Hi folks. Ed Amoroso here, and I want to tell you a story. So this is not a techie video. This one's more of human interest and part of our history in cybersecurity. Probably something that you don't get a lot of when you read books and things about cyber. It tends to be a lot of math and protocols and things that we've been doing. But I want to digress and tell you something I think you should know about. Now, wonderful contributions by Whit Diffie and Martin Hellman can't be underscored enough. They were the ones who introduced public key cryptography to all of us and then Rivest Shamir and Adleman and the wonderful algorithm in the work they've done. And they won a Turing Award. All of them deserve it. All of them are incredible computer scientists and models and I think I've referred to them as heroes and I believe that. But I want to take you further back to the 1960s. Now, if you're in the 1960s, let's say you're in Great Britain, what do you think an engineer looks like? Male or female? I think it would be probably male, bespeckled, wearing a white shirt with tie, probably a bunch of stuff jammed in the pocket, pocket protector with all kinds of pens and pencils. Pretty modest look, and I give you one person named James Ellis. So this was an engineer, essentially a quasi mathematician who'd been working at GCHQ, which in Great Britain, is the agency that does cryptography. The equivalent to the National Security Agency here in the United States and you can decode what GCHQ stands for. So James Ellis was working there. And he hadn't been there very long. He had just started work there, and for whatever reason he was given a problem. I've heard a joke that it was busy work. I've heard a lot of different origins of why he was given this problem, but the problem was the following. They said that James, this was in the mid to late 1960s, so it's almost a decade before the Diffie and Hellman work. The problem was essentially conventional cryptography and the fact that it doesn't scale. Remember in previous video, I showed you the little curve, that I have two people, then three people, then four people and five. Look, how do you scale that? And how do I do without a key distribution center? How would you do that? So James Ellis went off, and in a very short period of time, came back with a short paper. In fact, it's required reading in this course called non-secret encryption. And he gave it to his boss and said, "Here, I solved the problem." So I think it took a little time for his boss and for colleagues to take a look. Some of these names of colleagues and people he was working in and around are now sort of famous, Fred Williams being one name. But anyway, eventually, the team there at GCHQ got around to reading James Ellis's short paper, and they looked at it and they went, here's what it said, "Well, instead of one key, you should have a secret key and a private key." I'm sorry, "public and secret. The public one, you tell everyone. The secret one, you put in your pocket don't tell anybody. If you crypt with this, you decrypt with that." You get the idea. He basically laid out the Diffie and Hellman scheme. Now, like I said, it took some time for people to realize, my goodness, he's laid out a scheme here that makes sense. They brought in some outside cryptographer. This was all classified by the way at the time. Totally classified. You can see the paper there that eventually came out in 1970. The possibility of a secure non-secret digital encryption,before Diffie and Hellmann. So people looked at it and they went, "Wow, this is really interesting." And James Ellis says that one of his inspirations was, he was looking at telecommunications and the engineers at Bell Labs who were adding and subtracting noise of a certain type to communication. So at any rate, the good news was, they validated that it was a good idea. The bad news is, two bad news. One is, it's classified so you can't tell anybody. And the second is, computers in the late 60s were just so slow that it was like, who could ever invent an algorithm that would work like this? Because James Ellis didn't have an algorithm. He just said, "If one existed." Remember we said that about Diffie and Hellmann. It took Rivest Shamir and Adleman to provide the algorithm, but Diffie and Hellman had actually come up with the scheme. So, what you have is James Ellis in a very similar situation to the situation Diffie and Hellman were in when they published their paper. So fast forward months, a couple of years and a guy starts work at GCHQ by the name of Clifford Cocks, and he gets around to meeting James Ellis. They talk. And James tells him, "Here's this thing I'm working on." Clifford Cocks listens and says, "I think I know how to implement that." Because Clifford Cocks had just finished his graduate work in mathematics and he tells James Ellis that his work was in the area of prime number theory. He said, "I think if you multiply two primes together, you get this thing, maybe that can be the public key and one of them be private." Blah blah blah blah blah, stuff we all talked about before Diffie and Hellman, before RSA but classified. So these guys all work in a British spook agency, they've invented this incredible thing, they can't tell anybody. Now, here's what happened. 1979 some number of years later, now this is after they're sitting off in relative obscurity, nobody knew they'd done this. James Ellis is a beekeeper. He drives a little car, lives in Great Britain. I guess you probably know what it is to keep bees below, rug over your bees. That's what. You get this image of very modest sort of engineer. 1979 at a big computer conference, the director of the National Security Agency at the time was Bobby Inman, and he was up at the podium and he's giving a speech and somebody's hand goes up and says, mind you 79 was a couple of years after Diffie and Hellman had published, and this is Ellis and Cocks watching Diffie and Hellman become famous, they win Turing Awards later, they're hailed as these great people. Nobody knows Ellis and Cocks, other than just as mathematicians from GCHQ. Somebody asks director Inman in the QA portion of the speech, hand goes up, "Director Inman, will the Diffie and Hellman work that's just come out, Diffie and Hellman key exchange, make it harder for NSA to accomplish its mission, its Sagan mission of collecting data and decrypting the things that these agencies do?" It's funny. 1979 is so long ago we think of those debates as being so current. And Bobby Inman from the podium starts laughing, " Diffie, Hellman? We knew about that 10 years ago." And there in the audience, with Diffie and others going, "10 years ago? We just wrote that paper." So they started nosing around. Whit Diffie started to asking around in NSA, come on, come on, come on, who did it? Who did it? Somebody whispers him the name James Ellis. So Diffie and his wife get on a plane, they fly over to England. They want to know. They go there, meets James Ellis, and to this day, the report, what Diffie would say is that, "The only thing James Ellis ever said, was they were backing their car out to go," I guess, in Great Britain you go have Ale. Here in the US, we go have a beer. But whatever. Backing the car out, and James Ellis said, and I quote, "You did more with it than we would have." He said that, and mind you, it's all classified, he wouldn't admit having done anything. He wouldn't do something. So time progresses and people knew but it wasn't. We get to the 80s, we get in the 90s, still British GCHQ will not declassify the reports. Then finally, they decide in the mid 90s they're going to declassify this stuff. They're ready to put up a website, and what happens, James Ellis passes away. The poor guy got no credits, like this should be a TV movie or something. So to this day, I think we need to remember James Ellis, Clifford Cocks as people who had the integrity to do wonderful work, but to keep their mouth shut about it. It was classified. They didn't crave the need to tell reporters. There were no leaks, other than maybe the little Bobby Inman one to some degree. I think it's an interesting story, for those of you young people who are studying cybersecurity. Take a little time and go look up James Ellis. Read about him. He's one of the great contributors, he gets no name, they won no Turing Award, won no fame during his life. But now I think it's important that we honor him, and Clifford Cocks and Fred Williamson, the whole team there, for having really been the ones who invented it. And to this day Diffie and Hellman and others will always say, that they were the ones who introduced public key cryptography to the world and they deserve all the credit. Credit where credit is due both for the folks at GCHQ. You can see we've popped the picture up here from the IEEE. It's a little plaque that validates. It's not a well known story, not an often traveled story but it's something I wanted you all to know about. So hope you enjoyed this. Hope you enjoyed this session and we'll look forward to seeing you in our next time together. Thanks.
