Hugo Krawczyk is an Argentine-Israeli cryptographer best known for co-inventing the HMAC message authentication algorithm and contributing in fundamental ways to the cryptographic architecture of central Internet standards, including IPsec, IKE, and SSL/TLS. In particular, both IKEv2 and TLS 1.3 use Krawczyk’s SIGMA protocol[1] as the cryptographic core of their key exchange procedures. He has also contributed foundational work in the areas of threshold and proactive cryptosystems and searchable symmetric encryption, among others.
Hugo Krawczyk | |
|---|---|
 | |
| Nationality | Argentinean, Israeli, American |
| Alma mater | Haifa University, Technion |
| Occupation(s) | Cryptographer, Computer Scientist |
| Known for |
|
| Awards |
|
Education edit
Krawczyk acquired a Bachelor of Arts in Mathematics from the University of Haifa. Later he received his Master of Science and Ph.D. in computer science from Technion - Israel Institute of Technology with Oded Goldreich as doctoral thesis advisor.
Career edit
Hugo Krawczyk is a Senior Principal Scientist at Amazon Web Services (AWS). Between 2019 and 2023 he was a Principal Researcher at the Algorand Foundation and part of its founding team. Prior to that, he was an IBM Fellow and Distinguished Research Staff Member at the IBM T.J. Watson Research Center in New York as a member of the Cryptography Research group from 1992 to 1997, and again from 2004 to 2019. He was an Associate Professor at the Department of Electrical Engineering at the Technion in Israel from 1997 until 2004.
Krawczyk has published over 100 papers with more than 30,000 citations, and is an inventor in 30 issued patents.
His research includes both theoretical and applied elements of cryptography, with a focus on internet security, privacy, and authentication. His most recent projects in the area include: TLS 1.3, the new-generation SSL/TLS; HKDF, the standard for key derivation embraced by TLS 1.3, Signal, WhatsApp, Facebook Messenger, and others; and OPAQUE, a password authentication protocol being standardized by the IRTF and recently deployed by Facebook in its implementation of end-to-end encrypted chat backups for WhatsApp.[2]
Krawczyk is the author of many other cryptographic algorithms and protocols including the HMQV key-exchange protocol, the LFSR-based Toeplitz Hash Algorithm, the Shrinking Generator encryption scheme, the UMAC message authentication code, and the randomized hashing scheme for strengthening digital signatures.
Other influential work includes threshold and proactive cryptosystems (including distributed key generation), searchable symmetric encryption, and theoretical contributions to secure cryptographic communications, password protocols, zero knowledge and pseudorandomness.
Awards edit
Krawczyk has won the RSA Conference Award for Excellence in Mathematics in 2015, the Levchin Prize[3] for Contributions to Real-World Cryptography in 2018, and two IBM corporate awards. He is a Fellow of the International Association of Cryptologic Research (IACR) and the recipient of the 2019 NDSS Test-of-Time award[4] for his 1996 paper, “SKEME: A versatile secure key exchange mechanism for internet”, a precursor of KEM-based key exchange protocols, central to developing post-quantum key exchange standards.
References edit
- ^ Krawczyk, Hugo (2003). "SIGMA: The 'SIGn-and-MAc' Approach to Authenticated Diffie-Hellman and its Use in the IKE Protocols" (PDF). Advances in Cryptology - CRYPTO 2003. Lecture Notes in Computer Science. Vol. 2729. pp. 399–424. doi:10.1007/978-3-540-45146-4_24. ISBN 978-3-540-40674-7.
- ^ Whatsapp e2e
- ^ "The Levchin Prize for Real-World Cryptography". rwc.iacr.org. Retrieved 2022-11-15.
- ^ O'Donoghue, Karen (2019-02-28). "NDSS 2019 Honors Timeless Papers". Internet Society. Retrieved 2022-11-15.