Barry Fagin, United States Air Force Academy – Internet Security

Our current computer programming languages leave a lot to be desired security-wise.

Barry Fagin, professor of computer science at the United States Air Force Academy, explores a new approach to keeping our online sites secure.

Dr Fagin graduated magna cum laude from Brown University in 1982, and received the PhD in Computer Science from the University of California at Berkeley in 1987.   He is currently Professor of Computer Science at the US Air Force Academy in Colorado Springs*.

Dr Fagin has maintained a lifelong interest in connecting the world of ideas to the world of politics.   He is the founder of Families Against Internet Censorship, a successful plaintiff in the Supreme Court case of Reno v. ACLU et. al.   He has appeared on Montel Williams, Good Morning America, NBC Nightly News, MS/NBC and the Colorado PBS show “Independent Thinking”. His columns have appeared in national papers, including the Christian Science Monitor and Newsday, as well as every major newspaper in his home state of Colorado, where he has testified before the General Assembly. Dr. Fagin is currently a featured columnist in the Colorado Springs Gazette.

In addition to numerous columns for the popular media, Dr Fagin is the author of over thirty scholarly papers covering areas of computer science and public policy.  He is the co-inventor of the Crandall-Fagin multiplication algorithm, used to discover the world’s largest prime numbers.  He is also a former Information Director for ACM/SIGCAS, a Senior Member of the IEEE, and an Adjunct Scholar at the Competitive Enterprise Institute in Washington, DC.   His current research involves improving internet security through the development of software with mathematically provable security properties.

Dr Fagin is a committed scientist and critical thinker.  He is a contributing writer for the Committee for Skeptical Inquiry, a member of the Rocky Mountain Skeptics, Sigma Xi, the MAA and AAAS. He is a National Civil Liberties Award recipient, a Research Associate at the Independence Institute, and lay Torah reader at Temple Shalom in Colorado Springs.  A Fulbright Scholar and a fluent Russian speaker, he has translated pages for the web site of St. Petersburg’s Mariinsky Theater and Kirov Ballet. Dr. Fagin is a member of Who’s Who in America, and is a 2009 recipient of the Thomas Jefferson Award from the Military Religious Freedom Foundation.  In 2012, he was named the Colorado Professor of the Year by the Council for the Advancement and Support of Education in Washington DC.

In his spare time, Dr. Fagin is an avid runner, mountain climber and jazz keyboardist.  Excerpts from concert performances are available on his youtube channel.  Most important of all, he is the father of Max and Erica Fagin.

Internet Security

Did you know the internet address of npr’s web site is 216.35.221.76?  Did you care?  Probably not.  All you cared about was  “npr.org”.  Connecting that name with an address is the job of the Domain Name System, or DNS.  Every time you open a browser, it talks to a DNS server that turns a web site name into an address.  Without DNS, the internet isn’t usable.

Unfortunately, the most popular versions of DNS have security holes you can drive a truck through.  If a hacker is clever enough, they can send a special packet that will crash the program, or even worse take it over.  This will permit them to use your DNS server for their own nefarious purposes.

Why do security flaws exist?   It has to do with the way we program.  Programming languages, the way programmers express ideas to machines, were not designed with security in mind.  In order to create programs without security problems, we need to program differently.  We need the power of logic and proof.  We need mathematics.

Our work involves programming in such a way that you can prove your code doesn’t have security problems.  We have used mathematics and special software tools to produce IRONSIDES, a DNS server invulnerable to many of the security attacks that plague DNS servers today.   IRONSIDES can’t be crashed no matter what input you give it, and hackers can’t take it over. We know this in the same way we know that two and two make four, or that the Pythagorean Theorem is true.   In other words, we’re right, and we can prove it!

We hope in the future this kind of work will be used to make hacking credit card numbers and emails a thing of the past.  After all, you might be able to hack a computer, but nobody can hack mathematics.