The Sheriff of Cyber City
Cryptography Research founder Paul Kocher secures the digital frontier by staying one step ahead of the outlaws.
By Ann Marsh
The year was 1997. Microprocessor "smart cards" with those little gold, rectangular chips were becoming ubiquitous. The idea was that information, such as bank account details or medical records, could be stored on the card itself, protected by security codes. Multinational corporations were using them to transfer billions of dollars and sensitive data all around the globe.
But Paul Kocher knew it was only a matter of time before someone would try to crack the complex encryption protecting the cards. He wondered how secure they really were. What if, he mused, you didn't have to physically dissect the chips to decipher their encryption? What if you could discern the hidden codes just by "listening through the door"?
For Kocher, '95, who had just founded an electronic security company, Cryptography Research Inc., these questions weren't merely academic. They prompted him to walk to a Radio Shack a few doors down from the fledgling firm's office on Market Street in San Francisco to pick up some electronic components. Then, he bought an oscilloscope, the kind kids use for school science projects. The instrument would let him listen to minute changes in power usage as voltage passed through millions of tiny transistors on the chips.
"I knew enough about integrated circuits to be dangerous," Kocher says, "and I was not so deferential as to think people hadn't made a mistake."
His instinct was a good one. In a matter of weeks, for less than $300 in equipment, he and his lone employee managed to glean a chip's security code by eavesdropping on its patterns of power consumption, a process that came to be known as a power analysis attack. Kocher likens it to a safecracker's ability to hear the telltale clicks of the tumblers in a spinning lock. Each click corresponds to a number in the lock's combination. In a similar fashion, power analysis allows outsiders to make strategic guesses about pieces of a security code.
The ramifications were huge. Quietly, Kocher and his colleague contacted chip manufacturers about the hole and began working with them to plug it. By the time news of the vulnerability leaked out, the companies were able to simultaneously announce a fix.
Power analysis is just one of many ways digital security can be compromised. In CRI's early days, Kocher had trouble convincing his classmate Benjamin Jun, '96, MS '98, to come on board. "I remember thinking at the time, 'In a few years, all of the security problems will be solved,'" says Jun, now the company's chief technology officer. With alarming new security breaches splashing across headlines almost daily, "It is pretty hilarious now to think I really believed that."
Last spring, for example, hackers broke into Sony's PlayStation Network and Online Entertainment division and accessed personal, account and financial information—including names, addresses, birth dates, email addresses, logins and passwords, security questions, purchase histories and credit card numbers—for more than 100 million users. The unprecedented size and scope of the breach prompted one Sony executive to proclaim that we now live in a "bad new world."
With some 55 patents covering methods of securing data and thwarting such attacks, Cryptography Research is in the vanguard of companies working to stem the tide. Through consulting and licensing deals, security systems designed by Kocher's team protect hundreds of billions of dollars of commerce annually for the government and the telecommunications, financial, entertainment, consumer electronics and Internet industries. More than 5 billion chips produced annually by the semiconductor industry are protected by CRI's patented DPA countermeasures.
However, the variety of security problems facing industry today vastly outstrips the small company's capacity. CRI now has 35 employees, including a dozen Stanford graduates. Even so, with a two-year backlog, the firm couldn't take on any more work to grow the business. Which is why in May Kocher agreed to sell the company to leading technology-licensing company Rambus Inc., founded by Mark Horowitz, chair of the electrical engineering department at Stanford. Kocher continues to run CRI as an independent unit headquartered in highly secure offices near its original location. He describes the $342.5 million deal as a strategic move to offload mundane tasks such as taxes and payroll in order to focus on cryptographic work.
"In data security you have the same situation you had in medicine in the 1840s," Kocher says. "You have products that don't work and others that do, but nobody knows why. If you asked practitioners back then how they would cure various diseases you could get very different answers. So a lot of what we're trying to do is to apply methods and perspectives that have worked in different industries to find reliably good outcomes for the types of problems we are trying to cure."
To understand the essence of digital security requires thinking in just two numbers: one and zero. At the machine level, a one turns the microscopic components of an integrated circuit on, while a zero turns them off. Writing a computer program is the art of ordering those numerals to perform simple calculations and stringing them together into long chains to orchestrate complex operations.
One means of securing data is to use a program that renders plain text information as an encoded message that can only be decoded by a system possessing the right key. Should a third party intercept such a message, it would appear unintelligible. While the algorithm, or sequence of instructions for transforming the text, is often publicly available, the key, which can vary in length from 100 characters to thousands or more, is kept secret. At least, that's the idea.
In an image borrowed from old Westerns, malicious intruders who use various means to uncover these keys are known as "black hats." These hackers terrify the public by announcing their triumphs through the media, and then ransom their intelligence to panicked companies. Some companies seek to protect themselves by bringing in "white hats" to proactively root out vulnerabilities before their products hit the market. "CRI is one of the best—if not the best—white-hat companies," says Dan Boneh, a Stanford computer science professor who serves as a technical adviser to the company. "And Paul is the best in the world at what he does."
Dickie George, a top cryptologic mathematician at the National Security Agency, says he considers Kocher one of the pioneers of commercial cryptography. Among many small crypto companies, George says there is none that resembles or competes directly with CRI. Behind a classified wall, the NSA, which is part of the Department of Defense, keeps about 1,000 mathematicians busy creating cryptographic algorithms. However, they know that the strongest cipher in the world is useless if it is poorly incorporated into a hardware or software system.
"Paul showed that if you aren't careful in how you implement things, you can be subject to shortcut attacks," George says. "Having an outside expert demonstrate that was extremely beneficial to us at the Department of Defense because we are probably the largest users of commercial cryptography in the world. We want our soldiers to have the same ability to use devices in the field that we use in our homes."
For that to happen, Kocher says that, increasingly, the most effective security will have to be built into hardware rather than software systems. Hardware-based crypto does a better job of preventing users from purposefully or inadvertently jeopardizing the security of their cell phones, cable TV boxes and other devices.
CRI manages to thrive in the tough field of commercial cryptography by choosing very carefully the projects it will take on. "We try to whittle problems down to projects that are manageable," Kocher says. "Trying to solve the world's data security problems is like a doctor trying to solve death."
Biological metaphors come easily to Kocher, who entered Stanford with the intention of becoming a veterinarian. "If I hadn't been rejected by Harvard, I most certainly would be a vet today," he says. Instead, Kocher arrived on the Farm in 1991—on the eve of the dot-com boom that gave rise to the demand for commercial cryptography.
Because he says he doesn't learn well in classroom situations, Kocher spent most of his time at Stanford in self-directed study of subjects such as DNA sequencing and various mathematical conundrums. One puzzler that captured his imagination involved a widely used utility that compressed computer files for transfer or archiving. The encrypted files could be protected using keys of varying lengths, but Kocher couldn't understand how anyone could be confident that a so-called zip compression cipher was foolproof. "I remember being somewhere between fascinated and irritated that you could know all the inputs and all the outputs but you couldn't figure out the password," he says.
Kocher emailed a few questions on topics such as these to Martin Hellman, a professor in the electrical engineering department. Hellman, MS '67, PhD '69, is one of the three inventors of public key cryptography, the still-prevailing security standard that enables the secure exchange of emails. (For this contribution to global commerce, Hellman, Whitfield Diffie, Gr '78, and Ralph Merkle, PhD '79, were inducted into the National Inventors Hall of Fame at a ceremony in Washington, D.C., earlier this year.) When Hellman first saw Kocher's email, he thought, "Why is a biology student emailing me? Does he want help solving cryptograms in a newspaper?"It quickly became apparent, however, that Kocher displayed sophistication in the subject. Hellman invited the freshman to join a graduate student study group in cryptography. The professor also started steering high-level work his way. Soon, Kocher was pedaling back to his dorm room with a backpack full of CDs mailed to him by a programmer at Microsoft. The computer giant wanted to sell software on encrypted discs; Kocher sent back security analyses explaining how hackers would steal it.
By his sophomore year, Kocher was running out of money to pay for his tuition. Hellman, who now sits on CRI's board, was throttling back on his work by switching to emeritus status. He began sending Kocher consulting jobs he could no longer handle. Those contracts paid for Kocher's tuition and served, essentially, as early angel funding for CRI, which Kocher founded right after he graduated.
On one of those consulting gigs, for then-dominant web browser company Netscape, Kocher co-wrote a protocol to verify that websites are legitimate—and not sham sites set up by thieves for the purpose of obtaining sensitive data. To this day, the Secure Sockets Layer, or SSL 3.0, protects anyone who shops or transacts business online; it's the "s" in the "https" prefix of a URL that tells you a site has been authenticated.
Because it was a work-for-hire job, neither Kocher nor CRI reaps any royalties from SSL 3.0. "But, it did give him some serious street credibility," says Kit Rodgers, '96, MS '98, vice president of business development and licensing at CRI. Two years later, Kocher further solidified his standing in the cryptography community by breaking an encryption algorithm known as DES (for Digital Encryption Standard).
Created by IBM and the U.S. government, DES had protected financial transactions and electronic communications worldwide since the 1970s. But by the mid-'90s, security experts were starting to question whether its standard 40-bit encryption key was strong enough. Some even wondered whether a more formidable 56-bit key was sufficient.
Breaking the 56-bit encryption key would require finding the one correct combination of numbers among 256 or 72,057,594,037,927,936 possible combinations. (That's in the quadrillions, if you were wondering.) Kocher served as the lead hardware and software designer on a machine—built in partnership with two other companies—that searched 92 billion keys per second and found the right one in just 56 hours. The total budget for the project was less than $250,000 using refurbished computer equipment. "I prefer to work with the equivalent of duct tape," he says.
Once DES was revealed to be fallible, the standard migrated to a next-generation algorithm that can have keys of varying strengths up to 256 bits. But even this Advanced Encryption Standard has been found—theoretically—to be vulnerable to key recovery attacks. A palliative, rather than a cure.
The data security industry increasingly operates on the presumption that even its best tools will fail at least some of the time. In the entertainment sector, movie studios routinely sustain billions of dollars in losses annually due to unauthorized distribution of their films. That's be-cause keeping content perfectly secure on portable discs is functionally impossible if they are to play on both computers and TVs. As a result, their security measures must be software-based and thus vulnerable.
In the high-definition DVD format war, HD DVD lost to Blu-ray largely because the consortium of companies that developed the HD DVD format had not invested sufficiently to secure it. Within months of the first HD DVD movies shipping in spring 2006, someone had posted details of a method to unlock any HD DVD disc on an online forum. By the time the first pirated high-def movie (the "space western" Serenity) hit peer-to-peer networks a month later, there was no putting the genie back in the bottle.
Blu-ray discs were equipped with the very same breakable security shield as HD DVDs, plus a critical secondary one, created by CRI. In building it, Kocher and his colleagues assumed hackers would break their codes. But in their patented process, known as "self-protecting digital content" (SPDC), each time a new movie is released on Blu-ray, all of the security codes can be replaced. So while it's not impervious, SPDC buys some critical time.
"Hackers then bang away at that and that takes some time, anywhere from several weeks to several months," Rodgers explains. "Since studios make 97 percent of their revenue in the first several weeks after a film is released, this lets them keep their business model." CRI also does robust business on behalf of cable companies, protecting set-top boxes from being hacked and their service stolen. "Much of what we do is enable people to make money off their creations," Kocher says.
That's important because more and more industries are becoming, at base, information-technology driven. With the expanded use of three-dimensional printers, for example, even companies in such tactile fields as furniture-making one day could have the DNA for their designs stolen by hackers who intercept their data files en route to the printer and churn out a line of counterfeit chairs.
The odds certainly appear stacked in favor of the black hats. "The guys who are breaking these systems are making huge amounts of money" selling the information on the black market, Kocher says. "They aren't turning away from lives of crime. If a hacker is successful one time out of 100, he is a success. If we fail one time out of 100, we are a failure."
But the white hats do have a strategic advantage: By developing the architecture, system designers like those at CRI get to choose the theater of battle. "A lot of approaches we take do tend to deny [criminals] their ability to build a business," says Christopher Gori, '96, MS '97, CRI's lead ASIC engineer.
"It's a chess match," Rodgers adds. "There's no question about it."
Kocher does envision a day when white hats routinely do better in this ongoing game. "While data security risks aren't ever going to go away completely," he says, "approaches created with safety in mind can eventually make these risks acceptable."
For now, however, CRI is so hypervigilant about preventing a security breach of its own that mission-critical tasks at company HQ are conducted on computers with encrypted hard drives that aren't connected to the Web and are located in rooms protected by iris scanners.
"It's kind of embarrassing," Kocher admits, but "at the end of the day, the most reliable thing is to just cut the wires and work in isolation."
Ann Marsh, '88, is a writer in Los Angeles.