Loren Kohnfelder
Loren Kohnfelder invented what is today called public key infrastructure (PKI) in his May 1978 MIT S.B. (BSCSE) thesis, which described a practical means of using public key cryptography to secure network communications.
The Kohnfelder thesis introduced[1] the terms 'certificate' and 'certificate revocation list' as well as introducing numerous other concepts now established as important parts of PKI. The X.509 certificate specification that provides the basis for SSL, S/MIME and most modern PKI implementations are based on the Kohnfelder thesis.[2]
He was also the co-creator, with Praerit Garg, of the STRIDE model of security threats, widely used in threat modeling.
In 2021 he published Designing Secure Software with No Starch Press. He maintains a medium blog.
References
- "Proposed Model for Outsourcing PKI", Christopher McLaughlin, Royal Holloway, University of London, Technical Report RHUL-MA-2008-10, 2008-01-15
- "Certificates [Koh78]", in Design Principles and Patterns for Computer Systems That Are Simultaneously Secure and Usable, Simson L. Garfinkel, PhD Thesis, Massachusetts Institute of Technology, May 2005. p. 204. https://simson.net/thesis/