Matt Blaze
Encyclopedia
Matt Blaze is a researcher in the areas of secure systems, cryptography
, and trust management
. He is currently an Associate Professor of Computer and Information Science at the University of Pennsylvania
; he received his PhD in Computer Science from Princeton University
.
In 1992, while working for AT&T, Blaze implemented a strong cryptographic package known as "CFS", the Cryptographic File System, for Unix. CFS uses NFS as its transport mechanism, allowing users to encrypt selected directory hierarchies, but mount them unencrypted after providing the key. In November, 1993, he presented a paper on this project, "A Cryptographic File System for Unix", at the 1st ACM Conference on Computer and Communications Security. Blaze also published a paper "Key Management in an Encrypting File System", in the Proceedings USENIX Summer 1994 Technical Conference. At his request, AT&T released this software into the public domain and Blaze continued to expand and generalize it through 1997. It is still alive today as a downloadable package in several Linux distributions.
In 1993, Blaze published (with John Ioannidis) a paper presenting a protocol ("swIPe") that was to be one of the forerunners of IPsec
. In 1994, he found a means to circumvent the wiretapping mechanisms of the Clipper chip
, contributing to the death of this government-sponsored initiative. In 2003, he independently rediscovered a serious vulnerability in "master key" security in physical locks that was an open secret among locksmiths
; his decision to disclose
it publicly provoked controversy.
Blaze coined the term trust management to refer to the policy system which decides whether a particular entity should be permitted to carry out a particular action, and has provided foundation research in this area.
Security Symp., pages 29–39, Santa Clara, CA, USA, October 1993.
Cryptography
Cryptography is the practice and study of techniques for secure communication in the presence of third parties...
, and trust management
Trust management (information system)
In information system and information technology, trust management is an abstract system that processes symbolic representations of social trust, usually to aid automated decision-making process. Such representations, e.g. in a form of cryptographic credentials, can link the abstract system of...
. He is currently an Associate Professor of Computer and Information Science at the University of Pennsylvania
University of Pennsylvania
The University of Pennsylvania is a private, Ivy League university located in Philadelphia, Pennsylvania, United States. Penn is the fourth-oldest institution of higher education in the United States,Penn is the fourth-oldest using the founding dates claimed by each institution...
; he received his PhD in Computer Science from Princeton University
Princeton University
Princeton University is a private research university located in Princeton, New Jersey, United States. The school is one of the eight universities of the Ivy League, and is one of the nine Colonial Colleges founded before the American Revolution....
.
In 1992, while working for AT&T, Blaze implemented a strong cryptographic package known as "CFS", the Cryptographic File System, for Unix. CFS uses NFS as its transport mechanism, allowing users to encrypt selected directory hierarchies, but mount them unencrypted after providing the key. In November, 1993, he presented a paper on this project, "A Cryptographic File System for Unix", at the 1st ACM Conference on Computer and Communications Security. Blaze also published a paper "Key Management in an Encrypting File System", in the Proceedings USENIX Summer 1994 Technical Conference. At his request, AT&T released this software into the public domain and Blaze continued to expand and generalize it through 1997. It is still alive today as a downloadable package in several Linux distributions.
In 1993, Blaze published (with John Ioannidis) a paper presenting a protocol ("swIPe") that was to be one of the forerunners of IPsec
IPsec
Internet Protocol Security is a protocol suite for securing Internet Protocol communications by authenticating and encrypting each IP packet of a communication session...
. In 1994, he found a means to circumvent the wiretapping mechanisms of the Clipper chip
Clipper chip
The Clipper chip was a chipset that was developed and promoted by the U.S. National Security Agency as an encryption device to be adopted by telecommunications companies for voice transmission...
, contributing to the death of this government-sponsored initiative. In 2003, he independently rediscovered a serious vulnerability in "master key" security in physical locks that was an open secret among locksmiths
Locksmithing
Locksmithing began as the science and art of making and defeating locks. A lock is a mechanism that secures buildings, rooms, cabinets, objects, or other storage facilities. A key is often used to open a lock...
; his decision to disclose
Full disclosure
In computer security, full disclosure means to disclose all the details of a security problem which are known. It is a philosophy of security management completely opposed to the idea of security through obscurity...
it publicly provoked controversy.
Blaze coined the term trust management to refer to the policy system which decides whether a particular entity should be permitted to carry out a particular action, and has provided foundation research in this area.
Education
- Ph.D., Computer Science, January 1993. Princeton University. (Thesis: Caching in Large-Scale Distributed File Systems)
- M.A., Computer Science, June 1989. Princeton University.
- Columbia University, M.S., Computer Science, May 1988. Columbia UniversityColumbia UniversityColumbia University in the City of New York is a private, Ivy League university in Manhattan, New York City. Columbia is the oldest institution of higher learning in the state of New York, the fifth oldest in the United States, and one of the country's nine Colonial Colleges founded before the...
- B.S., January 1986. City University of New York (Hunter CollegeHunter CollegeHunter College, established in 1870, is a public university and one of the constituent colleges of the City University of New York, located on Manhattan's Upper East Side. Hunter grants undergraduate, graduate, and post-graduate degrees in more than one hundred fields of study, and is recognized...
).
Publications
Ioannidis, John and Blaze, Matt. The Architecture and Implementation of Network-Layer Security Under Unix, in Proc. of the 4th USENIXUSENIX
-External links:* *...
Security Symp., pages 29–39, Santa Clara, CA, USA, October 1993.