Create a gist now

Instantly share code, notes, and snippets.

@silky /djb-talk.md Secret
Last active Aug 29, 2015

What would you like to do?
  1. So the person I've picked as my hero is a programmer, and infact also a mathematician, and cryptographer. His name is Daniel J. Bernstein, but he's better known on the Internet as simply "djb". Infact, djb is, as far as I know, still alive - so "Hello!", if you're listening to this.

  2. I chose djb for I think the standard reasons one picks a hero - I like some of the properties that it appears to me he posses, and also I like what I claim to be his attitude towards life.

  3. I claim his values are: Openness, correctness, and arrogance. Arrogance here meaning that he values correctness over politeness. I've since realised that this is only a viable approach to life if you are always right, and even then it's probably not the best way to go about things.

  4. Infact, what makes djb particularly famous, is that he sued the American government, and essentially won.

  5. But first a bit of background. Djb was born in 1971.

  6. When he was 16, he gave a talk at the Ramanujan Centenery Conference on 'New fast algorithms for PI and E'. These are numbers that computer scientists like to calculate - and if you're wondering, when you round them to the nearest integer, they are both "3".

  7. He obtained a bachelors degree in Mathematics from New York university, and went on to complete a PhD at Berkeley in 1995.

  8. But his life became particularly interesting around 1992, while undertaking his PhD he wrote some cryptographic software, called snuffle. It turns out that at the time, such software was considered a military weapon, and was on the 'munitions' list, alongside other obviously dangerous items: scuba equipment and the fax machine. It's clear that an adversary posessing such technology would be formidable indeed ... Being on the munitions list meant he needed goverment approval before "exporting" it.

  9. The current list is still a bit odd There are some fascinating things on there. "Directed Energy Weapons', 'Nuclear Power Plants', and also 'Containers' (military tupperware).

  10. In an ambitious move, djb actually first tried following the protocol laid out by the government - the export laws at the time suggested that in order to publish his paper outside the US, and also to publish the source code for his software, he should seek permission. In 1992 he began this process with a letter to US Department of State.

  11. Within a few months, he received a rejection. Further letters continued for the next year. It culminated in 1993 when the government sent him a book detailing how to register as an arms trader.

  12. Being a diligent student, and having received a sufficient number of rejections, and having a PhD to finish, djb took no further action until 1995, when he had finished his PhD and was a graduate student at Berkeley.

  13. It was then, through the Electronic Frontier Foundation, that he decided to sue the government. The claim being that the cryptography export laws were unconstitutional - against 'free speech'.

  14. This was a very important case. If they lost, it could be that all cryptographic research coming out of America would be filtered. We may never have heard about probably the most widely use cryptographic system - RSA - that powers secure communication on the internet today.

  15. A laywer, Cindy Cohn, was hired, and in 1996, they were victorious. (Three years, and many documents later.)

  16. The judge agreed that it was wrong for the government to restrict djb from freely sharing his ideas with the world and other researchers.

  17. It turns out that the government infact didn't care about the Judges ruling, as President Clinton just moved the regulations to a different department essentially unchanged. This forced the EFF to renew it's case, and again they were successful, djb saying at the time

"This is wonderful news," "I hope I can get some of my ideas published before they change the law again."

  1. Unfortunately, the government didn't let up, and the battle continued for so long that djb eventually decided to become his own laywer. He managed to hassle the government sufficiently so that they finally agreed to just not enforce the law, basically saying that it would be annoying to hear from researchers.

  2. In the end, DJB was told to come back if the government actually presented a threat.

  3. I wanted to say now that everything is fixed in cryptographic export laws, but the current state of the laws is actually a bit odd. There's now an agreement between many countries (Australia and the US included) called the 'Wasenaar Arrangement', which has a relaxed attitude towards distributing source code, but the government still needs to be informed, and the restrictions on other types of cryptographic export aren't clear.

  4. So this brings us to early 2000's. Around this time djb started doing some very fine programming work; promoting the idea that it is possible to write perfectly secure software just by doing everything correctly.

  5. This is in direct disagreement with the still very popular idea that it is "too hard" to write perfect software, and we should simply deal with it. Djb disagrees with that, and suggests instead that one should write small programs, that do only one thing, and they should do these things correctly.

  6. This type of attitude is coming back in to fashion in the programming field, along with his other idea that writing bad code should simply be made to be 'hard' instead of 'easy'.

  7. He demonstrated this by writing very secure software with remarkably few bugs. Aaron Schwartz, famous internet activist and campaigner for openness has said about djb:

I think it’s time to remind people that [djb] is the greatest programmer in the history of the world.

Schwartz was commenting on the number of bugs found in his software (2, one in each of two programs) and also the subjective beauty of the code that he had written.

  1. Indeed, djb has even inspired a movement in software called "the djb way"; a quote from the website

By working with the full collection of djb software, and some careful attention, we think a server may truly approach "perfection".

  1. More recently djb has become interested in post-quantum cryptography; the type that will survive the invention of quantum computers.

  2. His dream appears to be a world in which people can communicate privately without being hassled by the government, and one in which he can happily engage in research and talk to his friends and colleagues about his work. Seems like a pretty reasonable dream to me.

pjt33 commented Jul 9, 2014

Point 14 is incorrect. The export of papers wasn't restricted, so the CACM edition which described RSA could leave the country; and (bizarrely), even printed source code could be exported.

Owner

silky commented Jul 14, 2014

argh! i wish github had informed me about this comment.

-- edit: i'll note that that point was probably not a good one to include. i wanted to make the stuff relevant by talking about a thing people have some chance of knowing about; i wasn't really trying to say that djb's actions are directly responsible for making RSA available - just that it's the kind of thing the case was about. but maybe that's not even completely true.

Owner

silky commented Jul 26, 2014

relevant website for anyone interested - www.cryptolaw.org/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment