Moti Yung | |
---|---|
Alma mater | Columbia University |
Awards | |
Scientific career | |
Fields | |
Institutions | |
Thesis | Minimum-Knowledge Transfer Protocol (1988) |
Doctoral advisor | Zvi Galil |
Doctoral students |
Mordechai M. "Moti" Yung is a cryptographer and computer scientist known for his work on cryptovirology and kleptography.
Yung earned his PhD from Columbia University in 1988 under the supervision of Zvi Galil.[1] In the past, he worked at the IBM Thomas J. Watson Research Center,[2] CertCo, RSA Laboratories, and Google.[3] In 2016, Yung moved from Google to Snap Inc.[4] Yung is currently a research scientist at Google.[5]
Yung is an adjunct senior research faculty member at Columbia University,[5] and has co-advised PhD students including Gödel Prize winner Matthew K. Franklin, Jonathan Katz, and Aggelos Kiayias.[1]
Yung research covers primarily the area of cryptography and its applications to information security and data privacy. He has worked on defining and implementing malicious (offensive) cryptography: cryptovirology[6] and kleptography,[7] and on various other foundational and applied fields of cryptographic research, including: user and entity electronic authentication,[8][9] information-theoretic security,[10][11] secure multi-party computation,[12][13][14][15] threshold cryptosystems,[16][17] and zero-knowledge proofs,[18][19][20]
In 1996, Adam L. Young and Yung coined the term cryptovirology to denote the use of cryptography as an attack weapon via computer viruses and other malware in contrast to its traditional protective role.[6] In particular, they described the first instances of ransomware using public-key cryptography.[21][22]
In 1996, Adam L. Young and Yung introduced the notion of kleptography[7] to show how cryptography could be used to attack host cryptosystems where the malicious resulting system with the embedded cryptologic tool in it resists reverse-engineering and cannot be detected by interacting with the host cryptosystem,[23][24][25][26][27] as an argument against cryptographic systems and devices given by an external body as "black boxes" as was the Clipper chip and the Capstone program.[28]
After the 2013 Snowden affair, the NIST was believed to have mounted the first kleptographic attack against the American Federal Information Processing Standard detailing the Dual EC DRBG,[29] essentially exploiting the repeated discrete logarithm based "kleptogram" introduced by Young and Yung.[30]