Channels ▼
RSS

Tools

Diffie, Hellman, and Merkle Inducted Into National Inventors Hall of Fame


Imagine you and your banker are riding in a crowded train. You and he discuss your complete financial history, warts and all. You trade passwords, as well as credit card, investment portfolio and Social Security numbers freely, and transfer funds as if you were behind closed doors.

Oddly, no one on the train leans in, no one snickers, and no one even raises an eyebrow. That is because they cannot make out what you are saying. You and your banker are speaking a language that the two of you have created on the spot, that no one has heard before and that only the two of you can understand. Your discussion is encrypted.

People across the globe enjoy Internet-based communications like this every day without fear of theft or revelation, thanks to an invention created at Stanford in the 1970s. This week, the National Inventors Hall of Fame announced it will induct the trio of researchers who created it — Whitfield Diffie, Martin Hellman, and Ralph Merkle.

The invention, known as "public-key cryptography," allows any two computers to agree on a secret language with which to share private messages via an insecure channel — the Internet, in particular.

Public-key cryptography allows people across the world to share valuable personal data without a second thought. When you shop online, when you check your bank statement, when you file your taxes online, public-key cryptography is protecting your information. One industry insider estimates that 10 billion devices are using public-key cryptography.

Select company

With induction into the National Inventors Hall of Fame, the Stanford University troika has earned a place beside names such as Edison and Nobel, Wright and Whitney, McCormick and Marconi, Fermi and Ford — inventors of the things that have reshaped history and how we live.

Joining such a hallowed group is not easy, but for Diffie, Hellman and Merkle it was harder than it should have been. The three risked large fines, long jail sentences and their careers to get their invention before the public, in defiance of the National Security Agency (NSA), the federal electronic eavesdropping organization.

Elegant and complex

Like so much in mathematics, public-key cryptography is both beautifully elegant and profoundly complex.

To get an idea of how it works, first imagine physically exchanging letters by putting them in a strongbox:

Alice wants to communicate with Bob, her banker. She types out her message, puts it in a strongbox and locks it with a lock to which she alone knows the combination.

Alice sends the locked box, through Eve, to Bob. Eve would love to read the message, but she can't because she doesn't know Alice's combination. When Bob gets the box, he can't open it either — it is locked with Alice's lock. So, Bob adds a second lock — this one with a combination that only he knows — and sends it back through Eve to Alice.

Alice then removes her lock, leaving Bob's lock to protect the box, and passes the box through Eve back to Bob. When the box arrives back with Bob it is still locked, but with a lock to which he alone knows the combination. Bob simply removes his own lock and reads the message. Eve is left high and dry.

"With Internet transactions, the trick is to find mathematical — as opposed to physical — systems where legitimate encryption and decryption of a message take just a split second," said Hellman, professor emeritus of electrical engineering. "But an unauthorized person cracking the code and reading the message would take millions of years. The numbers chosen by Alice and Bob are really just combinations to mathematical locks on their data."

The wisdom of fools

Asked why he chose cryptography all those years ago, Hellman said, "When I got into cryptography no one was doing it. In fact, most of my colleagues thought I was crazy for two reasons: First, they said, you'll never discover anything new because NSA has a huge budget and if it could be done NSA would already have done it; second, if you do anything good, NSA will classify it and you'll never get credit."

What made Hellman press on? He called it the muse of fools. "The muse whispers, but only a few very foolish people listen, so she has to be somewhat promiscuous. I listen more than most, I suppose," said Hellman. "I was willing to risk appearing foolish and was lucky enough to end up being one of the inventors of public-key cryptography."

Even back then, when the only electronic funds transfers were bank-to-bank transactions, Hellman envisioned the day when most personal financial transactions would be conducted electronically and foresaw that data encryption would become a huge issue.

Good guys, bad guys

Just about the time that the Stanford team was ready to unleash its masterpiece, a furor arose. The controversy in public-key cryptography lies not in how the team discovered it or in who gets credit, but in its application. While public-key cryptography helps good guys share information privately, it also helps the bad guys — mobsters, terrorists and foreign adversaries — to protect their messages from law enforcement and national intelligence.

Enter the National Security Agency.

As the nation's foremost cryptological organization, the NSA is in the business both of encrypting — trying to keep our national secrets secret — and of breaking into the messages of the other guys. Learning that a team at Stanford had invented a simple, inexpensive and virtually uncrackable system to encrypt computer messages did not sit well with Fort Meade, home of the NSA.

Showdown

In 1977, at a conference at Cornell University, things came to a head. Merkle and another graduate student, Stephen Pohlig, were lead authors on two papers written with Hellman describing encryption systems. Hellman would normally have deferred to his younger colleagues to present the findings, allowing them to bask in the glow of their breakthrough work.

With the NSA bearing down, threatening large fines and a decade behind bars, it was decision time.

"John Schwartz, Stanford's general counsel, said that, if I was prosecuted, he would exhaust every legal avenue to defend me, but warned that, if I was found guilty, he couldn't go to jail for me or pay my fine," Hellman said.

Fearing career harm for the students, Schwartz also recommended that Hellman present the papers instead of the students. Hellman, a tenured professor, was secure in his job and could better withstand a multi-year court case if it came to that. So, breaking with a personal tradition of having his students present joint work, Hellman did the presentation as the students stood silently, but approvingly, next to him. They got the glow; Hellman would take any heat.

The rest is history. NSA eventually relented. The authors got the credit they deserved. The Internet is safer and more secure for their work. And, in May, the names Diffie, Hellman and Merkle will take their rightful place beside the others in the National Inventors Hall of Fame in Alexandria, Va., thanks to an invention that almost never was.

— Stanford University News Service
Andrew Myers is associate director of communications at the Stanford University School of Engineering.


Related Reading


More Insights






Currently we allow the following HTML tags in comments:

Single tags

These tags can be used alone and don't need an ending tag.

<br> Defines a single line break

<hr> Defines a horizontal line

Matching tags

These require an ending tag - e.g. <i>italic text</i>

<a> Defines an anchor

<b> Defines bold text

<big> Defines big text

<blockquote> Defines a long quotation

<caption> Defines a table caption

<cite> Defines a citation

<code> Defines computer code text

<em> Defines emphasized text

<fieldset> Defines a border around elements in a form

<h1> This is heading 1

<h2> This is heading 2

<h3> This is heading 3

<h4> This is heading 4

<h5> This is heading 5

<h6> This is heading 6

<i> Defines italic text

<p> Defines a paragraph

<pre> Defines preformatted text

<q> Defines a short quotation

<samp> Defines sample computer code text

<small> Defines small text

<span> Defines a section in a document

<s> Defines strikethrough text

<strike> Defines strikethrough text

<strong> Defines strong text

<sub> Defines subscripted text

<sup> Defines superscripted text

<u> Defines underlined text

Dr. Dobb's encourages readers to engage in spirited, healthy debate, including taking us to task. However, Dr. Dobb's moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing or spam. Dr. Dobb's further reserves the right to disable the profile of any commenter participating in said activities.

 
Disqus Tips To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.
 

Video