Q&A: The Pioneers of Web Cryptography on the Future of Authentication

Martin Hellman, Taher Elgamal, and Tom Jermoluk were instrumental in shaping how the Internet works. Now they're looking at what’s next for web security

6 min read
Illustration of Tom Jermoluk, Martin Hellman, and Taher Elgamal
Tom Jermoluk (left), Martin Hellman (middle) and Taher Elgamal
Illustration: Jacob Thomas

Martin Hellman is one of the inventors of public-key cryptography. His work on public key distribution with Whitfield Diffie is now known as the Diffie–Hellman key exchange. The method, which allows two parties that have no prior knowledge of each other to establish a shared secret key, is the basis for many of the security protocols in use today.

Taher Elgamal, who was once Hellman’s student at Stanford, is known as the “father of SSL” for developing the Secure Sockets Layer protocol used to secure transactions over the Internet. His 1985 paper "A Public key Cryptosystem and A Signature Scheme based on discrete Logarithms” outlined the ideas that made secure ecommerce possible. Elgamal shared the 2019 Marconi Prize with Paul Kocher for the development.

Tom “TJ” Jermoluk a former Bell Labs engineer, is now the CEO of Beyond Identity, a new identity management platform. Beyond Identity “stands on the shoulders of giants,” Jermoluk says, referring in part to the work of Hellman and Elgamal, as its platform brings together public-key cryptography and X509 certificates to solve the authentication problem—that is, how to determine whether someone is who they say they are on the Internet.

Elgamal, Hellman, and Jermoluk talked about how recent advances in technology made it possible to change how we handle authentication, and what the future would look like.

Spectrum: Let’s look at where we began. The Internet was wide open. Security wasn’t part of the conversation then.

Elgamal: In the early days of the Internet, the goal was to encourage researchers to cooperate and collaborate, rather than conduct transactions. The idea of using the Internet to conduct business was only brought to light in the mid-1990s. There really was no reason to worry about security in the early days.

Hellman: When I spoke with Vint Cerf about why they didn’t include more security in the Internet when he and Bob Kahn were developing it at ARPA (the Advanced Research Projects Agency), he said, “Well, first of all, we weren’t thinking in terms of electronic commerce. We were thinking of connecting researchers at universities.” Secondly, he said, “if we put in security, I don’t know that the Internet would have taken off the way it did.” It was the Wild West. Because there was nobody controlling the security, you didn’t have to get a certificate to do things. People could just set up websites. So he may be right that it may have been a plus that there wasn’t security, but now we have a big problem as a result of it.

Spectrum:Your work is significant because it made securing the Internet possible.

Hellman: In 1976 [when IEEE Transactions on Information Theory published the paper New Directions in Cryptography], most of cryptography’s use was within the military, and their chain of command limited the number of connections. But now you have roughly n-squared-over-two, where n is the number of users and we have n in the billions right now. It’s just huge. How do you exchange keys securely for that many people and devices? That’s the privacy side of public-key cryptography. For the authentication side, we originally thought in terms of signing contracts. My written signature on a check is the same whether it's a $1,000 check or a $10,000 check. Someone could easily lift it off and put it on a new check that has a new value. Whereas the digital signature depends on, not only my secret key, but it's verified by my public key (which we proved you can give out), and it is also message dependent.

Elgamal: The specifications we wrote for SSL were to provide privacy, authentication and integrity to Internet traffic. We knew that the original Internet did not provide for such features.

Spectrum:You created something that could be used for purposes that you didn't even realize it will be used for.

Hellman: People often ask me how I came up with this idea. I joke that there's a muse of cryptography who is whispering in our ears. When Whit and I were working at Stanford, Ralph Merkle, working at Berkeley, came up with the privacy part of public key about the same time. So I sometimes joke that there's a muse of cryptography who goes around whispering in people's ears, but almost nobody pays attention because she sounds so crazy. When I first tried describing public key cryptography before we had a system that worked, most people told me you can't do that. That muse was busy a lot of years. And Ralph, Whit, and I, and then Rivest, Shamir, Adleman, and others started paying attention.

Jermoluk: I think he's underplaying it. How many things could you think of in technology that 40 plus years later are still being used in essentially exactly the same form as it was created? It’s not some niche thing that nobody has touched. It’s the heart of the entire way the Internet works. That's pretty cool.

Spectrum: It also opened up new areas of security as people tried to figure out how to protect the Internet.

Elgamal: Connecting everything in the world made it very clear that many other security controls are needed. Using firewalls, intrusion detection and prevention, anti-virus and malware as well as many other operational technologies proved to be necessary to provide overall security. User authentication turns out to be one of the most important areas that everyone started working on from the beginning, without paying attention to the growth of the number of passwords or credentials users utilize to get access to the services they request. Today, passwords are the number one reason for all the breaches and exploits we suffer from.

Spectrum: Beyond Identity doesn’t use passwords. Instead, it stores the security key on the user’s device and makes the individual their own certificate authority.  Certificates and key sharing have been around for a long time. What was the missing piece that had to happen to make this approach possible?

Hellman: These devices, like these smartphones, now have secure enclaves [a separate, isolated coprocessor to store sensitive data such as biometrics and keys]. I've been saying for 40 years that we need to have memories that are protected. Why should somebody be able to read my secret key, or to know it? The secret key should be accessible to a crypto-processor, but not to someone to read out. They're accessible to the OS and to applications that need to sign things, but not to someone trying to steal your secret key.

Jermoluk: We needed the hardware to develop to have the secure enclave capabilities to hold the private key. And that's really only come about in the last, let's say, three or four years in a widely available manner. It's been available before that in military applications, but not in a widely available manner.

Elgamal: Also, I would add that we didn’t take into consideration at the time that users can manage their own certificates securely. From the beginning, SSL used digital certificates to identify entities involved in conducting commerce over the network. The use of a digital certificate to identify the server was mandatory, but was kept optional on the client side, mainly because of the lack of tooling available at the time to provide these certificates and keep the corresponding private keys secure.

Jermoluk: We figured out how to make a personal certificate authority on your own computer, your phone, or your iPad, and to create your own certificates. Because we have a private key embedded in every device that you own, we can assert that you own that device and that you have possession of that device at the time that you're trying to do whatever it is you're trying to do (such as logging into Salesforce or a banking app).  It was a necessary step in the evolution of technology to have that capability in order for us to implement this scheme.

Spectrum:Where do we go next? What is authentication going to look like in 10 years?

Jermoluk: Full sovereign identity. You should be in charge of your own identity. It is yours after all. Identity ought to have different layers, depending on whether you're presenting it to your business, website, or government. You determine what you show of your identity. A commercial website may not ask for a lot of identifying information, but the government may want a much fuller view. You should be able to be in complete control of your own identity and how you present it, instead of letting Facebook be in charge of your identity and knowing who your friends are and what apps you visit, what things you buy. Why should they be charged for that or make money off it? It's going to flip the entire Internet and the ad-supported model and Google and Facebook's models on their heads.

It's not something I'm doing today, but I think that's where all this technology ultimately goes: that it gives the individual back the control of their identity and their actions.

The Conversation (0)