Daniel J. Bernstein

Encyclopedia : D : DA : DAN : Daniel J. Bernstein

The [Neutral point of view>neutrality] of this article is [NPOV disputedisputed]. Please see the discussion on the [October 29, 1971) is a professor at the University of Illinois at Chicago, a mathematician, a cryptologist, and a programmer. Bernstein is the author of the computer software qmail and djbdns. Bernstein brought the court case Bernstein v. United States. As a result of the ruling in that case, software was declared protected speech under the First Amendment and national restrictions on encryption software were overturned. Bernstein was originally represented by the EFF. During later phases of the suit, Bernstein represented himself in court despite having no formal training as a lawyer. Bernstein has also proposed Internet Mail 2000, an alternative system for electronic mail, intended to replace SMTP, POP3 and IMAP. Bernstein is a controversial figure. On Usenet and his website, he has criticized those whose views differ from his own. Notable Bernstein controversies have involved Wietse Venema and Paul Vixie regarding software and security; Matteo Frigo, author of FFTW, regarding FFT implementation and benchmarking; and Bruce Schneier and Arjen Lenstra regarding computational cost. Contents 1 Software security 2 Software licensing 3 Mathematics 4 References 5 See also 6 Further reading 7 External links Software security In the autumn of 2004, Bernstein began teaching one of the first formal university-level courses about computer software security, titled "UNIX Security Holes". The 16 members of the class discovered 91 new UNIX security holes. Bernstein, long a promoter of the idea that full disclosure is the best method to promote software security and founder of the [securesoftware mailing list], publicly announced 44 of them with sample exploit code. This received some press attention and rekindled a debate over full disclosure. Bernstein offers a reward of US$500 for verifiable security holes qmail and djbdns. As of 2006, these rewards still stand, although there is some controversy over the exploitability of a set of qmail bugs found by Georgi Guninski. Bernstein himself denies that Guninski's claim meets his qualifications. Bernstein believes it is possible to write secure software if the programmer is sufficiently dedicated. Thus believing that the widespread prevalence of security holes results from programmer laziness and incompetence, Bernstein argues: Immediate full disclosure, with a working exploit punishes the programmer for his bad code. He panics; he has to rush to fix the problem; he loses users. You're whining that punishment is painful. You're ignoring the effect that punishment has on future behavior. It encourages programmers to invest the time and effort necessary to eliminate security problems. Bernstein has recently explained that he is pursuing a strategy to "produce invulnerable computer systems". Bernstein plans to achieve this by putting the vast majority of computer software into an "extreme sandbox" that prevents it from doing anything besides transforming input into output and by writing bugfree replacements (like qmail and djbdns) for the remaining components that need additional privileges. He concludes: "I won’t be satisfied until I've put the entire security industry out of work." As of Spring 2005, Bernstein was teaching a course on "High Speed Cryptography". Bernstein demonstrated new results against AES in the same time period. Software licensing Source code written by Bernstein was used in the OpenBSD project for a period of time leading up to an unrelated systematic licence audit of the OpenBSD ports and source trees in June 2001.NewsForge. [OpenBSD and ipfilter still fighting over license disagreement], June 06, 2001. Visited November 23, 2005. Code in more than a hundred files throughout the system was found to be unlicensed, ambiguously licensed or in use against the terms of the licence. Among other contributions, all software produced by Daniel J. Bernstein was removed from the OpenBSD ports tree. At the time, Bernstein requested that all modified versions of his code be approved by him prior to redistribution, a requirement to which OpenBSD developers were willing to devote neither time nor effort.de Raadt, Theo. Mail to openbsd-misc: [Re: Why were all DJB's ports removed? No more qmail?], August 24, 2001. Visited December 9, 2005. A related clash was Bernstein's design that his software be installed in locations that were not consistent with OpenBSD (or indeed, any Unix system). While the install locations were internally logical and were the result of Bernstein's analysis that the Unix file tree had grown by accident rather than design and needed a cleanup, the OpenBSD team preferred to install his software alongside other packages rather than set up a separate directory tree for him. Bernstein's license did not allow for this type of modification and Bernstein was unwilling to change the license. The removal led to a clash with Bernstein, who felt it to be uncalled for, citing the Netscape web browser as much less free and accused developers of hypocrisy for permitting it to remain while removing his software.Bernstein, DJ. Mail to openbsd-misc: [Re: Why were all DJB's ports removed? No more qmail?], August 27, 2001. Visited December 9, 2005. The OpenBSD project's stance was that Netscape, although not open source, had licence conditions that were much easier to meet;Espie, Marc. Mail to openbsd-misc: [Re: Why were all DJB's ports removed? No more qmail?], August 28, 2001. Visited December 9, 2005. they asserted that Bernstein's demand for control of derivatives would lead to a great deal of additional work and that removal was the most appropriate way to comply with his requirements. As of November 2005, after the release of OpenBSD 3.8, Daniel J. Bernstein's software was still absent from the ports tree. Mathematics Bernstein is a prolific publisher of papers in mathematics and computation. Many of his papers introduce advances in the state of the art for algorithms or implementations. However, he's also a meticulous chronicler of previous advances, for instance his brief but encyclopaedic "Multidigit multiplication for mathematicians". In 2001 Bernstein published "Circuits for integer factorization: a proposal," which caused a stir as it potentially suggested that if physical hardware implementations could be close to their theoretical efficiency, then perhaps current views about how large numbers have to be before they are impractical to factor might be off by a factor of three. Thus as 512-digit RSA was then breakable, then perhaps 1536-bit RSA would be too. Bernstein was careful not to make any actual predictions, and emphasised the importance of correctly interpreting asymptotic expressions. However several other important names in the field, Arjen Lenstra, Adi Shamir, Jim Tomlinson, and Eran Tromer disagreed strongly with Bernstein's conclusions. Bernstein has received funding to investigate whether this potential can be realized. Bernstein is also the author of the mathematical libraries DJBFFT, a fast portable FFT library, and of primegen, an asymptotically fast small prime sieve with low memory footprint based on the sieve of Atkin rather than the more usual sieve of Eratosthenes. Both have been used effectively to aid the search for large prime numbers. References See also Chain loading (which is sometimes known as Bernstein chaining, due to Bernstein's extensive use of this technique) Further reading External links [Official website] [The DJB Way] [DJBFFT]   From Wikipedia, the Free Encyclopedia. Original article here. Support Wikipedia by contributing or donating. All text is available under the terms of the GNU Free Documentation License See Wikipedia Copyrights for details. Search Titles 0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z ? E-mail this article to: Personal Message: