2006 CNRS Gold Medal Winner

The Guardian of Secrecy

Cryptology, the science of secret messages, plays a major role today in our everyday lives. Jacques Stern, recipient of the 2006 CNRS Gold Medal, France's highest distinction for scientific research, has played a key part in making it so.

Mobile phones, banking, online shopping, e-mail messages, cryptology is all around us. Jacques Stern, 57, director of the Informatics Laboratory at the Ecole Normale Supérieure (Liens)¹ has devoted his career to this science, the objective of which is to encrypt and decrypt information in order to prevent it from falling into the wrong hands. The founder of modern French cryptology and author of nearly 150 publications, Stern has just been awarded the CNRS Gold Medal for the sum of his work in this field.

 

From logic to cryptology

After graduating from Ecole normale supérieure with a doctorate in logic in the 1970s, Stern became interested in cryptology,² a discipline revolutionized in 1976 (see box) when it was sanctioned for non-military applications. After independently studying programming and number theory, Stern became a senior CNRS researcher in 1992, and has worked as a Professor at ENS since 1993.

 

Key research

Early on, Stern decided to tackle the biggest challenge in contemporary cryptology, namely, finding alternatives to the RSA algorithm (named after the initials of its inventors, Rivest, Shamir, and Adleman; see box). His approach was novel: “For some applications, especially on the Internet, you don't need to encrypt all the data.” Stern explains, “it's often enough just to carry out an authentication, which guarantees that each user is certain of the identity of the other party.” Stern invented two “zero-knowledge” public-key authentication systems, which allow an identity to be proved without revealing anything about it, thanks to a secret piece of data.  

In the cryptology community researchers routinely attempt to find flaws in colleagues' new ciphers before they are put into use and possibly exposed to criminal attention. This process, cryptanalysis, is an area where Stern's team has had great success. In 1997, they managed to break a new, supposedly unbreakable, IBM algorithm. 

Stern also takes part in proving that various encryption algorithms are secure. Before the 1990s, inviolability was a purely empirical notion; the only “guarantee” that a cipher was unbreakable was that no one had managed to break it! Stern introduced into Europe the concept of “proven security,” where inviolability has to be demonstrated. For instance, in 1996, he and his team proved that the system where a public key is used to authenticate the identity of the author of an e-mail message is secure. “Only one person can attach their signature,” Stern explains, “but everyone can check its authenticity.” 

Network security is another realm where Stern is busy. At the request of a European standardizing body, he and his team verified algorithms for encrypting 3G telephone calls.³ “The biggest technological development in the last ten years has been the convergence of information technology and telecommunications,” Stern points out. “Cryptology research is now faced with the huge challenge of ensuring, within this context, the security of communications and the authenticity of transactions, while guaranteeing privacy of personal data.”  His research has also set a benchmark in cases involving large numbers of people, such as online auctions or electronic voting.

 

A wide range of concerns

“Cryptology is already ubiquitous in our everyday lives, but it will become increasingly important with respect to privacy of data content and our own personal, especially medical, data,” Stern predicts. “The science of secrecy is therefore also becoming the science of trust, as well as playing a key role in the defense of our freedoms.” In the late 1990s, he played a part in deregulating cryptology in France so that ordinary people have more freedom to use cryptography. His research extends to France's national defense, and he is a member of the Strategic Council for Information Technologies.⁴ A man with the vision to foresee the explosive development of his discipline well before the coming of Internet clearly has privileged knowledge future trends. And yet, despite receiving the Legion of Honor and winning the French Academy of Sciences' Lazare Carnot Prize in 2003,⁵ the CNRS Gold Medal came as a complete surprise: a closely guarded secret, one might say!

 

Matthieu Ravaud