Matthew Daniel Green (born 1976) is an American cryptographer and security technologist. Green is an Associate Professor of Computer Science at the Johns Hopkins Information Security Institute. He specializes in applied cryptography, privacy-enhanced information storage systems, anonymous cryptocurrencies, elliptic curve crypto-systems, and satellite television piracy. He is a member of the teams that developed the Zerocoin anonymous cryptocurrency[1] and Zerocash.[2] He has also been influential in the development of the Zcash system. He has been involved in the groups that exposed vulnerabilities in RSA BSAFE,[3] Speedpass and E-ZPass.[4] Green lives in Baltimore, MD with his wife, Melissa, 2 children and 2 miniature dachshunds.

Matthew Daniel Green
Matthew Green
Born
Hanover, New Hampshire, United States
CitizenshipAmerican
Alma materJohns Hopkins University
Oberlin College
Known forZerocoin, Zerocash, TrueCrypt Audit, Sealance
Scientific career
FieldsComputer Science
Cryptography
InstitutionsJohns Hopkins University

Education

edit

Green received a B.S. from Oberlin College (Computer Science), a B.M. from Oberlin College (Electronic Music), a Master's from Johns Hopkins University (Computer Science), and a PhD from Johns Hopkins University (Computer Science). His dissertation was titled "Cryptography for Secure and Private Databases: Enabling Practical Data Access without Compromising Privacy".

Blog

edit

Green is the author of the blog, "A Few Thoughts on Cryptographic Engineering". In September 2013, a blog post by Green summarizing and speculating on NSA's programs to weaken cryptography, titled "On the NSA", was controversially taken down by Green's academic dean at Johns Hopkins for "contain[ing] a link or links to classified material and also [using] the NSA logo".[5] As Ars Technica notes, this was "a strange request on its face", as this use of the NSA logo by Green was not "reasonably calculated to convey the impression that such use is approved, endorsed, or authorized by the National Security Agency", and linking classified information published by news organizations is legally entirely uncontroversial. The university later apologized to Green, and the blog post was restored (sans NSA logo), with a Johns Hopkins spokesman saying that "I'm not saying that there was a great deal of legal analysis done" as explanation for the legally unmotivated takedown.[6]

In addition to general blog posts about NSA, encryption, and security, Green's blog entries on NSA's backdoor in Dual_EC_DRBG, and RSA Security's usage of the backdoored cryptographically secure pseudorandom number generator (CSPRNG), have been widely cited in the mainstream news media.[7][8][9][10][11]

Work

edit

Green currently holds the position of Associate Professor at the Johns Hopkins Information Security Institute. He teaches courses pertaining to practical cryptography.

Green is part of the group which developed Zerocoin, an anonymous cryptocurrency protocol.[12][13][14][15][16] Zerocoin is a proposed extension to the Bitcoin protocol that would add anonymity to Bitcoin transactions. Zerocoin provides anonymity by the introduction of a separate zerocoin cryptocurrency that is stored in the Bitcoin block chain. Though originally proposed for use with the Bitcoin network, zerocoin could be integrated into any cryptocurrency. His research team has exposed flaws in more than one third of SSL/TLS encrypted web sites as well as vulnerabilities in encryption technologies, including RSA BSAFE, Exxon/Mobil Speedpass, E-ZPass, and automotive security systems. In 2015, Green was a member of the research team that identified the Logjam vulnerability in the TLS protocol.

Green started his career in 1999 at AT&T Laboratories in Florham Park, New Jersey. At AT&T Labs he worked on a variety of projects including audio coding/secure content distribution, streaming video and wireless localization services. As a graduate student he co-founded Independent Security Evaluators (ISE) with two fellow students and Avi Rubin in 2005. Green served as CTO of ISE until his departure in 2011. He also co-founded Security Companies: Zeutro and Sealance.

Green is a member of the technical advisory board for the Linux Foundation Core Infrastructure Initiative, formed to address critical Internet security concerns in the wake of the Heartbleed security bug disclosed in April 2014 in the OpenSSL cryptography library. He sits on the technical advisory boards for CipherCloud, Overnest and Mozilla Cybersecurity Delphi. Green co-founded and serves on the Board for Directors of the Open Crypto Audit Project (OCAP), which undertook a security audit of the TrueCrypt software.[17][18]

References

edit
  1. ^ Miers, I.; Garman, C.; Green, M.; Rubin, A. D. (May 2013). "Zerocoin: Anonymous Distributed E-Cash from Bitcoin". 2013 IEEE Symposium on Security and Privacy (PDF). IEEE Computer Society Conference Publishing Services. pp. 397–411. doi:10.1109/SP.2013.34. ISBN 978-0-7695-4977-4. ISSN 1081-6011. S2CID 9194314.
  2. ^ "Zerocash: Decentralized Anonymous Payments from Bitcoin" (PDF). Zerocash-project.org. Retrieved 2016-05-13.
  3. ^ "On the Practical Exploitability of Dual EC in TLS Implementations" (PDF). Dualec.org. Retrieved 2016-05-13.
  4. ^ Schwartz, John (29 January 2005). "Graduate Cryptographers Unlock Code of 'Thiefproof' Car Key". The New York Times. Retrieved 2016-05-13.
  5. ^ Nate Anderson (2013-09-09). "Crypto prof asked to remove NSA-related blog post". Ars Technica. Retrieved 2016-05-13.
  6. ^ Nate Anderson (2013-09-10). "University apologizes for censoring crypto prof over anti-NSA post". Ars Technica. Retrieved 2016-05-13.
  7. ^ Fink, Erica (2013-06-07). "Prism: What the NSA could know about you - Video - Technology". Money.cnn.com. Retrieved 2016-05-13.
  8. ^ Perlroth, Nicole; Larson, Jeff; Shane, Scott (5 September 2013). ".S.A. Able to Foil Basic Safeguards of Privacy on Web". The New York Times. Retrieved 2016-05-13.
  9. ^ "How the N.S.A. Cracked the Web". The New Yorker. 2013-09-06. Retrieved 2016-05-13.
  10. ^ "Behind iPhone's Critical Security Bug, a Single Bad 'Goto'". WIRED. 2014-02-22. Retrieved 2016-05-13.
  11. ^ Joshua Brustein (2014-04-09). "Why Heartbleed, the Latest Cybersecurity Scare, Matters - Bloomberg". Businessweek.com. Archived from the original on April 9, 2014. Retrieved 2016-05-13.
  12. ^ "Hopkins researchers are creating an alternative to Bitcoin - tribunedigital-baltimoresun". Articles.baltimoresun.com. 2014-02-01. Retrieved 2016-05-13.
  13. ^ "Bitcoin Anonymity Upgrade Zerocoin To Become An Independent Cryptocurrency". Forbes.com. Retrieved 2016-05-13.
  14. ^ "Researchers Work to Add More Anonymity to Bitcoin". The New York Times. 19 November 2013. Retrieved 2016-05-13.
  15. ^ Peck, Morgen E. (2013-10-24). "Who's Who in Bitcoin: Zerocoin Hero Matthew Green - IEEE Spectrum". IEEE. Retrieved 2016-05-13.
  16. ^ "'Zerocoin' Add-on For Bitcoin Could Make It Truly Anonymous And Untraceable". Forbes.com. Retrieved 2016-05-13.
  17. ^ "Technical Advisory Board". Open Crypto Audit Project. Retrieved 30 May 2014.
  18. ^ White, Kenneth; Green, Matthew. "Is TrueCrypt Audited Yet?". Istruecryptaudiedyet.com. Retrieved 30 May 2014.
edit