Stanford cyber-security innovators Whitfield Diffie and Martin Hellman, who brought cryptography from the shadowy realm of classified espionage into the public space and created a major breakthrough that enabled modern e-commerce and secure communications over the Internet, are being honored with the Association for Computing Machinery's 2015 A.M. Turing Award.

The award is often referred to as the "Nobel Prize of computing" and comes with a $1 million prize funded by Google.

The Association for Computing Machinery (ACM) made the official announcement this morning at the RSA conference in San Francisco – one of the largest gatherings of cryptographers working on Internet security.

[[{"fid":"222241","view_mode":"crop_870xauto","fields":{"format":"crop_870xauto","field_file_image_description[und][0][value]":"Martin Hellman (left) and Whitfield Diffie (right), winners of the 2015 Association for Computing Machinery's A.M. Turing Award, are shown in this 1977 photo.","field_file_image_alt_text[und][0][value]":"Martin Hellman (left) and Whitfield Diffie (right), winners of the 2015 Association for Computing Machinery's A.M. Turing Award, are shown in this 1977 photo.","field_file_image_title_text[und][0][value]":"Martin Hellman (left) and Whitfield Diffie (right), winners of the 2015 Association for Computing Machinery's A.M. Turing Award, are shown in this 1977 photo.","field_credit[und][0][value]":"Chuck Painter / Stanford News Service","field_caption[und][0][value]":"Martin Hellman (left) and Whitfield Diffie (right), winners of the 2015 Association for Computing Machinery's A.M. Turing Award, are shown in this 1977 photo.","field_related_image_aspect[und][0][value]":"","thumbnails":"crop_870xauto"},"type":"media","attributes":{"alt":"Martin Hellman (left) and Whitfield Diffie (right), winners of the 2015 Association for Computing Machinery's A.M. Turing Award, are shown in this 1977 photo.","title":"Martin Hellman (left) and Whitfield Diffie (right), winners of the 2015 Association for Computing Machinery's A.M. Turing Award, are shown in this 1977 photo.","width":"870","style":"width: 450px; height: 693px; margin-left: 15px; float: right;","class":"media-element file-crop-870xauto"}}]]Diffie and Hellman's 1976 paper "New Directions in Cryptography" stunned the academic and intelligence communities by providing a blueprint for a revolutionary new technique that would allow people to communicate over an open channel, with no prearrangement, but keep their information secret from any potential eavesdroppers.

They called it public-key cryptography.

They also showed how, by reversing the order of operations, it was possible to create a "digital signature." Like a written signature, this has to be easy for the legitimate signer to create and for everyone else to verify. But it has to be difficult – preferably impossible – for anyone else to sign new messages. Unlike a written signature, which looks the same even if it's taken from a $1 check and forged onto a $1,000,000 check, a digital signature can only be used with the specific message that was signed.

Digital signatures and the "digital certificates" or "certs" they can produce are critical components in the modern security architecture. They allow your browser to know that your bank is really who it claims to be, and they allow iPhones to only run software signed by Apple.

"Their 1976 invention is widely viewed as the birth of modern cryptography," said Dan Boneh, Stanford professor of computer science and electrical engineering and co-director of the Stanford Cyber Initiative.

"Simply put, without their work, the Internet could not have become what it is today," Boneh said. "Billions of people all over the planet use the Diffie-Hellman protocol on a daily basis to establish secure connections to their banks, e-commerce sites, e-mail servers, and the cloud."

Threat of jail time

It was a feat made even more impressive by the fact that little serious academic scholarship on cryptography existed at the time of their invention outside the realm of classified research conducted under the purview of secretive government agencies such as the National Security Agency. Hellman said academic colleagues had tried to discourage him from pursuing his interest in cryptography early in his career because of the NSA's virtual monopoly on the subject.

Martin Hellman explains the principles of encryption in a Stanford classroom in this photo taken in the late '70s.

"They said, 'You're wasting your time working on cryptography because the NSA has such a huge budget and a several-decades head start," said Hellman, Stanford professor emeritus of electrical engineering. "How are you going to come up with something they don't already know? And if you come up with something good, they'll classify it.'"

Diffie and Hellman clashed with the NSA over their publications, including one that claimed that the agency had pressured IBM to weaken the National Bureau of Standards' Data Encryption Standard (DES) by limiting the key size to 56 bits instead of a stronger option of 64 bits or higher.

After the publication of "New Directions in Cryptography" and another paper on the DES key size, the conflict intensified as the NSA waged a concerted campaign to limit the distribution of Diffie and Hellman's research.

An NSA employee even sent a letter to the publishers warning that the authors could be subject to prison time for violating U.S. laws restricting export of military weapons.

These skirmishes became known as the first of the "crypto wars."

Ultimately, the NSA failed to limit the spread of their ideas, and public key cryptography became the backbone of modern Internet security.

"Cryptography is the one indispensable security technique," said Diffie, who was a part-time researcher at Stanford at the time he and Hellman invented public-key cryptography. "There are lots of other things needed, but if the government had succeeded in blocking people from having strong cryptographic systems … it would have meant you could not have had security on the Internet."

Cryptography's starring role

Diffie and Hellman said the U.S. government's recent demands that Silicon Valley companies build so-called back doors into their products so law enforcement and intelligence agencies could access encrypted messages reminded them of the first crypto war. As then, the government did not have a workable proposal for how to create those back doors without undermining the security of those products.

Diffie and Hellman both said they sided with Apple in the current legal standoff over the FBI's request that Apple provide access to an iPhone belonging to one of the San Bernardino terrorists by writing software to bypass some of its security features.

"All the computer security experts that I talk with – I don't think there's been one who believes that we should do what the government wants," Hellman said. "While in this one case it might not do much harm, it establishes a dangerous precedent where Apple is then likely to be inundated with thousands upon thousands of requests that they'll have to either fight or comply with at great risk to the security of the iPhone system."

Diffie said giving in to the FBI's request would also make it harder for Apple to resist similar requests from foreign governments who want to spy on their citizens and crush internal dissent.

Whitfield Diffie (right) listens to former U.S. Secretary of State George Shultz (left) during an event at Stanford's Center for International Security and Cooperation.

Diffie and Hellman are both currently affiliated with Stanford's Center for International Security and Cooperation (CISAC), where they regularly attend seminars on a diverse range of national security issues and mentor young pre- and postdoctoral fellows on issues of cyber security.

"What's great about both Whit Diffie and Marty Hellman is the way in which they contribute to the ongoing intellectual discourse of the Center," said CISAC co-director David Relman. "Both of them think broadly and deeply far outside the bounds of their formal training and the areas of accomplishment for which they are now being recognized by this prize."

Persis Drell, dean of Stanford's School of Engineering, said the award, and the work behind it, exemplified the caliber and tone of research for which the school's faculty are noted.

"Engineers want to have a positive impact on our world, and we are enormously proud to have Marty Hellman as an emeritus member of the Stanford Engineering faculty," Drell said.

Boneh, whose main area of research is applied cryptography, said Diffie and Hellman's work continued to inspire a new generation of cryptographers.

"Beyond the practical implications of the work, their groundbreaking 1976 paper 'New Directions in Cryptography' introduced new concepts and opened up new directions that were previously thought to be impossible," Boneh said.

"It introduced number theory into the realm of cryptography and launched an entire academic discipline to further develop the area of public-key cryptography. By now there are thousands of researchers and tens of thousands of research papers building on their work. The field of cryptography would be a pale image of what it is today without the work of Diffie and Hellman."

The world remains perilously close to a nuclear disaster or catastrophic climate change that could devastate humanity, according to Stanford experts and California Governor Jerry Brown, who were on hand to unveil the latest update to the Bulletin of Atomic Scientists’ “doomsday clock” on Tuesday.

The symbolic clock was created in 1947 when Albert Einstein and Robert Oppenheimer (the father of the U.S. nuclear program) founded the publication.

The closer the minute hand gets to midnight, the closer their Board of Science and Security predicts humankind is to destroying itself.

“I must say with utter dismay that it stays at three minutes to midnight,” said Rachel Bronson, the publication’s executive director and publisher, in a bi-coastal teleconference carried live from The National Press Club in Washington D.C. and the Stanford campus.

Despite some positive development over the past year, such as the Iran nuclear deal and the Paris climate accords, the doomsday clock is now the closest it’s been to midnight since the peak of Cold War hostilities in the mid 1980s.

Stanford experts, including former U.S. Secretary of Defense William J. Perry and former Secretary of State George P. Shultz, said they agreed with the dire assessment.

“The danger of a nuclear catastrophe today, in my judgment, is greater than it was during the Cold War…and yet our policies simply do not reflect those dangers,” said Perry, who is a faculty member at Stanford’s Center for International Security and Cooperation.

Perry said he was especially concerned that the U.S. and Russia were engaged in new arms race, with both countries working to rapidly modernize their nuclear arsenals.

“Whatever we need to do for deterrence, it does not require rebuilding what we did during the Cold War era,” he said.

Perry urged President Barack Obama not to give up on the goal of nuclear disarmament during his last year in office, and to push for a breakthrough deal to control fissile material at the upcoming Nuclear Summit in Washington D.C.

“These summit meetings have been quite significant, and if he can use this last summit meeting to establish international standards for fissile control, which fifty heads of state sign up to, that would be a real achievement,” Perry said.

Shultz said the U.S. needed to offer a new version of the bold plans and decisive actions that legendary American statesmen George Marshall and Dean Acheson pursued after World War II.

“We have to be engaged, because when we don’t give leadership, nobody does,” said Shultz, a distinguished fellow at the Hoover Institution.

The doomsday clock was initially designed to communicate the threat from nuclear weapons, but has since been expanded to include cyber and biosecurity and the dangers of unsustainable climate change.

California Governor Jerry Brown described climate change as a “daunting threat,” with many similarities to nuclear dangers.

“Climate change and nuclear accident or nuclear war or nuclear sabotage or nuclear terrorism, they’re tied together,” Brown said.

“Climate change is moving slowly, but tipping points are around the corner and you don’t know when you’ve reached one, and beyond a tipping point, we may not be able to come back.”

Brown said he was dismayed at the lack of political action to address climate change and nuclear threats.

“I’ve been around politics all my life, and I can see an obviously broken process, a democratic system that has turned more into spectacle than getting the job done,” Brown said.

“In order to have the political leaders deal with this, they have to first acknowledge it.”

When a high school student in the audience asked what he could personally do to tackle the threat of nuclear weapons, Perry said the most important step was to educate himself about the issues, so he could educate others.

“If you can get ten people interested in talking about this problem, and each of those ten can get ten people interested in talking about this problem, it builds up in a geometric progression,” Perry said.

“I think once the public understands the dangers, they will galvanize our Congress and our leaders into action.”

U.S. Secretary of the Air Force Deborah Lee James speaks at a roundtable on cyber policy at Stanford University on January 6, 2016.

The U.S. military needs to train and recruit more “cyber warriors,” and improve its offensive and defensive capabilities in cyberspace, Secretary of the Air Force Deborah Lee James said during a visit to Stanford University last week.

“Today we’re not sufficiently strategizing, organizing, training or equipping to be cyber warriors,” James said at a roundtable discussion on cyber policy. “We’ve made progress over the last year or two, but it’s not good enough. We need to do more, to be open to different ways of bringing people on and retaining people so we can bring the best and brightest into our ranks.”

She called on Silicon Valley to “move past the debate over Edward Snowden and the debate over encryption” and help the military combat cyber threats to U.S. national security. “Particularly here in Silicon Valley, how can we get better access…and work better with some of the great innovations here in Silicon Valley?” she asked.

U.S. Secretary of the Air Force Deborah Lee James (left) meets with former Secretary of Defense William J. Perry (second from right) and former Secretaries of State Condoleezza Rice and George P. Shultz (far right) during a visit to Stanford University on January 6, 2016.

Stanford University was just one of the stops on James’ schedule, which also included meetings at Google, Facebook, FireEye and In-Q-Tel (the investment arm of the U.S. intelligence community).

James said she’d come to Silicon Valley to “listen and learn” and search for “the next big thing” – from drones to big data.

“We’re actively on the hunt for what will be our next advantage as the military,” she said.

She said the military was working to streamline its procurement process so it could move more quickly fund new technological development using what she called “rapid acquisition.”

“You can’t build the next fighter aircraft under this, but you can build smaller types of technological products and get something under contract within 30 days,” she said.

Protecting networked weapons systems and critical infrastructure at military bases were two top priorities for the Air Force, James said.

It is also working to develop better defensive capabilities to protect satellites and other assets in space, and prevent adversaries from disabling critical missile warning and global positions systems, James said.

“Space had been a fairly tranquil, uncontested area,” she said.

“Nowadays, space is much more contested and congested. There are many more companies and countries up there.

“If a conflict on earth bleeds into space in some way, how do we defend our constellation?”

Military operations centers will need to integrate more cyber capabilities in order to create more options for defense and offense, James said.

“What we need in future is a multi-domain operations center where we’re fully plugged in terms of cyber and space...so that a commander at every turn has military options that go beyond bombing a target,” she said.

“The President, the Secretary of Defense, everybody is pressing, ‘We want more options. We want more targets.’.”

But James acknowledged that even digital conflict could cause collateral damage in the physical world.

“Let’s say we take out a power grid to shut down a particular part of a country to stop a military action,” she said.  “Maybe you’d shut off power to a hospital and people would die.”

That’s why cyber operations would continue to be governed by the law of armed conflict.

“Before a cyber target would be hit, there would be a legal decision with other parts of the government,” James said. “It’s not solely [up to] a commander on the scene.”

In an indication of the growing importance of cyber operations, political and military leadership in Washington are considering elevating U.S. Cyber Command from under U.S. Strategic Command to become its own unified command, James said.

The Air Force currently has around 1,700 personnel working directly on cyber offense and defense, spread among the National Guard, Reserves and active duty. And it recently established a new Cyber College at Air University on Maxwell Air Force base in Montgomery, Alabama to train more internal talent.

But military leaders are also looking for other ways to scale up their cyber forces, James said.

“Maybe leveraging the private sector and leveraging Silicon Valley can help us,” she said.