Dr. Vlastimil Klima has been a Cryptographer for 35 years. He is an SSL protocol breaker, creator of the world’s first on-the-fly encryption system for Windows, and the mind behind Cryptelo.
Today he reflects on a lifetime in cryptology and offers a word of warning for the future of data security.
Dr. Klima, you have a fascinating background in cyber-security and are named among the top cryptologists in the world. What drew you to cyber-security?
As a boy, I was a very good chess player and a mathematician. I even took part in the International Mathematical Olympiad. Later, I learned that ‘head hunters’ for the secret service were watching me. That sounds like something from the movies, but it really happened!
After graduating with a mathematics degree from Charles University, I worked for the state, in a secret department for censorship and cipher development. Later I discovered there were many great mathematicians and participants in the international mathematical Olympiads working in the secret services of various states.
One of the big attractions for somebody like me was the opportunity to solve very complex problems that no one else has done before. You have a sense of tackling the unknown, which is very rewarding.
In my work I dealt with the development of cipher and cryptographic devices as well as cryptanalysis. Later I was also in charge of the ciphers for our agents abroad. After the Velvet Revolution in 1989, I was entrusted with the development of ciphers independent of the Soviet Union. I spent two years with the General Staff of the Czech Army before moving to the private sector.
The pearl in my story is that my first private-sector job was with Eduard Kucera and Pavel Baudis (nowadays VPs). Avast is now one of the top antivirus companies in the world. I’m quite proud of that.
Then a number of security companies followed, for which I developed different cryptographic products or did security and cryptological analysis or cryptographic designs. Some time ago I worked for the Czech National Security Authority on the design of cipher and cryptographic devices already in operation for five years. I was very fortunate to have always been able to work with the most advanced technologies or even the "upcoming" technologies, both in cryptanalysis and in cryptography.
As a cryptologist, what are one or two ways you wish every software company would think differently about data security?
This is very difficult, and I suppose it is natural that we do not perceive security as important until we become a victim of a security incident. I have experienced this myself, so I know what I’m talking about.
Most of the time, data security problems arise from a lack of time and money to do the work properly. And attackers choose just this kind of company to attack, because it is vulnerable. So the best defense against security breaches is to maintain a high standard - higher than your competitors.
Predators prey on the weak. As we say: the gazelle does not have to be faster than the cheetah, it simply has to be faster than the other gazelles.
How did you get involved with Cryptelo?
I wanted to build the fastest gazelle! No seriously, I met Martin Baros, now the CEO of Cryptelo, when he came to me after encountering security issues. He wanted to create a secure storage solution that didn’t exist anywhere on the market.
As an entrepreneur, he had a natural instinct. When he proposed the idea, I realized, “Yes! Why hasn’t anyone done this?” I joined as Chief Cryptographer, and together we built Cryptelo.
photo originally appearing in Forbes