Matthew Daniel Green (born 1976) is an American cryptographer and security technologist. Green is an Associate Professor of Computer Science at the

Johns Hopkins Johns Hopkins (May 19, 1795 – December 24, 1873) was an American merchant, investor, and philanthropist. Born on a plantation, he left his home to start a career at the age of 17, and settled in Baltimore, Maryland where he remained for most ...

Information Security Institute. He specializes in applied cryptography, privacy-enhanced information storage systems, anonymous

cryptocurrencies A cryptocurrency, crypto-currency, or crypto is a digital currency designed to work as a medium of exchange through a computer network that is not reliant on any central authority, such as a government or bank, to uphold or maintain it. It ...

, elliptic curve crypto-systems, and satellite television piracy. He is a member of the teams that developed the

Zerocoin Zerocoin is a privacy protocol proposed in 2013 by Johns Hopkins University professor Matthew D. Green and his graduate students, Ian Miers and Christina Garman. It was designed as an extension to the Bitcoin protocol that would improve Bitcoin ...

anonymous

cryptocurrency A cryptocurrency, crypto-currency, or crypto is a digital currency designed to work as a medium of exchange through a computer network that is not reliant on any central authority, such as a government or bank, to uphold or maintain it. It ...

and Zerocash. He has also been influential in the development of the Zcash system. He has been involved in the groups that exposed vulnerabilities in

RSA BSAFE Dell BSAFE, formerly known as RSA BSAFE, is a FIPS 140-2 validated cryptography library, available in both C and Java. BSAFE was initially created by RSA Security, which was purchased by EMC and then, in turn, by Dell. When Dell sold the RSA ...

Speedpass Speedpass was a keychain radio-frequency identification (RFID) device introduced in 1997 by Mobil (which later merged with Exxon to become ExxonMobil in 1999) for electronic payment. It was originally developed by Verifone. By 2004, more than ...

and

E-ZPass E-ZPass is an electronic toll collection system used on toll roads, toll bridges, and toll tunnels in the Eastern United States, Midwestern United States, and Southern United States. The E-ZPass Interagency Group (IAG) consists of member agenci ...

Education

Green received a B.S. from Oberlin College (Computer Science), a B.M. from Oberlin College (Electronic Music), a Master's from

Johns Hopkins University Johns Hopkins University (Johns Hopkins, Hopkins, or JHU) is a private research university in Baltimore, Maryland. Founded in 1876, Johns Hopkins is the oldest research university in the United States and in the western hemisphere. It consiste ...

(Computer Science), and a PhD from

(Computer Science). His dissertation was titled "Cryptography for Secure and Private Databases: Enabling Practical Data Access without Compromising Privacy".

Blog

Green is the author of the blog, "A Few Thoughts on Cryptographic Engineering". In September 2013, a blog post by Green summarizing and speculating on

NSA The National Security Agency (NSA) is a national-level intelligence agency of the United States Department of Defense, under the authority of the Director of National Intelligence (DNI). The NSA is responsible for global monitoring, collectio ...

's programs to weaken cryptography, titled "On the NSA", was controversially taken down by Green's academic dean at Johns Hopkins for "contain nga link or links to classified material and also

sing Singing is the act of creating musical sounds with the voice. A person who sings is called a singer, artist or vocalist (in jazz and/or popular music). Singers perform music ( arias, recitatives, songs, etc.) that can be sung with or ...

the NSA logo". As

Ars Technica ''Ars Technica'' is a website covering news and opinions in technology, science, politics, and society, created by Ken Fisher and Jon Stokes in 1998. It publishes news, reviews, and guides on issues such as computer hardware and software, sc ...

notes, this was "a strange request on its face", as this use of the NSA logo by Green was not "reasonably calculated to convey the impression that such use is approved, endorsed, or authorized by the National Security Agency", and linking classified information published by news organizations is legally entirely uncontroversial. The university later apologized to Green, and the blog post was restored (sans NSA logo), with a Johns Hopkins spokesman saying that "I'm not saying that there was a great deal of legal analysis done" as explanation for the legally unmotivated takedown. In addition to general blog posts about NSA, encryption, and security, Green's blog entries on NSA's backdoor in

Dual_EC_DRBG Dual_EC_DRBG (Dual Elliptic Curve Deterministic Random Bit Generator) is an algorithm that was presented as a cryptographically secure pseudorandom number generator (CSPRNG) using methods in elliptic curve cryptography. Despite wide public cri ...

, and

RSA Security RSA Security LLC, formerly RSA Security, Inc. and doing business as RSA, is an American computer security, computer and network security company with a focus on encryption and encryption standards. RSA was named after the initials of its co-fo ...

's usage of the backdoored

cryptographically secure pseudorandom number generator A cryptographically secure pseudorandom number generator (CSPRNG) or cryptographic pseudorandom number generator (CPRNG) is a pseudorandom number generator (PRNG) with properties that make it suitable for use in cryptography. It is also loosely kno ...

(CSPRNG), have been widely cited in the mainstream news media.

Work

Green currently holds the position of Associate Professor at the Johns Hopkins Information Security Institute. He teaches courses pertaining to practical cryptography. Green is part of the group which developed

, an anonymous

protocol. Zerocoin is a proposed extension to the

Bitcoin protocol The bitcoin network is a peer-to-peer payment network that operates on a cryptographic protocol. Users send and receive bitcoins, the units of currency, by broadcasting digitally-signed messages to the network using bitcoin cryptocurrency ...

that would add anonymity to

Bitcoin Bitcoin ( abbreviation: BTC; sign: ₿) is a decentralized digital currency that can be transferred on the peer-to-peer bitcoin network. Bitcoin transactions are verified by network nodes through cryptography and recorded in a public di ...

transactions. Zerocoin provides anonymity by the introduction of a separate ''zerocoin'' cryptocurrency that is stored in the Bitcoin block chain. Though originally proposed for use with the Bitcoin network, zerocoin could be integrated into any

. His research team has exposed flaws in more than one third of

SSL/TLS Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. The protocol is widely used in applications such as email, instant messaging, and voice over IP, but its use in secu ...

encrypted web sites as well as vulnerabilities in encryption technologies, including

, Exxon/Mobil

, and automotive security systems. In 2015, Green was a member of the research team that identified the

Logjam A log jam is a naturally occurring phenomenon characterized by a dense accumulation of tree trunks and pieces of large wood across a vast section of a river, stream, or lake. ("Large wood" is commonly defined as pieces of wood more than in diam ...

vulnerability in the TLS protocol. Green started his career in 1999 at AT&T Laboratories in Florham Park, New Jersey. At AT&T Labs he worked on a variety of projects including audio coding/secure content distribution, streaming video and wireless localization services. As a graduate student he co-founded Independent Security Evaluators (ISE) with two fellow students and Avi Rubin in 2005. Green served as CTO of ISE until his departure in 2011. Green is a member of the technical advisory board for the Linux Foundation Core Infrastructure Initiative, formed to address critical Internet security concerns in the wake of the

Heartbleed Heartbleed was a security bug in the OpenSSL cryptography library, which is a widely used implementation of the Transport Layer Security (TLS) protocol. It was introduced into the software in 2012 and publicly disclosed in April 2014. Heartble ...

security bug disclosed in April 2014 in the

OpenSSL OpenSSL is a software library for applications that provide secure communications over computer networks against eavesdropping or need to identify the party at the other end. It is widely used by Internet servers, including the majority of HT ...

cryptography library. He sits on the technical advisory boards for

CipherCloud CipherCloud is an American software company providing cloud security to businesses. The company was established in 2010 and is based out of San Jose, California. History CipherCloud was founded in 2010 by Pravin Kothari, who previously co-founde ...

, Overnest and Mozilla Cybersecurity Delphi. Green co-founded and serves on the Board for Directors of the Open Crypto Audit Project (OCAP), which undertook a

security audit An information security audit is an audit on the level of information security in an organization. It is an independent review and examination of system records, activities and related documents. These audits are intended to improve the level of in ...

of the

TrueCrypt TrueCrypt is a discontinued source-available freeware utility used for on-the-fly encryption (OTFE). It can create a virtual encrypted disk within a file, or encrypt a partition or the whole storage device ( pre-boot authentication). On 28 ...

software.

References

External links

Matthew D. Green
his personal page at Johns Hopkins University
A Few Thoughts on Cryptographic Engineering
his personal crypto blog
CE' website
his company page {{DEFAULTSORT:Green, Matthew D. 1976 births Living people Oberlin College alumni Johns Hopkins University alumni Johns Hopkins University faculty Modern cryptographers InfoSec Twitter

Education

Blog

Work

See also

References

External links