Stanford Encryption Pioneer Who Risked Career Wins Medal

Stanford Professor Martin Hellman helped make it possible for companies and ordinary people to encrypt their Internet communications, and he has a story to tell about it.

http://news.stanford.edu/news/2010/february8/hellman-encryption-medal-021010.html

Stanford Report, February 10, 2010
Stanford encryption pioneer who risked career becomes Hamming Medalist

Martin Hellman, professor emeritus of electrical engineering, developed public key cryptography – the technology that makes Internet commerce feasible – with colleagues Whitfield Diffie and Ralph Merkle. They are being honored by the Institute of Electrical and Electronics Engineers.

BY CHRISTINE BLACKMAN

Thirty-five years ago, Martin Hellman, Whitfield Diffie and Ralph Merkle developed an easy method for sending secure messages over insecure channels. With the advent of the Internet, their technology, called public key cryptography, is now used continuously everywhere in the world.

"When a lock icon appears at the bottom of your browser, it's using public key cryptography. Your computer and the merchant's computer can talk back and forth across an insecure channel and exchange credit card information in a way that someone listening in cannot get it," said Hellman, Stanford professor emeritus of electrical engineering.

The Institute of Electrical and Electronics Engineers (IEEE) has named Hellman, Diffie and Merkle the 2010 Richard W. Hamming Medalists. Hellman said he was especially happy that the award recognizes the contribution of Merkle, whose early work on public key encryption didn't get the acknowledgement it deserved.

"Ralph really deserves equal credit with us. I am really glad to see him being recognized on this award," Hellman said.

<snip>


Richard W. Hamming medalists Ralph Merkle, Martin Hellman and Whit Diffie developed the first public key cryptography exchange in 1975.

<snip>

Each of the three medalists became interested in cryptography before they met. Hellman was drawn to coding despite discouragement from almost all of his Stanford colleagues. "They told me I was crazy," Hellman said. "Their arguments were valid: How could I hope to discover anything that the National Security Agency, which is the primary American code-making, code-breaking agency, didn’t already know? And they classified everything so highly that if we came up with anything good, they'd classify it."

Hellman decided to pursue cryptography anyway because he could foresee the day when even buying a loaf of bread would involve an electronic funds transfer, he said. "I didn't care what the NSA knew because I could see a need for commercial encryption that could not be met by the classified literature. Also, it didn’t matter if everything I developed was already known to them. It is well established that the one to publish first gets credit, not the first to discover and keep it secret," he said.

<snip>

As the team began publishing papers in IEEE journals, an IEEE member – who worked for the NSA – sent a letter to the organization, citing Hellman's papers, with concerns about national security laws. Hellman took up the issue with Stanford legal counsel John Schwartz, who explained that the university could defend Hellman in court if it came to that. Penalties could extend to 10 years in prison and a $50,000 fine.

"Schwartz told me that the university could pay all my legal expenses, but if I was judged a criminal and all the appeals were exhausted, they could not aid and abet criminal conduct by paying my fine. And they obviously couldn't go to jail for me," Hellman said.

Hellman had a symposium to attend at Cornell University, at which two of his doctoral students, Merkle and Steve Pohlig, were to present their latest papers. He decided to throw caution to the wind, though some colleagues thought even his life, along with his career, might be in danger. To give proper credit to his students and yet protect them, Hellman presented the paper while they stood silently on stage next to him. He was never arrested.

Public key encryption goes commercial

The NSA's outlook eventually changed, thanks partly to a 1995 National Research Council committee that Hellman joined. The group worked through concerns of both sides of the argument and found that using weak encryption to protect American business and citizens was a greater national threat than allowing both Americans and foreigners to acquire secure encryption.

<snip>