Matt Blaze is a researcher in the areas of secure systems, cryptography, and trust management. He is currently an Associate Professor of Computer and Information Science at the University of Pennsylvania; he received his PhD in Computer Science from Princeton University.
In 1992, while working for AT&T, Blaze implemented a strong cryptographic package known as "CFS", the Cryptographic File System, for Unix. CFS uses NFS as its transport mechanism, allowing users to encrypt selected directory hierarchies, but mount them unencrypted after providing the key. In November, 1993, he presented a paper on this project, "A Cryptographic File System for Unix", at the 1st ACM Conference on Computer and Communications Security. Blaze also published a paper "Key Management in an Encrypting File System", in the Proceedings USENIX Summer 1994 Technical Conference. At his request, AT&T released this software into the public domain and Blaze continued to expand and generalize it through 1997. It is still alive today as a downloadable package in several Linux distributions.
In 1993, Blaze published (with John Ioannidis) a paper presenting a protocol ("swIPe") that was to be one of the forerunners of IPsec. In 1994, he found a means to circumvent the wiretapping mechanisms of the Clipper chip, contributing to the death of this government-sponsored initiative. In 2003, he independently rediscovered a serious vulnerability in "master key" security in physical locks that was an open secret among locksmiths; his decision to disclose it publicly provoked controversy.
Blaze coined the term trust management to refer to the policy system which decides whether a particular entity should be permitted to carry out a particular action, and has provided foundation research in this area.
- Ph.D., Computer Science, January 1993. Princeton University. (Thesis: Caching in Large-Scale Distributed File Systems)
- M.A., Computer Science, June 1989. Princeton University.
- Columbia University, M.S., Computer Science, May 1988. Columbia University
- B.S., January 1986. City University of New York (Hunter College).
- ^ Ioannidis, John and Blaze, Matt. The Architecture and Implementation of Network-Layer Security Under Unix, in Proc. of the 4th USENIX Security Symp., pages 29–39, Santa Clara, CA, USA, October 1993.
|This biographical article relies on references to primary sources. (June 2007)|