Paul Kocher | How power usage can tumble security

Paul Kocher, president of Cryptography Research, was part of the team that developed differential power analysis, a technique for breaking cryptography by observing how much power a system uses. He grew up in Oregon, where his physics professor father would bring him computers to play with. He taught himself programming by figuring out how the hardware worked. While studying at Stanford University to become a veterinarian, he worked part time at RSA Security, where he became fascinated with cryptography and security. After earning his bachelor’s degree, he chose the information technology business rather than veterinary medicine.

GCN: How did you make the transition from veterinary medicine to cryptography and security?

KOCHER: My original plan was to become a vet. To be clear, I don’t actually have a degree in veterinary medicine. But the perspective of someone who works with living systems is often one of trying to see how a system will respond to a particular stimulus. We don’t know how it works, but you can see how it reacts to external stimuli.

The way a lot of security work is done is similar. You have a system [and] you don’t really understand what its risks and properties are, what will make it live or die, and you need to figure that out. At some point, the analogy breaks down because living systems are vastly more complicated than any computer system we are working on. But the research process actually is quite similar.

GCN: When did you make the jump?

KOCHER: It was around my senior year of college, when the dot-com boom was just beginning and it became clear that there were a lot of really interesting unsolved problems in computer security that I had spent a few years pursuing. I haven’t looked back yet.

GCN: One of your achievements is helping to develop differential power analysis. What is DPA?