I originally planned to become a veterinarian, and studied biology at Stanford University. However, I was also interested in cryptography and (encouraged by Martin Hellman) became engaged with people involved in cryptography-related initiatives around Stanford. I also worked during summers at RSA Data Security and took on several consulting/services projects.

When I finished my undergraduate degree, I started Cryptography Research. At first, the company funded itself by providing services for technology companies.  One of my early projects was co-authoring the SSL 3.0/TLS 1.0 protocol, whose current versions are widely used today for securing web connections, VPNs, and numerous other applications.

Cryptography Research invested the profits from consulting to develop various technologies and products, as well as to explore interesting research topics. This work included the discovery of differential power analysis and the development of DPA countermeasures -- which are now deployed in over 100 billion licensed chips, and counting. With the team at CRI, I also developed tamper-resistant ASIC cores under the CryptoFirewall brand for pay TV and anti-counterfeiting applications. I also led the development of the renewable security solution that was adopted in Blu-ray as BD+ and acquired by MacroVision in 2007. Along the way, there were also challenges and dead ends.

After Rambus acquired Cryptography Research in 2011, I served as SVP/Chief Scientist for the newly-created security division. The business continued to grow and expand into new areas, including the CryptoManager Solutions. When I left my full time position at Rambus in 2017, the security division had over 200 people and ~$100M annual revenue. Today I am still an advisor to Rambus/Cryptography Research, and continue to be excited about the work being done there.

In parallel to my work at Cryptography Research, I co-founded ValiCert, Inc. which developed solutions for managing digital certificates, went public in 2000, and was acquired in 2003.  I have also advised and invested in various innovative start-ups, including Lookout, DoubleCredit, Cavium, Ticto, Voltage, and Wickr.

Currently, I am exploring independent research topics.  Areas of interest include trade-offs between complexity/performance and security, as well as how computer systems could be architected to reduce the likelihood and severity of exploitable security vulnerabilities. One of the results of this work discovering a class of vulnerabilities (which I named Spectre) arising from the use of speculative execution in microprocessors.

I was elected to the National Academy of Engineering in 2009 for contributions to cryptography and Internet security.  I'm a member of the Forum on Cyber Resilience, which is a National Academies roundtable.  I'm also a member of the Cybersecurity Hall of Fame, and am a frequent speaker on security topics.

More about my technical work

Home page