Matthew Green

Dr. Matthew Daniel Green is a security expert and cryptographer, with an extensive knowledge and experience in applied cryptography, privacy-enhanced information storage systems, anonymous cryptocurrencies, elliptic curve crypto-systems, and satellite television piracy.

Dr. Green has experience as an expert witness and as a consulting witness in several dozen cases involving patents and copyright issues. He has testified in multiple depositions and at trial.

Dr. Green holds a PhD in Computer Science from The Johns Hopkins University and is currently the Assistant Professor at the Johns Hopkins Information Security Institute. He teaches courses pertaining to practical cryptography.

Matthew is part of the group which developed Zerocoin, an anonymous cryptocurrency. He is a member of the technical advisory board for the Linux Foundation Core Infrastructure Initiative, formed to address critical Internet security concerns in the wake of the Heartbleed security bug disclosed in April 2014 in the OpenSSL cryptography library. 

In 2015, Matthew was a member of the research team that identified the Logjam vulnerability in the TLS protocol. He has been involved in the groups that exposed vulnerabilities in RSA BSAFE, Speedpass and E-ZPass.

He sits on the technical advisory boards for CipherCloud, Overnest and Mozilla Cybersecurity Delphi. Matthew co-founded and serves on the Board for Directors of the Open Crypto Audit Project (OCAP), which undertook a security audit of the TrueCrypt software.

Matthew also co-founded Sealance Corp, a company that builds the decentralised, blockchain-based Sealance Trust Platform for the cryptocurrency industry, based on advanced mathematics, cryptography, and zero-knowledge proofs.

Matthew is the author of the blog, "A Few Thoughts on Cryptographic Engineering". In addition to general blog posts about NSA, encryption, and security, his blog entries on NSA's backdoor in Dual_EC_DRBG, and RSA Security's usage of the backdoored Cryptographically secure pseudorandom number generator (CSPRNG) have been widely cited in the mainstream news media including the New York Times, Wall Street Journal, Forbes, Reuters, Wired, Washington Post and The Economist. He also has written pieces for the New Yorker, Slate and IEE Spectrum.

According to the Digital Library of Association for Computing Machinery, Dr. Green has about 47 publications to his name, with more than 2,100 citations and 21 downloads between 2005 - 2022.
 

Matthew received a B.S. from Oberlin College (Computer Science) and a B.M. from Oberlin College (Electronic Music) in 1998. He started his career in 1999 at AT&T Laboratories in Florham Park, New Jersey. At AT&T Labs he worked on a variety of projects including audio coding/secure content distribution, streaming video and wireless localisation services. 

Dr. Matthew received his Masters and a PhD in Computer Science from The Johns Hopkins University. His dissertation was titled 'Cryptography for Secure and Private Databases: Enabling Practical Data Access without Compromising Privacy'.

As a graduate student, Matthew co-founded Independent Security Evaluators (ISE) with two fellow students in 2005. He served as CTO of ISE until his departure in 2011.Prior to founding Cryptography Engineering, Dr. Green was a founding partner and CTO for six years at Independent Security Evaluators, a custom security evaluation and design consultancy, and a founding partner of Harbor Edge Group for two years. Dr. Green writes the Blog "A Few Thoughts on Cryptographic Engineering" and is the author of more than fifty academic publications. He is a frequent guest on television and radio and is regularly quoted in the press. His work has been widely cited by media including the New York Times, Wall Street Journal, Forbes, Reuters, Wired, Washington Post and The Economist. He also has written pieces for the New Yorker, Slate and IEE Spectrum.

Dr. Green led the team that developed the first anonymous cryptocurrencies, Zerocoin and Zerocash. His research team has exposed flaws in more than one third of SSL/TLS encrypted web sites as well as vulnerabilities in encryption technologies, including RSA BSafe, Exxon/Mobil Speedpass, EZpass, and automotive security systems.  

Zerocoin is a cryptocurrency proposed as an extension to the Bitcoin protocol that would add anonymity to Bitcoin transactions. Zerocoin provides anonymity by the introduction of a separate zerocoin cryptocurrency that is stored in the Bitcoin block chain. Though originally proposed for use with the Bitcoin network, zerocoin could be integrated into any cryptocurrency. His research team has exposed flaws in more than one third of SSL/TLS encrypted web sites as well as vulnerabilities in encryption technologies, including RSA BSAFE, Exxon/Mobil Speedpass, E-ZPass, and automotive security systems.
Dr. Green is a member of the technical advisory board for the Linux Foundation Core Infrastructure Initiative, formed to address critical Internet security concerns in the wake of Heartbleed. Dr. Green also co-founded and serves on the Board of Directors of the Open Crypto Audit Project and sits on the technical advisory boards for CipherCloud, Overnest and Mozilla Cybersecurity Delphi.

Dr. Green writes the Blog "A Few Thoughts on Cryptographic Engineering" and is the author of more than fifty academic publications. He is a frequent guest on television and radio and is regularly quoted in the press. His work has been widely cited by media including the New York Times, Wall Street Journal, Forbes, Reuters, Wired, Washington Post and The Economist. He also has written pieces for the New Yorker, Slate and IEE Spectrum.

Since 2009, Dr. Green has been teaching courses pertaining to practical cryptography at The Johns Hopkins Information Security Institute. 

In 2021, Matthew also co-founded Sealance Corp, which enables regulatory compliance for digital assets.

Published Work

According to the Digital Library of Association for Computing Machinery, Dr. Green has about 47 publications to his name, with more than 2,100 citations and 21 downloads between 2005 - 2022.
Some of his notable publications include the paper titled "Zerocoin: Anonymous Distributed e-Cash from Bitcoin" proposes a cryptographic extension to Bitcoin called Zerocoin that allows for fully anonymous currency transactions. While Bitcoin is widely adopted, it has limitations regarding privacy as the transaction log is completely public. Zerocoin uses standard cryptographic assumptions and does not introduce new trusted parties, maintaining the security model of Bitcoin. The paper details Zerocoin's cryptographic implementation, its integration into Bitcoin, and its performance in terms of computation and impact on the Bitcoin protocol.

The paper titled "Vis-a-Vis Cryptography: Private and Trustworthy In-Person Certifications" discusses cryptographic protocols for anonymous Sexually Transmitted Disease (STD) notification and test result certification. The goal is to create a system that allows people to privately share their STD status without the need for a trusted third party. The proposed system involves two individuals using their smartphones to exchange cryptographic certificates, which are verified by a server without revealing the actual test result or the identity of the individuals involved. The paper presents the design of the system and evaluates its security and privacy properties.

One of his most prominent publications is "Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice," co-authored with several other researchers. The paper discusses how Diffie-Hellman, which is used to secure internet communication, can be vulnerable to attacks due to the failure of perfect forward secrecy in practice. The paper is published in the Communications of the ACM journal.

In "Developers Are Not The Enemy! The need for usable security APIs," Dr. Green and his co-author emphasise the importance of developing user-friendly security APIs for developers. In addition, Dr. Green has contributed to research on cloud security, access controls, digital signature schemes, and more, with publications in journals such as the IEEE Security & Privacy Magazine, the Journal of Computer Security, and the ACM Transactions on Information and System Security. 

Matthew Daniel Green's vision revolves around advancing the field of applied cryptography and cryptographic engineering. His research aims to develop privacy-preserving cryptographic protocols for anonymous electronic cash and identification, as well as enabling users to access databases without revealing the data they're accessing. Furthermore, he is focused on developing new automation techniques to help design and deploy advanced cryptographic protocols.

In addition to his research, Dr. Matthew is passionate about the practical aspects of cryptographic systems. He works on implementing cryptographic protocols and reverse-engineering deployed systems to better understand their workings. He also teaches an introductory course on cryptographic engineering. To support these efforts, Green has designed several cryptographic tools, including the Charm framework for rapidly prototyping cryptosystems and a Functional Encryption library that provides implementations of new Attribute Based Encryption schemes.