Bruce Schneier | Academic Influence

About

Why is this person notable and influential?

By Erik J. Larson, PhD

Schneier’s name is synonymous with computer security. He is also respected as a cryptographer, and writes on issues of personal privacy arising from society’s ever changing relationship with new technology. In 1984, Schneier earned his bachelor’s degree in physics from the University of Rochester in New York. He received a master’s degree in computer science from American University in Washington, D.C. in 1988 and an honorary Ph.D. from the University of Westminster, London in 2011.

Over the years, Schneier has written extensively on core issues and problems with computer security, both for private individuals and for company and government security. Importantly, he has been an outspoken critic—or at the very least, he has sounded caution—of blockchain technology, arguing that it can create more problems than it solves. Central to much of Schneier’s thinking about computer security, he points out that supposedly “bullet proof” technology solutions for establishing security and trust tend to have weak points at the “ends” where humans add and receive data. The human components to end-to-end security is a key theme in his ideas. “Schneier’s Law” was coined by Internet theorist Cory Doctorow in a 2004 speech, capturing this theme: “Any person can invent a security system so clever that he or she can’t imagine a way of breaking it.”

Schneier’s books on computer security issues are written for general audiences, and have been widely read. Notable: Secrets and Lies: Digital Security in a Networked World in 2000; Beyond Fear: Thinking Sensibly About Security in an Uncertain World in 2003; Liars and Outliers: Enabling the Trust that Society Needs to Thrive in 2012, and most recently Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World in 2015.

Academic Website

Professional Website

Featured in Top Influential Computer Scientists Today

From Wikipedia

Bruce Schneier is an American cryptographer, computer security professional, privacy specialist, and writer. Schneier is current a Lecturer in Public Policy at the Harvard Kennedy School and a Fellow at the Berkman-Klein Centercurrently employed as the Chief of Security Architecture at Inrupt, Inc. in Boston, MA. He is the author of several books on general security topics, computer security and cryptography and a squid enthusiast.

Source: Wikipedia

Published Works

Two-factor authentication

Unbalanced Feistel networks and block cipher design

Cryptanalytic Attacks on Pseudorandom Number Generators

Environmental Key Generation Towards Clueless Agents

Toward a secure system engineering methodolgy

Helix: Fast Encryption and Authentication in a Single Cryptographic Primitive

A Taxonomy of Social Networking Data

Protocol interactions and the chosen protocol attack

Protecting secret keys with personal entropy

The Psychology of Security

Reaction Attacks against Several Public-Key Cryptosystem

Building PRFs from PRPs

Minimal Key Lengths for Symmetric Ciphers to Provide Adequate Commercial Security. A Report by an Ad Hoc Group of Cryptographers and Computer Scientists

Yarrow-160: Notes on the Design and Analysis of the Yarrow Cryptographic Pseudorandom Number Generator

Keys under doormats: mandating insecurity by requiring government access to all data and communications

Fast software encryption: Designing encryption algorithms for optimal software speed on the Intel Pentium processor

Mod n Cryptanalysis, with Applications against RC5P and M6

Applied Cryptography, Second Edition

Secrets and Lies

Secure applications of low-entropy keys

A SELF-STUDY COURSE IN BLOCK-CIPHER CRYPTANALYSIS

Insurance and the computer industry

Voting and technology

Cryptanalysis of the cellular message encryption algorithm

Inside risks: semantic network attacks

Stop Trying to Fix the User

Keys under doormats

Sensible Authentication

Managed Security Monitoring:Network Security for the 21st Century

The Future of Incident Response

Attack Trends: 2004 and 2005

The psychology of security

Common-Knowledge Attacks on Democracy

Remote auditing of software outputs using a trusted coprocessor

Risks of third-party data

Implementation of Chosen-Ciphertext Attacks against PGP and GnuPG

Cryptanalysis of Microsoft’s PPTP Authentication Extensions (MS-CHAPv2)

The MacGuffin block cipher algorithm

Artificial Intelligence and the Attack/Defense Balance

Cryptanalysis of Microsoft's point-to-point tunneling protocol (PPTP)

Privacy threats in intimate relationships

Architecture of Privacy

Cryptography Is Harder than It Looks

IoT Security: What’s Plan B?

Cryptography Engineering

Secrets and Lies: Digital Security in a Networked World

Metadata = Surveillance

Inside risks: risks of relying on cryptography

The nonsecurity of secrecy

Inside risks: risks of PKI

Cyberwar: Myth or Reality?

Using Algorithms

Security Weaknesses in a Randomized Stream Cipher

Threat Modeling and Risk Assessment

Census of cyberspace censoring

The Internet of Things Will Upend Our Industry

Insider risks in elections

Authenticating Secure Tokens Using Slow Memory Access

A Worldwide Survey of Encryption Products

Taking Stock: Estimating Vulnerability Rediscovery

The street performer protocol and digital copyrights

Key-Schedule Cryptanalysis of DEAL

On the Twofish Key Schedule

Automatic event-stream notarization using digital signatures

Cryptanalysis of TWOPRIME

Protecting privacy and liberty

Security and Function Creep

Here Comes Here Comes Everybody (review of Here Comes Everybody: The Power of Organizing Without Organizations by C. Shirky) [Books]

Inside risks: the Trojan horse race

Inside risks: risks of PKI

Schneier on Security: Privacy and Control

One-Way Hash Functions

Special Algorithms for Protocols

Basic Protocols

Networked-Computer Security

Technologists vs. Policy Makers

Perspectives on the SolarWinds Incident

How the Human Brain Buys Security

The Importance of Security Engineering

Conditional purchase orders

Introduction to Cryptography

Message Authentication Codes

Data Encryption Standard (DES)

Other Stream Ciphers and Real Random-Sequence Generators

Key-Exchange Algorithms

Algorithm Types and Modes

Identification and Authentication

Evaluating Security Systems: A Five-Step Process

Twofish on Smart Cards

Cryptanalysis of SPEED

Security pitfalls in cryptographic design

Attacking Machine Learning Systems

Cybersecurity for the Public Interest

The Death of the Security Industry

Security, Group Size, and the Human Brain

How Changing Technology Affects Security

Trust in Man/Machine Security Systems

IT for Oppression

Cryptography after the Aliens Land

Inside risks: cyber underwriters lab

Cyberconflicts and national security

The internet: Anonymous forever

Politics of Adversarial Machine Learning

The Context of Cryptography

Introduction to Cryptographic Protocols

Key Negotiation

Implementation Issues (II)

The Dream of PKI

PKI Practicalities

Storing Secrets

Standards and Patents

Involving Experts

Block Cipher Modes

The Secure Channel

Implementation Issues (I)

Generating Randomness

Mathematical Background

Other Block Ciphers

Still Other Block Ciphers

Combining Block Ciphers

Pseudo-Random-Sequence Generators and Stream Ciphers

Public-Key Algorithms

Protocol Building Blocks

Public-Key Digital Signature Algorithms

Identification Schemes

Example Implementations

Intermediate Protocols

Advanced Protocols

Esoteric Protocols

Network Security

Network Defenses

Software Reliability

Secure Hardware

Certificates and Credentials

Security Tricks

The Human Factor

Vulnerabilities and the Vulnerability Landscape

Threat Modeling and Risk Assessment

Digital Threats

Security Policies and Countermeasures

Product Testing and Verification

The Future of Products

Security Processes

Cryptography in Context

Computer Security

Special issue on security and trust management for dynamic coalitions

Secure Authentication with Multiple Parallel Keys

Distributed proctoring

Invited Talk: The Coming AI Hackers

Cryptanalysis of SPEED

High-tech cheats in a world of trust

Superheroes on screen: real life lessons for security debates

Poor Decisions About Security

Hacking the Tax Code

What Will It Take?

Nonsecurity Considerations in Security Decisions

Empathy and Security

The Security Value of Muddling Through

Cryptography, security, and the future

Inside Risks: The perils of port 80

Ten Risks of Pki

Les cyberconflits et la sécurité nationale

Encryption Workarounds

More

Less

Other Resources

Schools

What schools is this person affiliated with?

Private, nonsectarian, research university in Rochester, New York, United States

View profile

Private research university in Cambridge, Massachusetts, United States

View profile

Private liberal arts and research-based university in Washington, D.C.

View profile

Notable Works

What contributions to academia has this person made?

Liars and Outliers

Influence Rankings by Discipline

How’s this person influential?