Daniel Julius Bernstein (sometimes known as djb; born October 29, 1971) is an American

German German(s) may refer to: * Germany (of or related to) **Germania (historical use) * Germans, citizens of Germany, people of German ancestry, or native speakers of the German language ** For citizens of Germany, see also German nationality law **Ger ...

mathematician A mathematician is someone who uses an extensive knowledge of mathematics in their work, typically to solve mathematical problems. Mathematicians are concerned with numbers, data, quantity, mathematical structure, structure, space, Mathematica ...

cryptologist This is a list of cryptographers. Cryptography is the practice and study of techniques for secure communication in the presence of third parties called adversaries. Pre twentieth century * Al-Khalil ibn Ahmad al-Farahidi: wrote a (now lost) book ...

, and

computer scientist A computer scientist is a person who is trained in the academic study of computer science. Computer scientists typically work on the theoretical side of computation, as opposed to the hardware side on which computer engineers mainly focus ( ...

. He is a visiting professor at CASA at

Ruhr University Bochum The Ruhr University Bochum (, ) is a public research university located in the southern hills of the central Ruhr area, Bochum, Germany. It was founded in 1962 as the first new public university in Germany after World War II. Instruction began in ...

, as well as a research professor of Computer Science at the

University of Illinois at Chicago The University of Illinois Chicago (UIC) is a public research university in Chicago, Illinois. Its campus is in the Near West Side community area, adjacent to the Chicago Loop. The second campus established under the University of Illinois s ...

. Before this, he was a professor (" persoonlijk hoogleraar") in the department of mathematics and computer science at the

Eindhoven University of Technology The Eindhoven University of Technology ( nl, Technische Universiteit Eindhoven), abbr. TU/e, is a public technical university in the Netherlands, located in the city of Eindhoven. In 2020–21, around 14,000 students were enrolled in its BSc ...

Early life

Bernstein attended

Bellport High School Bellport High School is the public high school for the South Country Central School District, which is located in Suffolk County, Long Island in the United States. It serves students in grades 9-12 in Bellport, East Patchogue, Brookhaven Ham ...

, a public high school on Long Island, graduating in 1987 at the age of 15. The same year, he ranked fifth in the

Westinghouse Science Talent Search Westinghouse may refer to: Businesses Current companies *Westinghouse Electric Corporation, the company that manages the Westinghouse brand, with licensees: **Westinghouse Electric Company, providing nuclear power-related services ** Westingho ...

. In 1987 (at the age of 16), he achieved a Top 10 ranking in the

William Lowell Putnam Mathematical Competition The William Lowell Putnam Mathematical Competition, often abbreviated to Putnam Competition, is an annual mathematics competition for undergraduate college students enrolled at institutions of higher learning in the United States and Canada (regard ...

. Bernstein earned a B.A. in mathematics from

New York University New York University (NYU) is a private research university in New York City. Chartered in 1831 by the New York State Legislature, NYU was founded by a group of New Yorkers led by then- Secretary of the Treasury Albert Gallatin. In 1832, ...

(1991) and a Ph.D. in mathematics from the

University of California, Berkeley The University of California, Berkeley (UC Berkeley, Berkeley, Cal, or California) is a public land-grant research university in Berkeley, California. Established in 1868 as the University of California, it is the state's first land-grant u ...

(1995), where he studied under

Hendrik Lenstra Hendrik Willem Lenstra Jr. (born 16 April 1949, Zaandam) is a Dutch mathematician. Biography Lenstra received his doctorate from the University of Amsterdam in 1977 and became a professor there in 1978. In 1987 he was appointed to the faculty o ...

''Bernstein v. United States''

The

export of cryptography from the United States The export of cryptography from the United States to other countries has experienced various levels of restrictions over time. World War II illustrated that code-breaking and cryptography can play an integral part in national security and the a ...

was controlled as a munition starting from the Cold War until recategorization in 1996, with further relaxation in the late 1990s. In 1995, Bernstein brought the court case '' Bernstein v. United States''. The ruling in the case declared that software was protected speech under the

First Amendment First or 1st is the ordinal form of the number one (#1). First or 1st may also refer to: *World record, specifically the first instance of a particular achievement Arts and media Music * 1$T, American rapper, singer-songwriter, DJ, and reco ...

, which contributed to regulatory changes reducing controls on encryption. Bernstein was originally represented by the

Electronic Frontier Foundation The Electronic Frontier Foundation (EFF) is an international non-profit digital rights group based in San Francisco, California. The foundation was formed on 10 July 1990 by John Gilmore, John Perry Barlow and Mitch Kapor to promote Internet ...

. He later represented himself.

Cryptography

Bernstein designed the

Salsa20 Salsa20 and the closely related ChaCha are stream ciphers developed by Daniel J. Bernstein. Salsa20, the original cipher, was designed in 2005, then later submitted to the eSTREAM European Union cryptographic validation process by Bernstein. Ch ...

stream cipher stream cipher is a symmetric key cipher where plaintext digits are combined with a pseudorandom cipher digit stream ( keystream). In a stream cipher, each plaintext digit is encrypted one at a time with the corresponding digit of the keystream ...

in 2005 and submitted it to

eSTREAM eSTREAM is a project to "identify new stream ciphers suitable for widespread adoption", organised by the EU ECRYPT network. It was set up as a result of the failure of all six stream ciphers submitted to the NESSIE project. The call for primi ...

for review and possible standardization. He later published the ChaCha20 variant of Salsa in 2008. In 2005, he proposed the

elliptic curve In mathematics, an elliptic curve is a smooth, projective, algebraic curve of genus one, on which there is a specified point . An elliptic curve is defined over a field and describes points in , the Cartesian product of with itself. If ...

Curve25519 In cryptography, Curve25519 is an elliptic curve used in elliptic-curve cryptography (ECC) offering 128 bits of security (256-bit key size) and designed for use with the elliptic curve Diffie–Hellman (ECDH) key agreement scheme. It is one ...

as a basis for

public-key Public-key cryptography, or asymmetric cryptography, is the field of cryptographic systems that use pairs of related keys. Each key pair consists of a public key and a corresponding private key. Key pairs are generated with cryptographic alg ...

schemes. He worked as the lead researcher on the

Ed25519 In public-key cryptography, Edwards-curve Digital Signature Algorithm (EdDSA) is a digital signature scheme using a variant of Schnorr signature based on twisted Edwards curves. It is designed to be faster than existing digital signature scheme ...

version of

EdDSA In public-key cryptography, Edwards-curve Digital Signature Algorithm (EdDSA) is a digital signature scheme using a variant of Schnorr signature based on twisted Edwards curves. It is designed to be faster than existing digital signature scheme ...

. The algorithms made their way into popular software. For example, since 2014, when

OpenSSH OpenSSH (also known as OpenBSD Secure Shell) is a suite of secure networking utilities based on the Secure Shell (SSH) protocol, which provides a secure channel over an unsecured network in a client–server architecture. Network Working G ...

is compiled without

OpenSSL OpenSSL is a software library for applications that provide secure communications over computer networks against eavesdropping or need to identify the party at the other end. It is widely used by Internet servers, including the majority of HT ...

they power most of its operations, and

OpenBSD OpenBSD is a security-focused operating system, security-focused, free and open-source, Unix-like operating system based on the Berkeley Software Distribution (BSD). Theo de Raadt created OpenBSD in 1995 by fork (software development), forking N ...

package signing is based on Ed25519. Nearly a decade later,

Edward Snowden Edward Joseph Snowden (born June 21, 1983) is an American and naturalized Russian former computer intelligence consultant who leaked highly classified information from the National Security Agency (NSA) in 2013, when he was an employee and s ...

disclosed mass surveillance by the

National Security Agency The National Security Agency (NSA) is a national-level intelligence agency of the United States Department of Defense, under the authority of the Director of National Intelligence (DNI). The NSA is responsible for global monitoring, collectio ...

, and researchers discovered a

backdoor A back door is a door in the rear of a building. Back door may also refer to: Arts and media * Back Door (jazz trio), a British group * Porta dos Fundos (literally “Back Door” in Portuguese) Brazilian comedy YouTube channel. * Works so titl ...

in the Agency's

Dual_EC_DRBG Dual_EC_DRBG (Dual Elliptic Curve Deterministic Random Bit Generator) is an algorithm that was presented as a cryptographically secure pseudorandom number generator (CSPRNG) using methods in elliptic curve cryptography. Despite wide public cri ...

algorithm. These events raised suspicions of the elliptic curve parameters proposed by NSA and standardized by NIST. Many researchers feared that the NSA had chosen curves that gave them a

cryptanalytic Cryptanalysis (from the Greek ''kryptós'', "hidden", and ''analýein'', "to analyze") refers to the process of analyzing information systems in order to understand hidden aspects of the systems. Cryptanalysis is used to breach cryptographic sec ...

advantage.

Google Google LLC () is an American Multinational corporation, multinational technology company focusing on Search Engine, search engine technology, online advertising, cloud computing, software, computer software, quantum computing, e-commerce, ar ...

selected ChaCha20 along with Bernstein's

Poly1305 Poly1305 is a universal hash family designed by Daniel J. Bernstein for use in cryptography. As with any universal hash family, Poly1305 can be used as a one-time message authentication code to authenticate a single message using a key shared b ...

message authentication code In cryptography, a message authentication code (MAC), sometimes known as a ''tag'', is a short piece of information used for authenticating a message. In other words, to confirm that the message came from the stated sender (its authenticity) and ...

for use in TLS, which is widely used for Internet security. Many protocols based on his works have been adopted by various standards organizations and are used in a variety of applications, such as

Apple iOS iOS (formerly iPhone OS) is a mobile operating system created and developed by Apple Inc. exclusively for its hardware. It is the operating system that powers many of the company's mobile devices, including the iPhone; the term also include ...

, the

Linux Linux ( or ) is a family of open-source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically packaged as a Linux distribution, which i ...

kernel,

, and Tor. In spring 2005, Bernstein taught a course on "high speed cryptography." He introduced new attacks against implementations of

AES AES may refer to: Businesses and organizations Companies * AES Corporation, an American electricity company * AES Data, former owner of Daisy Systems Holland * AES Eletropaulo, a former Brazilian electricity company * AES Andes, formerly AES Gener ...

(

cache attack Cache, caching, or caché may refer to: Places United States * Cache, Idaho, an unincorporated community * Cache, Illinois, an unincorporated community * Cache, Oklahoma, a city in Comanche County * Cache, Utah, Cache County, Utah * Cache Coun ...

s) in the same time period. In April 2008, Bernstein's

" was selected as a member of the final portfolio of the

project, part of a

European Union The European Union (EU) is a supranational political and economic union of member states that are located primarily in Europe. The union has a total area of and an estimated total population of about 447million. The EU has often been ...

research directive. In 2011, Bernstein published RFSB, a variant of the

Fast Syndrome Based Hash In cryptography, the fast syndrome-based hash functions (FSB) are a family of cryptographic hash functions introduced in 2003 by Daniel Augot, Matthieu Finiasz, and Nicolas Sendrier. Unlike most other cryptographic hash functions in use today, ...

function. He is one of the editors of the 2009 book ''Post-Quantum Cryptography''.

Software

Starting in the mid-1990s, Bernstein has written a number of security-aware programs, including

qmail qmail is a mail transfer agent (MTA) that runs on Unix. It was written, starting December 1995, by Daniel J. Bernstein as a more secure replacement for the popular Sendmail program. Originally license-free software, qmail's source code ...

ezmlm ezmlm is mailing list management software (MLM) by Daniel J. Bernstein. It is similar to GNU Mailman and Majordomo but only works with the qmail mail transfer agent. It is released into the public domain. The latest version, 0.53, came out i ...

djbdns The djbdns software package is a DNS implementation. It was created by Daniel J. Bernstein in response to his frustrations with repeated security holes in the widely used BIND DNS software. As a challenge, Bernstein offered a $1000 prize for the ...

ucspi-tcp ucspi-tcp is a public domain Unix TCP command-line tool for building TCP client-server applications. It consists of super-server ''tcpserver'' and ''tcpclient'' application. Fro"Life with qmail" Dave Sill, 2 January 200 ''ucspi-tcp'' is an ac ...

, daemontools, and publicfile. Bernstein criticized the leading

DNS The Domain Name System (DNS) is a hierarchical and distributed naming system for computers, services, and other resources in the Internet or other Internet Protocol (IP) networks. It associates various information with domain names assigned to ...

package at the time,

BIND BIND () is a suite of software for interacting with the Domain Name System (DNS). Its most prominent component, named (pronounced ''name-dee'': , short for ''name daemon''), performs both of the main DNS server roles, acting as an authoritative ...

, and wrote djbdns as a DNS package with security as a primary goal. Bernstein offers "security guarantees" for qmail and djbdns in the form of monetary rewards for the identification of flaws. A purported exploit targeting qmail running on 64-bit platforms was published in 2005, but Bernstein believes that the exploit does not fall within the parameters of his qmail security guarantee. In March 2009, Bernstein awarded $1000 to

Matthew Dempsky Matthew may refer to: * Matthew (given name) * Matthew (surname) * ''Matthew'' (ship), the replica of the ship sailed by John Cabot in 1497 * ''Matthew'' (album), a 2000 album by rapper Kool Keith * Matthew (elm cultivar), a cultivar of the C ...

for finding a security flaw in

. In August 2008, Bernstein announced DNSCurve, a proposal to secure the

Domain Name System The Domain Name System (DNS) is a hierarchical and distributed naming system for computers, services, and other resources in the Internet or other Internet Protocol (IP) networks. It associates various information with domain names assigned ...

. DNSCurve applies techniques from

elliptic curve cryptography Elliptic-curve cryptography (ECC) is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. ECC allows smaller keys compared to non-EC cryptography (based on plain Galois fields) to provide e ...

to provide a vast increase in performance over the

RSA RSA may refer to: Organizations Academia and education * Rabbinical Seminary of America, a yeshiva in New York City *Regional Science Association International (formerly the Regional Science Association), a US-based learned society *Renaissance S ...

public-key algorithm used by

DNSSEC The Domain Name System Security Extensions (DNSSEC) are a suite of extension specifications by the Internet Engineering Task Force (IETF) for securing data exchanged in the Domain Name System (DNS) in Internet Protocol (IP) networks. The protoco ...

. It uses the existing DNS hierarchy to propagate trust by embedding public keys into specially formatted, backward-compatible DNS records. Bernstein proposed Internet Mail 2000, an alternative system for electronic mail, intended to replace the

Simple Mail Transfer Protocol The Simple Mail Transfer Protocol (SMTP) is an Internet standard communication protocol for electronic mail transmission. Mail servers and other message transfer agents use SMTP to send and receive mail messages. User-level email clients typic ...

(SMTP), the

Post Office Protocol In computing, the Post Office Protocol (POP) is an application-layer Internet standard protocol used by e-mail clients to retrieve e-mail from a mail server. POP version 3 (POP3) is the version in common use, and along with IMAP the most comm ...

(POP3) and the

Internet Message Access Protocol In computing, the Internet Message Access Protocol (IMAP) is an Internet standard protocol used by email clients to retrieve email messages from a mail server over a TCP/IP connection. IMAP is defined by . IMAP was designed with the goal ...

(IMAP). Bernstein is also known for his string hashing function ''djb2'' and the cdb database library.

Mathematics

Bernstein has published a number of papers on mathematics and

computation Computation is any type of arithmetic or non-arithmetic calculation that follows a well-defined model (e.g., an algorithm). Mechanical or electronic devices (or, historically, people) that perform computations are known as '' computers''. An esp ...

. Many of his papers deal with

algorithm In mathematics and computer science, an algorithm () is a finite sequence of rigorous instructions, typically used to solve a class of specific problems or to perform a computation. Algorithms are used as specifications for performing ...

s or implementations. In 2001, Bernstein circulated "Circuits for integer factorization: a proposal," which suggested that, if physical hardware implementations could be brought close to their theoretical efficiency, the then-popular estimates of adequate security parameters might be off by a factor of three. Since 512-bit

was breakable at the time, so might be 1536-bit RSA. Bernstein was careful not to make any actual predictions, and emphasized the importance of correctly interpreting

asymptotic In analytic geometry, an asymptote () of a curve is a line such that the distance between the curve and the line approaches zero as one or both of the ''x'' or ''y'' coordinates tends to infinity. In projective geometry and related contexts, ...

expressions. Several prominent researchers (among them

Arjen Lenstra Arjen Klaas Lenstra (born 2 March 1956, in Groningen) is a Dutch mathematician, cryptographer and computational number theorist. He is currently a professor at the École Polytechnique Fédérale de Lausanne (EPFL) where he heads of the Laboratory ...

Adi Shamir Adi Shamir ( he, עדי שמיר; born July 6, 1952) is an Israeli cryptographer. He is a co-inventor of the Rivest–Shamir–Adleman (RSA) algorithm (along with Ron Rivest and Len Adleman), a co-inventor of the Feige–Fiat–Shamir identifica ...

, Jim Tomlinson, and Eran Tromer) disagreed strongly with Bernstein's conclusions. Bernstein has received funding to investigate whether this potential can be realized. Bernstein is also the author of the mathematical

libraries A library is a collection of materials, books or media that are accessible for use and not just for display purposes. A library provides physical (hard copies) or digital access (soft copies) materials, and may be a physical location or a vir ...

DJBFFT, a fast portable

FFT A fast Fourier transform (FFT) is an algorithm that computes the discrete Fourier transform (DFT) of a sequence, or its inverse (IDFT). Fourier analysis converts a signal from its original domain (often time or space) to a representation in th ...

library, and primegen, an asymptotically fast small prime

sieve A sieve, fine mesh strainer, or sift, is a device for separation process, separating wanted elements from unwanted material or for controlling the particle size distribution of a sample, using a screen such as a warp and weft, woven mesh or n ...

with low memory footprint based on the sieve of Atkin (rather than the more usual

sieve of Eratosthenes In mathematics, the sieve of Eratosthenes is an ancient algorithm for finding all prime numbers up to any given limit. It does so by iteratively marking as composite (i.e., not prime) the multiples of each prime, starting with the first prime ...

). Both have been used effectively in the search for large

prime number A prime number (or a prime) is a natural number greater than 1 that is not a product of two smaller natural numbers. A natural number greater than 1 that is not prime is called a composite number. For example, 5 is prime because the only way ...

s. In 2007, Bernstein proposed the use of a (twisted) Edwards curve,

, as a basis for

; it is employed in Ed25519 implementation of

. In February 2015, Bernstein and others published a paper on stateless post-quantum hash-based signatures, called SPHINCS. In April 2017, Bernstein and others published a paper on Post-Quantum RSA that includes an integer factorization algorithm claimed to be "often much faster than Shor's".https://cr.yp.to/papers/pqrsa-20170419.pdf

Teaching

In 2004, Bernstein taught a course on computer software security where he assigned each student to find ten vulnerabilities in published software. The 25 students discovered 44 vulnerabilities, and the class published security advisories about the issues.

References

External links

*
DJBFFTDaniel Bernstein on the Faculty Page at UICFaculty page at Eindhoven University of Technology
* {{DEFAULTSORT:Bernstein, Daniel J. 1971 births Courant Institute of Mathematical Sciences alumni Living people Modern cryptographers American computer programmers American people of German-Jewish descent 20th-century American mathematicians 21st-century American mathematicians UC Berkeley College of Letters and Science alumni Computer security academics University of Illinois Chicago faculty Computer science educators Eindhoven University of Technology faculty Open content activists People from East Patchogue, New York