Quick Facts
LeoBiography
Robert Morris (July 25, 1932 – June 26, 2011) was an American cryptographer and computer scientist.
Family and education
Morris was born in Boston, Massachusetts. His parents were Walter W. Morris, a salesman, and Helen Kelly Morris. He received a bachelor's degree in mathematics from Harvard University in 1957 and a master's degree in applied mathematics from Harvard in 1958.
He married Anne Farlow, and they had three children together: Robert Tappan Morris, author of the 1988 Morris Worm, Meredith Morris, and Benjamin Morris.
Bell Labs
From 1960 until 1986, Morris was a researcher at Bell Labs and worked on Multics and later Unix. Morris's contributions to early versions of Unix include the math library, the bc programming language, the program crypt, and the password encryption scheme used for user authentication. The encryption scheme (invented by Roger Needham), was based on using a trapdoor function (now called a key derivation function) to compute hashes of user passwords which were stored in the file /etc/passwd; analogous techniques, relying on different functions, are still in use today.
National Security Agency
In 1986, Morris began work at the National Security Agency (NSA). He served as chief scientist of the NSA's National Computer Security Center, where he was involved in the production of the Rainbow Series of computer security standards, and retired from the NSA in 1994. He once told a reporter that, while at the NSA, he helped the FBI decode encrypted evidence.
There is a description of Morris in Clifford Stoll's book The Cuckoo's Egg. Many readers of Stoll's book remember Morris for giving Stoll a challenging mathematical puzzle (originally due to John H. Conway) in the course of their discussions on computer security: What is the next number in the sequence 1 11 21 1211 111221? (known as the look-and-say sequence). Stoll chose not to include the answer to this puzzle in The Cuckoo's Egg, to the frustration of many readers.
Robert Morris died in Lebanon, New Hampshire.
Quotes
- Never underestimate the attention, risk, money and time that an opponent will put into reading traffic.
- Rule 1 of cryptanalysis: check for plaintext.
- The three golden rules to ensure computer security are: do not own a computer; do not power it on; and do not use it.
- "Notes on Crypto '95 invited talks by R. Morris and A. Shamir" by Jim Gillogly and Paul Syverson
- p. 1, Inside Java 2 Platform Security: Architecture, API Design, and Implementation, Li Gong, Gary Ellison, and Mary Dageforde, Boston: Addison-Wesley, 2003, 2nd ed., ISBN 0-201-78791-1.
Selected publications
- (with Fred T. Grampp) UNIX Operating System Security, AT&T Bell Laboratories Technical Journal, 63, part 2, #8 (October 1984), pp. 1649–1672.