstein believes that the exploit does not fall within the parameters of his qmail security guarantee. In March 2009, Bernstein awarded $1000 to Matthew Dempsky for finding a security flaw in

. In August 2008, Bernstein announced DNSCurve, a proposal to secure the

Domain Name System The Domain Name System (DNS) is a hierarchical and distributed naming system for computers, services, and other resources in the Internet or other Internet Protocol (IP) networks. It associates various information with domain names assigned t ...

. DNSCurve applies techniques from

elliptic curve cryptography Elliptic-curve cryptography (ECC) is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. ECC allows smaller keys compared to non-EC cryptography (based on plain Galois fields) to provid ...

to provide a vast increase in performance over the RSA public-key algorithm used by

DNSSEC The Domain Name System Security Extensions (DNSSEC) are a suite of extension specifications by the Internet Engineering Task Force (IETF) for securing data exchanged in the Domain Name System (DNS) in Internet Protocol (IP) networks. The protocol ...

. It uses the existing DNS hierarchy to propagate trust by embedding public keys into specially formatted, backward-compatible DNS records. Bernstein proposed Internet Mail 2000, an alternative system for electronic mail, intended to replace the

Simple Mail Transfer Protocol The Simple Mail Transfer Protocol (SMTP) is an Internet standard communication protocol for electronic mail transmission. Mail servers and other message transfer agents use SMTP to send and receive mail messages. User-level email clients typica ...

(SMTP), the

Post Office Protocol In computing, the Post Office Protocol (POP) is an application-layer Internet standard protocol used by e-mail clients to retrieve e-mail from a mail server. POP version 3 (POP3) is the version in common use, and along with IMAP the most common ...

(POP3) and the

Internet Message Access Protocol In computing, the Internet Message Access Protocol (IMAP) is an Internet standard protocol used by email clients to retrieve email messages from a mail server over a TCP/IP connection. IMAP is defined by . IMAP was designed with the goal of per ...

(IMAP). Bernstein is also known for his string hashing function ''djb2'' and the cdb database library.

Mathematics

Bernstein has published a number of papers on

mathematics Mathematics is an area of knowledge that includes the topics of numbers, formulas and related structures, shapes and the spaces in which they are contained, and quantities and their changes. These topics are represented in modern mathematics ...

and

computation Computation is any type of arithmetic or non-arithmetic calculation that follows a well-defined model (e.g., an algorithm). Mechanical or electronic devices (or, historically, people) that perform computations are known as ''computers''. An esp ...

. Many of his papers deal with

algorithm In mathematics and computer science, an algorithm () is a finite sequence of rigorous instructions, typically used to solve a class of specific problems or to perform a computation. Algorithms are used as specifications for performing ...

s or implementations. In 2001, Bernstein circulated "Circuits for

integer factorization In number theory, integer factorization is the decomposition of a composite number into a product of smaller integers. If these factors are further restricted to prime numbers, the process is called prime factorization. When the numbers are s ...

: a proposal," which suggested that, if physical hardware implementations could be brought close to their theoretical efficiency, the then-popular estimates of adequate security parameters might be off by a factor of three. Since 512-bit RSA was breakable at the time, so might be 1536-bit RSA. Bernstein was careful not to make any actual predictions, and emphasized the importance of correctly interpreting

asymptotic In analytic geometry, an asymptote () of a curve is a line such that the distance between the curve and the line approaches zero as one or both of the ''x'' or ''y'' coordinates tends to infinity. In projective geometry and related context ...

expressions. Several prominent researchers (among them

Arjen Lenstra Arjen Klaas Lenstra (born 2 March 1956, in Groningen) is a Dutch mathematician, cryptographer and computational number theorist. He is currently a professor at the École Polytechnique Fédérale de Lausanne (EPFL) where he heads of the Laborator ...

Adi Shamir Adi Shamir ( he, עדי שמיר; born July 6, 1952) is an Israeli cryptographer. He is a co-inventor of the Rivest–Shamir–Adleman (RSA) algorithm (along with Ron Rivest and Len Adleman), a co-inventor of the Feige–Fiat–Shamir identifi ...

, Jim Tomlinson, and Eran Tromer) disagreed strongly with Bernstein's conclusions. Bernstein has received funding to investigate whether this potential can be realized. Bernstein is also the author of the mathematical

libraries A library is a collection of Document, materials, books or media that are accessible for use and not just for display purposes. A library provides physical (hard copies) or electronic media, digital access (soft copies) materials, and may be a ...

DJBFFT, a fast portable

FFT A fast Fourier transform (FFT) is an algorithm that computes the discrete Fourier transform (DFT) of a sequence, or its inverse (IDFT). Fourier analysis converts a signal from its original domain (often time or space) to a representation in the ...

library, and primegen, an asymptotically fast small prime

sieve A sieve, fine mesh strainer, or sift, is a device for separating wanted elements from unwanted material or for controlling the particle size distribution of a sample, using a screen such as a woven mesh or net or perforated sheet materia ...

with low memory footprint based on the

sieve of Atkin In mathematics, the sieve of Atkin is a modern algorithm for finding all prime numbers up to a specified integer. Compared with the ancient sieve of Eratosthenes, which marks off multiples of primes, the sieve of Atkin does some preliminary work ...

(rather than the more usual

sieve of Eratosthenes In mathematics, the sieve of Eratosthenes is an ancient algorithm for finding all prime numbers up to any given limit. It does so by iteratively marking as composite (i.e., not prime) the multiples of each prime, starting with the first prime n ...

). Both have been used effectively in the search for large

prime number A prime number (or a prime) is a natural number greater than 1 that is not a Product (mathematics), product of two smaller natural numbers. A natural number greater than 1 that is not prime is called a composite number. For example, 5 is prime ...

s. In 2007, Bernstein proposed the use of a (twisted) Edwards curve,

, as a basis for

; it is employed in Ed25519 implementation of EdDSA. In February 2015, Bernstein and others published a paper on stateless post-quantum hash-based signatures, called SPHINCS. In April 2017, Bernstein and others published a paper on Post-Quantum RSA that includes an integer factorization algorithm claimed to be "often much faster than Shor's".https://cr.yp.to/papers/pqrsa-20170419.pdf

Teaching

In 2004, Bernstein taught a course on computer software security where he assigned each student to find ten

vulnerabilities Vulnerability refers to "the quality or state of being exposed to the possibility of being attacked or harmed, either physically or emotionally." A window of vulnerability (WOV) is a time frame within which defensive measures are diminished, com ...

in published software. The 25 students discovered 44 vulnerabilities, and the class published security advisories about the issues.

References

External links

*
DJBFFTDaniel Bernstein on the Faculty Page at UICFaculty page at Eindhoven University of Technology
* {{DEFAULTSORT:Bernstein, Daniel J. 1971 births Courant Institute of Mathematical Sciences alumni Living people Modern cryptographers American computer programmers American people of German-Jewish descent 20th-century American mathematicians 21st-century American mathematicians UC Berkeley College of Letters and Science alumni Computer security academics University of Illinois Chicago faculty Computer science educators Eindhoven University of Technology faculty Open content activists People from East Patchogue, New York