Eli Biham
Encyclopedia
Eli Biham is an Israel
i cryptographer and cryptanalyst
, currently a professor at the Technion Israeli Institute of Technology Computer Science department. Starting from October 2008, Biham is the dean of the Technion Computer Science department, after serving for two years as chief of CS graduate school.
Biham received his Ph.D. for inventing (publicly) differential cryptanalysis
, while working under Adi Shamir
. It had, it turned out, been invented at least twice before. A team at IBM
discovered it during their work on DES
, and was requested/required to keep their discovery secret by the NSA
, who evidently knew about it as well.
Among his many contributions to cryptanalysis one can count:
In addition to his many contributions to cryptanalysis, Biham has taken part in the design of several new cryptographic primitives:
Israel
The State of Israel is a parliamentary republic located in the Middle East, along the eastern shore of the Mediterranean Sea...
i cryptographer and cryptanalyst
Cryptanalysis
Cryptanalysis is the study of methods for obtaining the meaning of encrypted information, without access to the secret information that is normally required to do so. Typically, this involves knowing how the system works and finding a secret key...
, currently a professor at the Technion Israeli Institute of Technology Computer Science department. Starting from October 2008, Biham is the dean of the Technion Computer Science department, after serving for two years as chief of CS graduate school.
Biham received his Ph.D. for inventing (publicly) differential cryptanalysis
Differential cryptanalysis
Differential cryptanalysis is a general form of cryptanalysis applicable primarily to block ciphers, but also to stream ciphers and cryptographic hash functions. In the broadest sense, it is the study of how differences in an input can affect the resultant difference at the output...
, while working under Adi Shamir
Adi Shamir
Adi Shamir is an Israeli cryptographer. He is a co-inventor of the RSA algorithm , a co-inventor of the Feige–Fiat–Shamir identification scheme , one of the inventors of differential cryptanalysis and has made numerous contributions to the fields of cryptography and computer...
. It had, it turned out, been invented at least twice before. A team at IBM
IBM
International Business Machines Corporation or IBM is an American multinational technology and consulting corporation headquartered in Armonk, New York, United States. IBM manufactures and sells computer hardware and software, and it offers infrastructure, hosting and consulting services in areas...
discovered it during their work on DES
Data Encryption Standard
The Data Encryption Standard is a block cipher that uses shared secret encryption. It was selected by the National Bureau of Standards as an official Federal Information Processing Standard for the United States in 1976 and which has subsequently enjoyed widespread use internationally. It is...
, and was requested/required to keep their discovery secret by the NSA
National Security Agency
The National Security Agency/Central Security Service is a cryptologic intelligence agency of the United States Department of Defense responsible for the collection and analysis of foreign communications and foreign signals intelligence, as well as protecting U.S...
, who evidently knew about it as well.
Among his many contributions to cryptanalysis one can count:
- differential cryptanalysisDifferential cryptanalysisDifferential cryptanalysis is a general form of cryptanalysis applicable primarily to block ciphers, but also to stream ciphers and cryptographic hash functions. In the broadest sense, it is the study of how differences in an input can affect the resultant difference at the output...
- publicly invented during his Ph.D. studies under Adi ShamirAdi ShamirAdi Shamir is an Israeli cryptographer. He is a co-inventor of the RSA algorithm , a co-inventor of the Feige–Fiat–Shamir identification scheme , one of the inventors of differential cryptanalysis and has made numerous contributions to the fields of cryptography and computer... - Attacking all triple modes of operation.
- impossible differential cryptanalysisImpossible differential cryptanalysisIn cryptography, impossible differential cryptanalysis is a form of differential cryptanalysis for block ciphers. While ordinary differential cryptanalysis tracks differences that propagate through the cipher with greater than expected probability, impossible differential cryptanalysis exploits...
- joint work with Adi ShamirAdi ShamirAdi Shamir is an Israeli cryptographer. He is a co-inventor of the RSA algorithm , a co-inventor of the Feige–Fiat–Shamir identification scheme , one of the inventors of differential cryptanalysis and has made numerous contributions to the fields of cryptography and computer...
and Alex BiryukovAlex BiryukovAlex Biryukov is a cryptographer, currently an assistant professor at the University of Luxembourg. His notable work includes the design of the stream cipher LEX, as well as the cryptanalysis of numerous cryptographic primitives. In 1998, he developed impossible differential cryptanalysis together... - Breaking (together with Lars KnudsenLars KnudsenLars Ramkilde Knudsen is a Danish researcher in cryptography, particularly interested in the design and analysis of block ciphers, hash functions and message authentication codes .-Academic:...
) the ANSI X9.52 CBCM mode (few days before the final standardization) - Breaking the GSM security mechanisms (with Elad Barkan and Nathan Keller)
- Co-invention of related-key attackRelated-key attackIn cryptography, a related-key attack is any form of cryptanalysis where the attacker can observe the operation of a cipher under several different keys whose values are initially unknown, but where some mathematical relationship connecting the keys is known to the attacker...
s. - Differential Fault Analysis - joint work with Adi ShamirAdi ShamirAdi Shamir is an Israeli cryptographer. He is a co-inventor of the RSA algorithm , a co-inventor of the Feige–Fiat–Shamir identification scheme , one of the inventors of differential cryptanalysis and has made numerous contributions to the fields of cryptography and computer...
In addition to his many contributions to cryptanalysis, Biham has taken part in the design of several new cryptographic primitives:
- SerpentSerpent (cipher)Serpent is a symmetric key block cipher which was a finalist in the Advanced Encryption Standard contest, where it came second to Rijndael. Serpent was designed by Ross Anderson, Eli Biham, and Lars Knudsen....
(with Ross Anderson and Lars KnudsenLars KnudsenLars Ramkilde Knudsen is a Danish researcher in cryptography, particularly interested in the design and analysis of block ciphers, hash functions and message authentication codes .-Academic:...
), a block cipherBlock cipherIn cryptography, a block cipher is a symmetric key cipher operating on fixed-length groups of bits, called blocks, with an unvarying transformation. A block cipher encryption algorithm might take a 128-bit block of plaintext as input, and output a corresponding 128-bit block of ciphertext...
which was one of the final five contenders to become the Advanced Encryption StandardAdvanced Encryption Standard processThe Advanced Encryption Standard , the block cipher ratified as a standard by National Institute of Standards and Technology of the United States , was chosen using a process markedly more open and transparent than its predecessor, the aging Data Encryption Standard... - TigerTiger (hash)In cryptography, Tiger is a cryptographic hash function designed by Ross Anderson and Eli Biham in 1995 for efficiency on 64-bit platforms. The size of a Tiger hash value is 192 bits. Truncated versions can be used for compatibility with protocols assuming a particular hash size...
(with Ross Anderson), a hash functionHash functionA hash function is any algorithm or subroutine that maps large data sets to smaller data sets, called keys. For example, a single integer can serve as an index to an array...
fast on 64-bit machines, and - PyPy (cipher)Py is a stream cipher submitted to eSTREAM by Eli Biham and Jennifer Seberry. It is one of the fastest eSTREAM candidates at around 2.6 cycles per byte on some platforms...
(with Jennifer SeberryJennifer SeberryJennifer Roma Seberry is an Australian cryptographer, mathematician, and computer scientist, currently a professor at the University of Wollongong, Australia...
), one of a family of fast stream cipherStream cipherIn cryptography, a stream cipher is a symmetric key cipher where plaintext digits are combined with a pseudorandom cipher digit stream . In a stream cipher the plaintext digits are encrypted one at a time, and the transformation of successive digits varies during the encryption...
s (see article for more detail on their cryptanalytic status). - SHAvite-3 (with Orr Dunkelman), a hash functionHash functionA hash function is any algorithm or subroutine that maps large data sets to smaller data sets, called keys. For example, a single integer can serve as an index to an array...
which is one of the 14 semifinalists in the NIST hash function competitionNIST hash function competitionThe NIST hash function competition is an open competition held by the US National Institute of Standards and Technology for a new SHA-3 function to replace the older SHA-1 and SHA-2, which was formally announced in the Federal Register on November 2, 2007...
.