Daniel Julius Bernstein (sometimes known simply as djb; born October 29, 1971) is a professor The meaning of the word professor varies by country. In most English-speaking countries it refers to a senior academic who holds a departmental chair, especially as head of the department, or a personal chair awarded specifically to that individual. This is the case in most Commonwealth countries (except Canada) and the Republic of Ireland (which at the University of Illinois at Chicago The University of Illinois at Chicago, or UIC, is a state-funded public research university located in Chicago, Illinois, United States. It is the second member of the University of Illinois system and is the largest university in the Chicago area, serving approximately 26,000 students within 15 colleges, including the nation's largest medical, a mathematician A mathematician is a person whose primary area of study or research, or both, is the field of mathematics. Mathematicians are concerned with particular problems related to logic, space, transformations, numbers and more general ideas which encompass these concepts. Some notable mathematicians include Sir Isaac Newton, Muhammad ibn Mūsā al-Khwā, a cryptologist, and a programmer A programmer, computer programmer or coder is someone who writes computer software. The term computer programmer can refer to a specialist in one area of computer programming or to a generalist who writes code for many kinds of software. One who practices or professes a formal approach to programming may also be known as a programmer analyst. A. Bernstein is the author of the computer software Computer software, or just software, is a general term primarily used for digitally stored data such as computer programs and other kinds of information read and written by computers. Today, this includes data that has not traditionally been associated with computers, such as film, tapes and records. The term was coined in order to contrast to the qmail qmail is a mail transfer agent that runs on Unix. It was written, starting December 1995, by Daniel J. Bernstein as a more secure replacement for the popular Sendmail program. qmail's source code is in the public domain, making qmail free software, publicfile and djbdns The djbdns software package is a DNS implementation created by Daniel J. Bernstein due to his frustrations with repeated BIND security holes. A $1000 prize for the first person to find a privilege escalation security hole in djbdns was awarded in March 2009 to Matthew Dempsky. He has a Bachelor's degree in Mathematics from New York University New York University is a private, nonsectarian research university based in New York City. NYU's main campus is situated in the Greenwich Village section of Manhattan. Founded in 1831, NYU is the largest private, nonprofit institution of higher education in the United States, with an enrollment of more than 40,000 students distributed across (1991), and a PhD in Mathematics from the University of California, Berkeley The University of California, Berkeley , is a public research university located in Berkeley, California, United States. The oldest of the ten major campuses affiliated with the University of California, Berkeley offers some 300 undergraduate and graduate degree programs in a wide range of disciplines. The university occupies 6,651 acres (2,692 ha) (1995), studying under Hendrik Lenstra. He attended Bellport High School, a public high school on Long Island Long Island is an island located in southeastern New York, United States, just east of Manhattan. Stretching northeast into the Atlantic Ocean, Long Island contains four counties, two of which are boroughs of New York City, and two of which (Nassau and Suffolk) are mainly suburban. In popular usage, the term “Long Island” generally refers only.^[1]

Bernstein brought the court case Bernstein v. United States. The ruling in the case declared software as protected speech under the First Amendment The First Amendment to the United States Constitution is part of the Bill of Rights. The amendment prohibits the making of any law "respecting an establishment of religion", impeding the free exercise of religion, infringing on the freedom of speech, infringing on the freedom of the press, interfering with the right to peaceably assemble, and national restrictions on encryption In cryptography, encryption is the process of transforming information using an algorithm (called cipher) to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information (in cryptography, referred to as ciphertext). In many contexts, the word encryption software were overturned. Bernstein was originally represented by the Electronic Frontier Foundation The Electronic Frontier Foundation is an international non-profit digital rights advocacy and legal organization based in the United States. Its stated mission is to:, but later represented himself despite having no formal training as a lawyer.^[2]

Bernstein has also proposed Internet Mail 2000, an alternative system for electronic mail, intended to replace Simple Mail Transfer Protocol Simple Mail Transfer Protocol is an Internet standard for electronic mail (e-mail) transmission across Internet Protocol (IP) networks. SMTP was first defined in RFC 821 (STD 15) (1982), and last updated by RFC 5321 (2008) which includes the extended SMTP (ESMTP) additions, and is the protocol in widespread use today. SMTP is specified for (SMTP), Post Office Protocol In computing, the Post Office Protocol is an application-layer Internet standard protocol used by local e-mail clients to retrieve e-mail from a remote server over a TCP/IP connection. POP and IMAP (Internet Message Access Protocol) are the two most prevalent Internet standard protocols for e-mail retrieval. Virtually all modern e-mail clients and (POP3) and Internet Message Access Protocol The Internet Message Access Protocol is one of the two most prevalent Internet standard protocols for e-mail retrieval, the other being the Post Office Protocol (POP). Virtually all modern e-mail clients and mail servers support both protocols as a means of transferring e-mail messages from a server (IMAP).^[3]

Software security

In the autumn of 2004, Bernstein taught a course about computer software security Application security encompasses measures taken throughout the application's life-cycle to prevent exceptions in the security policy of an application or the underlying system through flaws in the design, development, deployment, upgrade, or maintenance of the application,, titled "UNIX Security Holes". The 16 members of the class discovered 91 new UNIX Unix is a computer operating system originally developed in 1969 by a group of AT&T employees at Bell Labs, including Ken Thompson, Dennis Ritchie, Brian Kernighan, Douglas McIlroy, and Joe Ossanna. Today's Unix systems are split into various branches, developed over time by AT&T as well as various commercial vendors and non-profit security holes. Bernstein, long a promoter of the idea that full disclosure In computer security, full disclosure means to disclose all the details of a security problem which are known. It is a philosophy of security management completely opposed to the idea of security through obscurity. The concept of full disclosure is controversial, but not new; it has been an issue for locksmiths since the 19th century is the best method to promote software security and founder of the securesoftware mailing list, publicly announced 44 of them with sample exploit An exploit is a piece of software, a chunk of data, or sequence of commands that take advantage of a bug, glitch or vulnerability in order to cause unintended or unanticipated behavior to occur on computer software, hardware, or something electronic (usually computerised). This frequently includes such things as gaining control of a computer code. This received some press attention and rekindled a debate over full disclosure.^{[citation needed]}

Bernstein has recently explained that he is pursuing a strategy to "produce invulnerable computer systems". Bernstein plans to achieve this by putting the vast majority of computer software into an "extreme sandbox" that only allows it to transform input into output, and by writing bugfree replacements (like qmail and djbdns) for the remaining components that need additional privileges. He concludes: "I won’t be satisfied until I've put the entire security industry out of work."^[4]

In spring 2005^[update] Bernstein taught a course on "High Speed Cryptography".^[5] Bernstein demonstrated new results against implementations of AES In cryptography, the Advanced Encryption Standard is an encryption standard adopted by the U.S. government. The standard comprises three block ciphers, AES-128, AES-192 and AES-256, adopted from a larger collection originally published as Rijndael. Each AES cipher has a 128-bit block size, with key sizes of 128, 192 and 256 bits, respectively. The (cache attacks) in the same time period.^[6]

As of April 2008^[update][7], djb's stream cipher In cryptography, a stream cipher is a symmetric key cipher where plaintext bits are combined with a pseudorandom cipher bit stream , typically by an exclusive-or (xor) operation. In a stream cipher the plaintext digits are encrypted one at a time, and the transformation of successive digits varies during the encryption. An alternative name is a "Salsa20" was selected as a member of the final portfolio of the eSTREAM project, part of a European Union The European Union is an economic and political union of 27 member states which are located primarily in Europe. Committed to regional integration, the EU was established by the Treaty of Maastricht in 1993 upon the foundations of the European Communities. With over 500 million citizens, the EU combined generated an estimated 28% share (US$ 16.5 research directive.

Secure Software

Bernstein has written a number of security-aware programs, including:

• qmail qmail is a mail transfer agent that runs on Unix. It was written, starting December 1995, by Daniel J. Bernstein as a more secure replacement for the popular Sendmail program. qmail's source code is in the public domain, making qmail free software
• djbdns The djbdns software package is a DNS implementation created by Daniel J. Bernstein due to his frustrations with repeated BIND security holes. A $1000 prize for the first person to find a privilege escalation security hole in djbdns was awarded in March 2009 to Matthew Dempsky
• ucspi-tcp
• daemontools
• publicfile

Bernstein offers a security guarantee for qmail and djbdns; while some claim there is a dispute over a reported potential qmail qmail is a mail transfer agent that runs on Unix. It was written, starting December 1995, by Daniel J. Bernstein as a more secure replacement for the popular Sendmail program. qmail's source code is in the public domain, making qmail free software exploit, no functioning exploits for qmail have been published, and the claimed exploit does not fall within the parameters of the qmail security guarantee.^[8][9] In March 2009, Bernstein awarded $1000 to Matthew Dempsky for finding a security hole in djbdns The djbdns software package is a DNS implementation created by Daniel J. Bernstein due to his frustrations with repeated BIND security holes. A $1000 prize for the first person to find a privilege escalation security hole in djbdns was awarded in March 2009 to Matthew Dempsky.^[10]

In August 2008, Bernstein announced^[11] DNSCurve, a proposal to secure the Domain Name System The Domain Name System is a hierarchical naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participants. Most importantly, it translates domain names meaningful to humans into the numerical (binary) identifiers. DNSCurve uses techniques from elliptic curve cryptography to give a vast decrease in computational time over the RSA In cryptography, RSA is an algorithm for public-key cryptography. It is the first algorithm known to be suitable for signing as well as encryption, and one of the first great advances in public key cryptography. RSA is widely used in electronic commerce protocols, and is believed to be secure given sufficiently long keys and the use of up-to-date public-key algorithm used by DNSSEC The Domain Name System Security Extensions is a suite of Internet Engineering Task Force (IETF) specifications for securing certain kinds of information provided by the Domain Name System (DNS) as used on Internet Protocol (IP) networks. It is a set of extensions to DNS which provide to DNS clients (resolvers) origin authentication of DNS data,, and uses the existing DNS hierarchy to propagate trust by embedding public keys into specially formatted (but backward-compatible) DNS records.

Mathematics

Bernstein has published a number of papers in mathematics Mathematics is the study of quantity, structure, space, and change. Mathematicians seek out patterns, formulate new conjectures, and establish truth by rigorous deduction from appropriately chosen axioms and definitions and computation. Many of his papers deal with algorithms In mathematics, computer science, and related subjects, an 'algorithm' is an effective method for solving a problem expressed as a finite sequence of instructions. Algorithms are used for calculation, data processing, and many other fields or implementations. He also wrote a survey titled "Multidigit multiplication for mathematicians".^[12]

In 2001 Bernstein circulated "Circuits for integer factorization: a proposal,"^[13] which caused a stir as it potentially suggested that if physical hardware implementations could be close to their theoretical efficiency, then perhaps current views about how large numbers have to be before they are impractical to factor might be off by a factor of three. Thus as 512-digit RSA In cryptography, RSA is an algorithm for public-key cryptography. It is the first algorithm known to be suitable for signing as well as encryption, and one of the first great advances in public key cryptography. RSA is widely used in electronic commerce protocols, and is believed to be secure given sufficiently long keys and the use of up-to-date was then breakable, then perhaps 1536-bit RSA would be too. Bernstein was careful not to make any actual predictions, and emphasized the importance of correctly interpreting asymptotic In computer science and applied mathematics, particularly the analysis of algorithms, asymptotic analysis is a method of describing limiting behavior. Examples include the performance of algorithms when applied to very large input data, or the behavior of physical systems when they are very large expressions. However, several other important names in the field, Arjen Lenstra, Adi Shamir Adi Shamir is an Israeli cryptographer. He is one of the inventors of the RSA algorithm (along with Ron Rivest and Len Adleman), one of the inventors of the Feige-Fiat-Shamir Identification Scheme (along with Uriel Feige and Amos Fiat), one of the inventors of differential cryptanalysis and has made numerous contributions to the fields of, Jim Tomlinson, and Eran Tromer disagreed strongly with Bernstein's conclusions.^[14] Bernstein has received funding to investigate whether this potential can be realized.

Bernstein is also the author of the mathematical libraries In computer science, a library is a collection of subroutines or classes used to develop software DJBFFT, a fast portable FFT library, and of primegen, an asymptotically fast small prime sieve Sieve theory is a set of general techniques in number theory, designed to count, or more realistically to estimate the size of, sifted sets of integers. The primordial example of a sifted set is the set of prime numbers up to some prescribed limit X. Correspondingly, the primordial example of a sieve is the sieve of Eratosthenes, or the more with low memory footprint based on the sieve of Atkin rather than the more usual sieve of Eratosthenes In mathematics, the Sieve of Eratosthenes is a simple, ancient algorithm for finding all prime numbers up to a specified integer. It works efficiently for the smaller primes (below 10 million). It was created by Eratosthenes, an ancient Greek mathematician. However, none of his mathematical works survived - the sieve was described and attributed. Both have been used effectively to aid the search for large prime numbers In mathematics, a prime number is a natural number that has exactly two distinct natural number divisors: 1 and itself. The first twenty-five prime numbers are:.

See also

• Salsa20, Poly1305-AES Poly1305-AES is a cryptographic message authentication code written by Daniel J. Bernstein. As such, it may be used to simultaneously verify both the data integrity and the authenticity of a message, Snuffle, cryptographic primitives designed by Bernstein.
• CubeHash, Bernstein's submission to the NIST SHA-3 competition.
• Chain loading Chain loading is a method used by computer programs to replace the currently executing program with a new program, using a common data area to pass information from the current program to the new program. It occurs in several areas of computing (which is sometimes known as Bernstein chaining, due to Bernstein's extensive use of this technique)
• Quick Mail Queuing Protocol (QMQP)
• Quick Mail Transport Protocol (QMTP)
• Bernstein v. United States

Notes

1. ^ "New Yorkers Excel In Contest". New York Times. 1987-01-21. http://query.nytimes.com/gst/fullpage.html?res=9B0DE1D81E3CF932A15752C0A961948260. Retrieved November 9 2008.
2. ^ [1]
3. ^ [2]
4. ^ Daniel J. Bernstein (2005-01-07) (PDF). Selected Research Activities. http://cr.yp.to/cv/activities-20050107.pdf.
5. ^ Daniel J. Bernstein. "MCS 590, High-Speed Cryptography, Spring 2005". Authenticators and signatures. http://cr.yp.to/2005-590.html. Retrieved September 23 2005.
6. ^ Daniel J. Bernstein (2004-04-17) (PDF). Cache timing attacks on AES. cd9faae9bd5308c440df50fc26a517b4. http://cr.yp.to/antiforgery/cachetiming-20050414.pdf.
7. ^ Steve Babbage, Christophe De Canniere, Anne Canteaut, Carlos Cid, Henri Gilbert, Thomas Johansson, Matthew Parker, Bart Preneel, Vincent Rijmen, and Matthew Robshaw. "The eSTREAM Portfolio". http://www.ecrypt.eu.org/stream/portfolio.pdf. Retrieved April 28 2010.
8. ^ Georgi Guninski (2005-05-31). "Georgi Guninski security advisory #74, 2005". http://www.guninski.com/where_do_you_want_billg_to_go_today_4.html. Retrieved September 23 2005.
9. ^ James Craig Burley (2005-05-31). "My Take on Georgi Guninski's qmail Security Advisories". http://www.jcb-sc.com/qmail/guninski.html.
10. ^ Daniel J. Bernstein (2009-03-04). "djbdns<=1.05 lets AXFRed subdomains overwrite domains". http://article.gmane.org/gmane.network.djbdns/13864.
11. ^ Daniel J. Bernstein. "High-speed cryptography". http://marc.info/?l=djbdns&m=122011940521548&w=2.
12. ^ Daniel J. Bernstein (2001-08-11). Multidigit multiplication for mathematicians. http://cr.yp.to/papers.html#m3.
13. ^ Daniel J. Bernstein (2001-11-09). Circuits for integer factorization: a proposal. http://cr.yp.to/papers.html#nfscircuit.
14. ^ Arjen K. Lenstra, Adi Shamir, Jim Tomlinson, and Eran Tromer (2002). "Analysis of Bernstein's Factorization Circuit". proc. Asiacrypt LNCS 2501: 1–26. http://www.wisdom.weizmann.ac.il/~tromer/papers/meshc/meshc.html.

Further reading

• Daniel J. Bernstein. "MCS 494: UNIX Security Holes". Unix Unix is a computer operating system originally developed in 1969 by a group of AT&T employees at Bell Labs, including Ken Thompson, Dennis Ritchie, Brian Kernighan, Douglas McIlroy, and Joe Ossanna. Today's Unix systems are split into various branches, developed over time by AT&T as well as various commercial vendors and non-profit. http://cr.yp.to/2004-494.html. Retrieved September 23 2005.
• Lemos, Robert (2004-12-15). "Students uncover dozens of Unix software flaws". News.com. http://news.com.com/Students+uncover+dozens+of+Unix+software+flaws/2100-1002_3-5492969.html.
• "DJB Announces 44 Security Holes In *nix Software". Slashdot. 2004-12-15. http://it.slashdot.org/article.pl?sid=04/12/15/2113202&tid=172&tid=146&tid=128&tid=130&tid=1&tid=106.
• Daniel J. Bernstein. "Some thoughts on security after ten years of qmail 1.0" (PDF). http://cr.yp.to/qmail/qmailsec-20071101.pdf. Retrieved December 19 2007.
• Daniel J. Bernstein. "DNSCurve: Usable security for DNS". http://dnscurve.org/. Retrieved August 31 2008.

External links

• Official website
• DJBFFT
• Daniel Bernstein's Profile at UIC

Categories: 1971 births | Jewish American scientists | Living people Possibly living people, disappeared people and dead people are not included here, including the recently deceased, for which see Category:2010 deaths and preceding categories listing deaths for 2009, 2008, 2007, 2006, 2005, etc | Modern cryptographers | American mathematicians This category is for US-American mathematicians. Mathematicians can also be browsed by field and by period. The root category for mathematicians is here | American Jews Categories: Jews and Judaism in the United States | American people by ethnic or national origin | American people by religion | Jews by country | People associated with computer security Categories: Computer security | People in information technology | University of Illinois at Chicago faculty Categories: University of Illinois at Chicago | University of Illinois faculty | Teachers of computer science

See Also:

• Home
• Identifiers
• Domain Name System
• NBC: Encyclopedia
• .mil: Encyclopedia

What Links Here:

Recently Viewed Pages:

• Home
• Session Initiation Protocol: Encyclopedia
• Uniform Resource Locator: Encyclopedia
• Intranet: Encyclopedia
• .org: Encyclopedia
• Uniform Resource Identifier: Encyclopedia
• DNS Root: Encyclopedia
• IP Address: Encyclopedia
• Country Code Top-level Domain: Encyclopedia
• Name Space: Encyclopedia

Most Popular Pages:

• .example: Blogs
• .sm: Answers
• Domain Name Registrar: Encyclopedia
• .kz: Blogs
• .ec: Blogs
• Dynamic Delegation Discovery System: Blogs
• DomainKeys: Answers
• .st: Toc
• IReport.com: Blogs
• CPanel: Blogs

Related 'Cr.yp.to' Searches: