Matt Blaze is a researcher in the areas of secure systems, cryptography, and trust management. He is currently an Associate Professor of Computer and Information Science at the University of Pennsylvania, and on the board of directors of the Tor Project.
Blaze received his PhD in Computer Science from Princeton University.
In 1992, while working for AT&T, Blaze implemented a strong cryptographic package known as "CFS", the Cryptographic File System, for Unix, since ported to Linux. CFS uses Network File System as its transport mechanism, allowing users to encrypt selected directory hierarchies, but mount them unencrypted after providing the key. In November, 1993, he presented a paper on this project, "A Cryptographic File System for Unix", at the 1st ACM Conference on Computer and Communications Security. Blaze also published a paper "Key Management in an Encrypting File System", in the Proceedings USENIX Summer 1994 Technical Conference.
In the early 1990s, at the height of the "crypto war", Blaze was a participant in the Cypherpunks mailing list and in 1994, he found a critical weakness in the wiretapping mechanisms of the Clipper chip. His paper, Protocol Failure in the Escrowed Encryption Standard, pointed out that the Clipper's escrow system had a serious vulnerability: a brute-force attack could allow the Clipper chip to be used as an encryption device, while disabling the key escrow capability. Later during this time, he was one of the authors of a seminal paper on calculating secure key lengths.
In 2003, Blaze independently rediscovered, and published, a serious vulnerability in "master key" security in physical locks. Although apparently an open secret among some professional locksmiths; his decision to disclose it publicly provoked some controversy.
In July 2016, the complete board of the Tor Project resigned and announced a new board, including Matt Blaze.
- Ph.D., Computer Science, January 1993. Princeton University. (Thesis: Caching in Large-Scale Distributed File Systems)
- M.A., Computer Science, June 1989. Princeton University.
- M.S., Computer Science, May 1988. Columbia University
- B.S., January 1986. City University of New York (Hunter College).
- Ioannidis, John; Blaze, Matt. The Architecture and Implementation of Network-Layer Security Under Unix, in Proc. of the 4th USENIX Security Symp., pages 29–39, Santa Clara, CA, USA, October 1993.
- Bellovin, Steven M.; Blaze, Matt; Landau, Susan; Pell, Stephanie K. It's Too Complicated: How the Internet Upends Katz, Smith, and Electronic Surveillance Law, in Harvard Journal of Law and Technology Vol. 30.1, pages 1-101. February 2017.