March 4, 2011
Encryption leads Stanford's Martin Hellman into National Inventors Hall of Fame
In the 1970s, Stanford engineering Professor Martin Hellman followed his muse and it led him and two Stanford colleagues to invent modern data encryption.
By Andrew Myers
"I was willing to risk appearing foolish and was lucky enough to end up being one of the inventors of public-key cryptography," said Martin Hellman, professor emeritus of electrical engineering. (Photo by L.A. Cicero)
Imagine you and your banker are riding in a crowded train. You and he discuss your complete financial history, warts and all. You trade passwords, as well as credit card, investment portfolio and Social Security numbers freely, and transfer funds as if you were behind closed doors.
Oddly, no one on the train leans in, no one snickers, and no one even raises an eyebrow. That is because they cannot make out what you are saying. You and your banker are speaking a language that the two of you have created on the spot, that no one has heard before and that only the two of you can understand. Your discussion is encrypted.
People across the globe enjoy Internet-based communications like this every day without fear of theft or revelation, thanks to an invention created at Stanford in the 1970s. This week, the National Inventors Hall of Fame announced it will induct the trio of researchers who created it – Whitfield Diffie, Martin Hellman and Ralph Merkle.
The invention, known as "public-key cryptography," allows any two computers to agree on a secret language with which to share private messages via an insecure channel – the Internet, in particular.
Public-key cryptography allows people across the world to share valuable personal data without a second thought. When you shop online, when you check your bank statement, when you file your taxes online, public-key cryptography is protecting your information. One industry insider estimates that 10 billion devices are using public-key cryptography.
With induction into the National Inventors Hall of Fame, the Stanford troika has earned a place beside names such as Edison and Nobel, Wright and Whitney, McCormick and Marconi, Fermi and Ford – inventors of the things that have reshaped history and how we live.
Joining such a hallowed group is not easy, but for Diffie, Hellman and Merkle it was harder than it should have been. The three risked large fines, long jail sentences and their careers to get their invention before the public, in defiance of the National Security Agency (NSA), the federal electronic eavesdropping organization.
Elegant and complex
Like so much in mathematics, public-key cryptography is both beautifully elegant and profoundly complex.
To get an idea of how it works, first imagine physically exchanging letters by putting them in a strongbox:
Alice wants to communicate with Bob, her banker. She types out her message, puts it in a strongbox and locks it with a lock to which she alone knows the combination.
Alice sends the locked box, through Eve, to Bob. Eve would love to read the message, but she can't because she doesn't know Alice's combination. When Bob gets the box, he can't open it either – it is locked with Alice's lock. So, Bob adds a second lock – this one with a combination that only he knows – and sends it back through Eve to Alice.
Alice then removes her lock, leaving Bob's lock to protect the box, and passes the box through Eve back to Bob. When the box arrives back with Bob it is still locked, but with a lock to which he alone knows the combination. Bob simply removes his own lock and reads the message. Eve is left high and dry.
"With Internet transactions, the trick is to find mathematical – as opposed to physical – systems where legitimate encryption and decryption of a message take just a split second," said Hellman, professor emeritus of electrical engineering. "But an unauthorized person cracking the code and reading the message would take millions of years. The numbers chosen by Alice and Bob are really just combinations to mathematical locks on their data."
The wisdom of fools
Asked why he chose cryptography all those years ago, Hellman said, "When I got into cryptography no one was doing it. In fact, most of my colleagues thought I was crazy for two reasons: First, they said, you'll never discover anything new because NSA has a huge budget and if it could be done NSA would already have done it; second, if you do anything good, NSA will classify it and you'll never get credit."
What made Hellman press on? He called it the muse of fools. "The muse whispers, but only a few very foolish people listen, so she has to be somewhat promiscuous. I listen more than most, I suppose," said Hellman. "I was willing to risk appearing foolish and was lucky enough to end up being one of the inventors of public-key cryptography."
Even back then, when the only electronic funds transfers were bank-to-bank transactions, Hellman envisioned the day when most personal financial transactions would be conducted electronically and foresaw that data encryption would become a huge issue.
Good guys, bad guys
Just about the time that the Stanford team was ready to unleash its masterpiece, a furor arose. The controversy in public-key cryptography lies not in how the team discovered it or in who gets credit, but in its application. While public-key cryptography helps good guys share information privately, it also helps the bad guys – mobsters, terrorists and foreign adversaries – to protect their messages from law enforcement and national intelligence.
Enter the National Security Agency.
As the nation's foremost cryptological organization, the NSA is in the business both of encrypting – trying to keep our national secrets secret – and of breaking into the messages of the other guys. Learning that a team at Stanford had invented a simple, inexpensive and virtually uncrackable system to encrypt computer messages did not sit well with Fort Meade, home of the NSA.
In 1977, at a conference at Cornell University, things came to a head. Merkle and another graduate student, Stephen Pohlig, were lead authors on two papers written with Hellman describing encryption systems. Hellman would normally have deferred to his younger colleagues to present the findings, allowing them to bask in the glow of their breakthrough work.
With the NSA bearing down, threatening large fines and a decade behind bars, it was decision time.
"John Schwartz, Stanford's general counsel, said that, if I was prosecuted, he would exhaust every legal avenue to defend me, but warned that, if I was found guilty, he couldn't go to jail for me or pay my fine," Hellman said.
Fearing career harm for the students, Schwartz also recommended that Hellman present the papers instead of the students. Hellman, a tenured professor, was secure in his job and could better withstand a multi-year court case if it came to that. So, breaking with a personal tradition of having his students present joint work, Hellman did the presentation as the students stood silently, but approvingly, next to him. They got the glow; Hellman would take any heat.
The rest is history. NSA eventually relented. The authors got the credit they deserved. The Internet is safer and more secure for their work. And, in May, the names Diffie, Hellman and Merkle will take their rightful place beside the others in the National Inventors Hall of Fame in Alexandria, Va., thanks to an invention that almost never was.
Andrew Myers is associate director of communications at the School of Engineering.