Bruce Schneier

Q: What Schools Are Affiliated With Bruce Schneier

Bruce Schneier is affiliated with the following schools: University of Rochester, Harvard University, American University

Why Is Bruce Schneier Influential?

By Erik J. Larson, PhD

Areas of Specialization: Computer Security
Schneier’s name is synonymous with computer security. He is also respected as a cryptographer, and writes on issues of personal privacy arising from society’s ever changing relationship with new technology. In 1984, Schneier earned his bachelor’s degree in physics from the University of Rochester in New York. He received a master’s degree in computer science from American University in Washington, D.C. in 1988 and an honorary Ph.D. from the University of Westminster, London in 2011.

Over the years, Schneier has written extensively on core issues and problems with computer security, both for private individuals and for company and government security. Importantly, he has been an outspoken critic—or at the very least, he has sounded caution—of blockchain technology, arguing that it can create more problems than it solves. Central to much of Schneier’s thinking about computer security, he points out that supposedly “bullet proof” technology solutions for establishing security and trust tend to have weak points at the “ends” where humans add and receive data. The human components to end-to-end security is a key theme in his ideas. “Schneier’s Law” was coined by Internet theorist Cory Doctorow in a 2004 speech, capturing this theme: “Any person can invent a security system so clever that he or she can’t imagine a way of breaking it.”

Schneier’s books on computer security issues are written for general audiences, and have been widely read. Notable titles include: Secrets and Lies: Digital Security in a Networked World in 2000; Beyond Fear: Thinking Sensibly About Security in an Uncertain World in 2003; Liars and Outliers: Enabling the Trust that Society Needs to Thrive in 2012, and most recently Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World in 2015.

Academic Website

Professional Website

Featured in Top Influential Computer Scientists Today

According to Wikipedia, Bruce Schneier is an American cryptographer, computer security professional, privacy specialist, and writer. Schneier is a Lecturer in Public Policy at the Harvard Kennedy School and a Fellow at the Berkman Klein Center for Internet & Society as of November, 2013. He is a board member of the Electronic Frontier Foundation, Access Now, and The Tor Project; and an advisory board member of Electronic Privacy Information Center and VerifiedVoting.org. He is the author of several books on general security topics, computer security and cryptography and is a squid enthusiast.

Bruce Schneier's Published Works

Number of citations in a given year to any of this author's works

Total number of citations to an author for the works they published in a given year. This highlights publication of the most important work(s) by the author

Published Papers

Applied cryptography - protocols, algorithms, and source code in C, 2nd Edition (1899)
Fast Software Encryption (1387)
Description of a New Variable-Length Key, 64-bit Block Cipher (Blowfish) (916)
Applied cryptography (2nd ed.): protocols, algorithms, and source code in C (903)
Secrets and Lies: Digital Security in a Networked World (693)
Practical cryptography (599)
Analysis of the SSL 3.0 protocol (483)
Improved Cryptanalysis of Rijndael (448)
Beyond fear - thinking sensibly about security in an uncertain world (436)
Secure audit logs to support computer forensics (430)
Twofish : A 128-bit block cipher (423)
Second Preimages on n-bit Hash Functions for Much Less than 2n Work (344)
Cryptography Engineering - Design Principles and Practical Applications (329)
Ten Risks of PKI (282)
Key-Schedule Cryptanalysis of IDEA, G-DES, GOST, SAFER, and Triple-DES (274)
Cryptographic Support for Secure Logs on Untrusted Machines (270)
Inside risks: the uses and abuses of biometrics (259)
The psychology of security (259)
Cryptanalytic Attacks on Pseudorandom Number Generators (254)
Related-key cryptanalysis of 3-WAY, Biham-DES, CAST, DES-X, NewDES, RC2, and TEA (244)
Side Channel Cryptanalysis of Product Ciphers (241)
One-way hash functions (233)
Two-factor authentication: too little, too late (229)
The Twofish encryption algorithm: a 128-bit block cipher (220)
Side channel cryptanalysis of product ciphers (214)
Unbalanced Feistel Networks and Block Cipher Design (210)
Environmental Key Generation Towards Clueless Agents (200)
Amplified Boomerang Attacks Against Reduced-Round MARS and Serpent (199)
Minimal Key Lengths for Symmetric Ciphers to Provide Adequate Commercial Security. A Report by an Ad Hoc Group of Cryptographers and Computer Scientists (196)
Helix: Fast Encryption and Authentication in a Single Cryptographic Primitive (189)
A Cryptographic Evaluation of IPsec (186)
The risks of key recovery, key escrow, and trusted third-party encryption (171)
Applied cryptography, second edition : protocols, algorithms,and source code in C (167)
Protocol Interactions and the Chosen Protocol Attack (164)
Toward a secure system engineering methodolgy (159)
Secrets and Lies (153)
Cryptographic Design Vulnerabilities (138)
Protecting secret keys with personal entropy (124)
Yarrow-160: Notes on the Design and Analysis of the Yarrow Cryptographic Pseudorandom Number Generator (122)
Secure Applications of Low-Entropy Keys (115)
Performance Comparison of the AES Submissions (114)
MODELING SECURITY THREATS (109)
Keys under doormats: mandating insecurity by requiring government access to all data and communications (105)
A Taxonomy of Social Networking Data (98)
Liars and Outliers: Enabling the Trust that Society Needs to Thrive (95)
Reaction Attacks against several Public-Key Cryptosystems (92)
The Psychology of Security (87)
Mod n Cryptanalysis, with Applications Against RC5P and M6 (84)
Related-Key Cryptanalysis of 3-WAY (84)
Building PRFs from PRPs (83)
Defeating Encrypted and Deniable File Systems: TrueCrypt v5.1a and the Case of the Tattling OS and Applications (75)
Data Encryption Standard (DES) (70)
Key-Schedule Cryptanalysis of DEAL (70)
The Twofish Encryption Algorithm (68)
Cryptanalysis of Microsoft's point-to-point tunneling protocol (PPTP) (66)
Cryptanalysis of Microsoft's PPTP Authentication Extensions (MS-CHAPv2) (64)
A Performance Comparison of the Five AES Finalists (63)
Schneier on security (63)
Attacks on Cryptographic Hashes in Internet Protocols (62)
Fast Software Encryption: Designing Encryption Algorithms for Optimal Software Speed on the Intel Pentium Processor (60)
A certified e-mail protocol (55)
A SELF-STUDY COURSE IN BLOCK-CIPHER CRYPTANALYSIS (54)
Architecture of Privacy (53)
Voting and technology: who gets to count your vote? (51)
Cryptanalysis of ORYX (42)
Cryptanalysis of the Cellular Encryption Algorithm (41)
Second Primages on n-bit Hash Functions for Much Less than 2n Work | NIST (41)
The Electronic Privacy Papers: Documents on the Battle for Privacy in the Age of Surveillance (40)
Insurance and the computer industry (39)
Minimizing Bandwidth for Remote Access to Cryptographically Protected Audit Logs (38)
Detecting Cheaters (36)
Surreptitiously Weakening Cryptographic Systems (35)
SECURITY PITFALLS IN CRYPTOGRAPHY (34)
Managed Security Monitoring: Network Security for the 21st Centur (32)
Inside risks: semantic network attacks (32)
DIGITAL SECURITY IN A NETWORKED WORLD (31)
Data and Goliath (31)
Common-Knowledge Attacks on Democracy (30)
Cryptanalysis of the cellular message encryption algorithm (30)
Implementation of Chosen-Ciphertext Attacks against PGP and GnuPG (29)
Remote electronic gambling (29)
Preliminary Cryptanalysis of Reduced-Round Serpent (28)
Attack Trends: 2004 and 2005 (26)
The Street Performer Protocol and Digital Copyrights (25)
An improved e-mail security protocol (25)
A Chosen Ciphertext Attack Against Several E-Mail Encryption Protocols (25)
The MacGuffin Block Cipher Algorithm (25)
AES Key Agility Issues in High-Speed IPsec Implementations (25)
Guest Editors' Introduction: Economics of Information Security (24)
Guilty until proven innocent? (24)
Risks of third-party data (23)
Automatic Event-Stream Notarization Using Digital Signatures (23)
Confidentiality in the Face of Pervasive Surveillance: A Threat Model and Problem Statement (23)
Cryptography: The Importance of Not Being Different (22)
An authenticated camera (22)
The Future of Incident Response (21)
On the Twofish Key Schedule (21)
Reaction Attacks Against Several Public-Key Cryptosystem (21)
Hacking the business climate for network security (21)
Privacy threats in intimate relationships (21)
"E-mail Security - How to keep your Electronic Messages Private": E-mail security by Bruce Schneier 1995 (John Wiley & Sons 365 pp.) isbn 0-471-05318-X (20)
The case for outsourcing security (20)
Economics of Information Security and Privacy III (19)
The nonsecurity of secrecy (19)
Sensible Authentication (19)
Red-black trees (18)
Stop Trying to Fix the User (18)
Remote auditing of software outputs using a trusted coprocessor (18)
Secrets and lies - digital security in a networked world: with new information about post-9/11 security (17)
Cryptography, security, and the future (17)
Inside risks (16)
Here Comes Here Comes Everybody (review of Here Comes Everybody: The Power of Organizing Without Organizations by C. Shirky) [Books] (16)
Cryptography Is Harder than It Looks (16)
Securing Medical Research: A Cybersecurity Point of View (16)
Semantic network attacks. (16)
E-mail security (16)
A Worldwide Survey of Encryption Products (15)
Insider risks in elections (15)
IoT Security: What's Plan B? (14)
Customers, Passwords, and Web Sites (14)
The trojan horse race (13)
Artificial Intelligence and the Attack/Defense Balance (13)
Smart Card Research and Applications (13)
Information Security and Externalities (13)
Carry On: Sound Advice from Schneier on Security (13)
Schneier's Cryptography Classics Library: Applied Cryptography, Secrets and Lies, and Practical Cryptography (13)
Metadata = Surveillance (12)
Security and Compliance (12)
Inside risks: risks of PKI (11)
Locks and full disclosure (11)
Block Cipher Modes (10)
Cryptanalysis of FROG (10)
Schneier on Security: Privacy and Control (10)
Comments on Twofish as an AES Candidate (10)
Risks of Relying on Cryptography. (10)
Security pitfalls in cryptographic design (10)
MARS Attacks! Preliminary Cryptanalysis of Reduced-Round MARS Variants (10)
Authenticating Secure Tokens Using Slow Memory Access (10)
Risks of PKI: E-Commerce. (9)
Making Democracy Harder to Hack (9)
A Peer-to-Peer Software Metering System (9)
Politics of Adversarial Machine Learning (8)
Inside risks: the Trojan horse race (8)
Threat Modeling and Risk Assessment (8)
Taking Stock: Estimating Vulnerability Rediscovery (8)
Securing the World Wide Web: Smart Tokens and Their Implementation (8)
Electronic commerce and the street performer protocol (8)
The Electronic Privacy Papers (7)
Raising Goats For Dummies (7)
The Importance of Security Engineering (7)
Key Length (7)
Protecting privacy and liberty (7)
Cryptanalysis of TWOPRIME (7)
SIMS: Solution, or Part of the Problem? (6)
Security and Function Creep (6)
Perspectives on the SolarWinds Incident (6)
The Death of the Security Industry (6)
The Zotob Storm (6)
We are all security consumers (6)
The Internet of Things Will Upend Our Industry (6)
Designing Encryption Algorithms for Real People (6)
Cryptanalysis of Akelarre (6)
The speed of security (6)
Inside risks: risks of relying on cryptography (6)
Authenticating Outputs of Computer Software Using a Cryptographic Coprocessor (6)
Voting security and technology (6)
Proceedings of the 7th International Workshop on Fast Software Encryption (6)
Making Democracy Harder to Hack: Should Elections Be Classified as ‘Critical Infrastructure?’ (5)
Attacking Machine Learning Systems (5)
Conditional purchase orders (5)
Inside risks: risks of PKI: e-commerce (5)
IT for Oppression (4)
We Have Root (4)
A Twofish Retreat : Related-Key Attacks Against Reduced-Round Twofish (4)
Security Weaknesses in a Randomized Stream Cipher (4)
Twofish on Smart Cards (4)
Protocol Building Blocks (4)
Other Stream Ciphers and Real Random‐Sequence Generators (3)
Cyberconflicts and national security (3)
Trust in Man/Machine Security Systems (3)
Nonsecurity Considerations in Security Decisions (3)
How Changing Technology Affects Security (3)
Key‐Exchange Algorithms (3)
Census of cyberspace censoring (3)
Why the NSA Makes Us More Vulnerable to Cyberattacks (3)
Cryptanalysis of SPEED (3)
Cybersecurity for the Public Interest (3)
Fast Software Encryption: 7th International Workshop, FSE 2000, New York, NY, USA, April 10-12, 2000. Proceedings (3)
Security, Group Size, and the Human Brain (3)
Proceedings of the The International Conference on Smart Card Research and Applications (3)
Cryptanalysis of SPEED (2)
DeadDrop/StrongBox security assessment (2)
Evaluating Security Systems: A Five-Step Process (2)
The Global Public Key Infrastructure : Terms and Concepts (2)
Cyberwar: Myth or Reality? (2)
How the Human Brain Buys Security (2)
Cryptography in Context (2)
Cryptography after the Aliens Land (2)
University Networks and Data Security (2)
Inside Risks: The perils of port 80 (2)
Legal Risks of Adversarial Machine Learning Research (2)
Twosh on Smart Cards (2)
Distributed Proctoring (2)
Authentication and Expiration (2)
Technologists vs. Policy Makers (2)
Public‐Key Digital Signature Algorithms (2)
Bugs in our Pockets: The Risks of Client-Side Scanning (2)
Digital signatures (2)
Twofish Technical Report # 4 Further Observations on the Key Schedule of Twofish (2)
Networked‐Computer Security (2)
Cryptanalytic Progress: Lessons for AES (2)
Secure Authentication with Multiple Parallel Keys (1)
Roadblocks on the information superhighway (1)
Introduction to Cryptographic Protocols (1)
Software-Based Attestation (1)
Algorithm Types and Modes (1)
Message Authentication Codes (1)
Usability and Psychology 2.1 Introduction (1)
Empathy and Security (1)
Standards and Patents (1)
Speaker Identification and Verification (SIV) (1)
Special Algorithms for Protocols (1)
New Results on the Two sh Encryption Algorithm (1)
Public‐Key Algorithms (1)
Untangling public-key cryptography (1)
Pervasive Attack: A Threat Model and Problem Statement (1)
The internet: Anonymous forever (1)
Introduction to Cryptography (1)
Secrets and lies - IT-Sicherheit in einer vernetzten Welt (1)
Invited Talk: The Coming AI Hackers (1)
Airplane hackers (1)
Electronic speech—for domestic use only (0)
Certificates and Credentials (0)
Superheroes on screen: real life lessons for security debates (0)
The Secure Channel (0)
What Will It Take? (0)
E-mail security : how to keep your messages private (0)
Afterword by Matt Blaze (0)
Other Block Ciphers (0)
Billing and collection system for 900-numbers and procedures for on-line computer services (0)
CC3: An Identity Attested Linux Security Supervisor Architecture (0)
Number 25 (0)
The Security Value of Muddling Through (0)
The field of battle: an overview (0)
Robot Hacking Games (0)
The perils of port 80. (0)
How to save the net (0)
E-mail security: maintaining privacy in a world of public data transfer (0)
Method and apparatus for secure time stamps of documents (0)
Cyber underwriters lab. (0)
Lottery system with off-line remote computers (0)
A Report by an Ad Hoc Group of Cryptographers and Computer Scientists & Trusted Third Party Encryption (0)
Combining Block Ciphers (0)
Pseudo‐Random‐Sequence Generators and Stream Ciphers (0)
The Future of Products (0)
On the Two sh Key Schedule (0)
The crypto bomb is ticking (0)
Special issue on security and trust management for dynamic coalitions (0)
Surveillance, the {NSA}, and Everything (0)
The Context of Cryptography (0)
Poor Decisions About Security (0)
Security Policies and Countermeasures (0)
Still Other Block Ciphers (0)
Reviews (0)
Security Weaknesses in Maurer-Like Randomized Stream Ciphers (0)
The Dream of PKI (0)
The Human Factor (0)
Early skirmishes (0)
Coalition Letter to President Obama Urging Support for Encryption (0)
Coalition Petition to the U.S. Department of Education to Amend 34 CFR Part 99 to Establish a Data Security Rule (0)
Machine Learning Featurizations for AI Hacking of Political Systems (0)
Inside risks: cyber underwriters lab (0)
Resources on Existential Risk General Blockinscholarly Blockindiscussion Blockinof Blockinexistential Blockinrisk (0)
Security Savvy: A Visual Guide (0)
Smart Card. Research and Applications: Third International Conference, CARDIS'98 Louvain-la-Neuve, Belgium, September 14-16, 1998 Proceedings (0)
Product Testing and Verification (0)
Copy protection for portable music play equipment (0)
Introduction to Security and Applied Cryptography (0)
The Real World (0)
Unnoticed Consent [Last Word] (0)
THIRD ADVANCED ENCRYPTION STANDARD CANDIDATE (0)
Hacking the Tax Code (0)
Identification and Authentication (0)
Electronic Commerce and the Street Performer (0)
High-tech cheats in a world of trust (0)
Description of the Blowfish Cipher (0)
Vulnerabilities and the Vulnerability Landscape (0)
The Committee on Homeland Security (0)
Implementation Issues (II) (0)
An Alternate Key Scheduling Algorithm for Blowfish and its Performance Analysis (0)
4 Our Solution : The Street Performer Protocol 4 . 1 (0)
Implementation Issues (I) (0)

This paper list is powered by the following services:

Other Resources About Bruce Schneier

What Schools Are Affiliated With Bruce Schneier?

Bruce Schneier is affiliated with the following schools:

What Are Bruce Schneier's Academic Contributions?

Bruce Schneier is most known for their academic work in the field of computer science. They are also known for their academic work in the fields of physics, mathematics, and literature.

Bruce Schneier has made the following academic contributions: