The Levchin Prize
for Real-World Cryptography


Vincent Rijmen

For co-designing the Advanced Encryption Standard (AES).

Prof. Vincent Rijmen has made numerous contributions to the design of block ciphers and hash functions. Most notably in 1998 he co-designed the Rijndael block cipher, which became the Advanced Encryption Standard (AES), the most widely used block cipher in the world.

Paul Kocher

For pioneering work on side channel analysis.

Paul Kocher has made groundbreaking advances in side-channel analysis. His work on time-based cryptanalysis showed that the time that a process takes to perform a cryptographic operation can completely expose a secret key. He quickly followed with power cryptanalsis, a powerful technique to extract a secret key from a protected environment. These results led to many enhancements to cryptographic software and hardware designed to mitigate these attacks. More recently, Paul Kocher led an effort to explore the security implications of speculative execution. The resulting family of attacks, called Spectre, opened a new area of research studying the security of speculative execution.


Don Coppersmith

For foundational innovations in cryptanalysis.

Don Coppersmith has made numerous key contributions to the design and analysis of secure cryptosystems. He was involved in the design of the Data Encryption Standard (DES) at IBM, particularly the design of the S-boxes, strengthening them against differential cryptanalysis. He is the author of the “Coppersmith method” for finding small solutions to low degree polynomials modulo an RSA composite. His method continues to play a central role in exposing vulnerabilities in many real-world implementations of RSA and other factoring-based systems. In addition, he developed an ingenious algorithm for computing the discrete logarithm in finite fields of characteristic two; his algorithm is the reason why these fields are not used in cryptography.

Let's Encrypt

For fundamental improvements to the certificate ecosystem that provide free certificates for all.

Let's Encrypt is a free, open, and automated Certificate Authority. It began issuing TLS certificates in late 2015. Since then, Let's Encrypt has issued over 2.53 billion certificates to secure connections on the Internet. It is now the world's largest certificate authority. As a nonprofit, Let's Encrypt provides this service to make the Internet more secure for everyone using it. It is credited with a significant increase in the number of web sites that interact with their users over HTTPS. The Internet Security Research Group (ISRG), the provider of the Let's encrypt service, is a public benefit organization.


Neal Koblitz and Victor Miller

For the invention of elliptic curve cryptography.

Elliptic curve cryptography, or ECC, is the basis of almost all modern cryptographic software libraries in wide use. It is the basis of the TLS 1.3 key exchange protocol, is used to secure digital assets in systems like Bitcoin and Ethereum, and has been adopted by many standards bodies. ECC was invented by Neal Koblitz and Victor Miller, and was first presented at the CRYPTO 1985 conference. Since then there has been an explosion of work on optimizing, implementing, and standardizing ECC, which led to the wide adoption of ECC. Today ECC is used for key exchange, digital signatures, public key encryption, and many other applications. Overall, this work has had a tremendous impact on the practice of cryptography.

The Tor Project

For continued development of the Tor system and the underlying cryptography.

The first version of Tor, based on onion routing, was released in 2002. Since then Tor has experienced tremendous growth in capabilities and usage, and has found many applications, most notably for communicating with reporters anonymously, and helping people worldwide browse the Internet more freely. Tor uses a combination of public key and symmetric cryptography to provide an anonymous overlay for the Internet. The project has repeatedly pushed the frontiers of real world cryptography by introducing new requirements on the cryptosystems used in Tor.


Ralph Merkle

For fundamental contributions to the development of public key cryptography, hash algorithms, Merkle trees, and digital signatures.

Ralph Merkle invented many of the core concepts of modern cryptography. In 1974 he invented the first key exchange protocol as an undergraduate student. During his PhD he continued his remarkable path, inventing a new paradigm for constructing collision resistant hash functions, as well as Merkle trees, and new techniques for hash-based digital signatures. His contribution is not widely recognized in awards. We are thrilled to award the 2020 Levchin Prize to Ralph Merkle for his early contributions to the development of modern cryptography. These contributions are now widely used all over the world.

Xiaoyun Wang and Marc Stevens

For groundbreaking work on the security of collision resistant hash functions.

Xiaoyun Wang developed the first practical collision attack on MD5 in 2005. She used the attack to find collisions on MD5, which lead to MD5 being deprecated from most cryptographic implementations. In 2017, Marc Stevens was able to devise a collision attack on SHA1, and carry out the attack in practice. This remarkable work lead to the deprecation of SHA1 as a collision resistant hash function.


Mihir Bellare

For outstanding contributions to the design and analysis of real-world cryptosystems, including the development of the random oracle model, modes of operation, HMAC, and models for key exchange.

Mihir Bellare is a cryptographer whose work has focused on the development of practice-oriented provable security. He obtained his BS at Caltech and his PhD at MIT. He is a Fellow of the ACM, a Fellow of the IACR and a recipient of the ACM Paris Kanellakis Theory and Practice Award. He has an h-index of 100 and over 50,000 citations as per Google Scholar. Cryptographic algorithms that he has co-developed and are widely used in practice, including HMAC, RSA-OAEP, RSA-PSS and DHIES.

Eric Rescorla

For sustained contributions to the standardization of security protocols, and most recently the development and standardization of TLS 1.3.

Eric Rescorla is Chief Technology Officer, Firefox at Mozilla, where he is responsible for setting the overall technical strategy for the Firefox browser. He has contributed extensively to many of the core security protocols used in the Internet, including TLS, DTLS, WebRTC, ACME, and the in-development IETF QUIC protocol. Most recently, he was editor of TLS 1.3, which already secures 10% of websites despite having been finished for less than six months. Eric co-founded Let’s Encrypt, a free and automated certificate authority that now issues more than a million certificates a day, in order to remove barriers to online encryption and helped HTTPS grow from around 30% of the web to around 75%.


Hugo Krawczyk

For the development of real-world cryptographic systems with strong security guarantees and proofs.

Hugo Krawczyk is an IBM Fellow and a Distinguished Research Staff Member with the Cryptography Group at the IBM T.J. Watson Research Center whose areas of interest span theoretical and applied aspects of cryptography. He has contributed to the cryptographic design of numerous Internet standards, particularly IPsec, IKE, and SSL/TLS, and is a co-inventor of the HMAC message authentication algorithm. His most recent work in this area includes designs for TLS 1.3, the next generation TLS, and HKDF, an emerging standard for key derivation adopted by TLS 1.3, Signal, WhatsApp, Facebook Messenger and more. Hugo has authored more than 100 publications with over 20,000 citations, including contributions to the theory and applications of pseudorandomness, zero-knowledge, key exchange, password authentication, threshold and proactive cryptosystems, and search on encrypted data. He is an Associate Editor of the Journal of Cryptology, a Fellow of the International Association of Cryptologic Research (IACR) and a member of the IBM Academy of Technology. He is the recipient of the 2015 RSA Conference Award for Excellence in the Field of Mathematics as well as of various IBM awards, including two corporate awards, for contributions to cryptography and the information security industry.

The OpenSSL team

For dramatic improvements to the code quality of OpenSSL.

OpenSSL is an open-source, robust, commercial-grade, and full-featured toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It is also a general-purpose cryptography library. The project was founded in 1998 and was based on a fork of the earlier SSLeay project written by Eric Young and Tim Hudson. OpenSSL is used extensively to secure communications across the internet as well as private networks. OpenSSL source code is maintained by a team of committers. The overall project is run by the OpenSSL Management Committee (OMC). The committee and OMC teams are mostly made up of volunteers with only 3 people working full time on the project. Collectively the committees and OMC teams are responsible for all aspects of delivering the project including: fixing bugs, supporting users, writing documentation, developing new features, reviewing patches, handling security incidents and issuing new releases.


Joan Daemen

For the development of AES and SHA3.

Joan Daemen is awarded the 2017 Levchin prize for his contributions to the development of the AES block cipher and the SHA3 hash function. Both have had a remarkable real-world impact on the practice of cryptography. The Advanced Encryption Standard (AES) is the workhorse of almost all modern encryption systems. AES has been deployed widely in almost every system that needs to protect data, from financial transactions, to medical data, to protecting intellectual property. It has even been implemented in many modern processors via the AES-NI instructions. This highly successful cipher was designed by Joan Daemen and his collaborator Vincent Rijmen. Joan then went on to design a modern hash function, Keccak, based on the elegant sponge construction. His design was adopted by NIST and became the new SHA3 cryptographic hash function. SHA3 is much easier to use, compared to previous hash functions, and is a significant contribution to real-world cryptography.

Moxie Marlinspike and Trevor Perrin

For the development and wide deployment of the Signal protocol.

Moxie Marlinspike and Trevor Perrin are awarded the 2017 Levchin Prize for their development of the Signal protocol used to encrypt messages in communication systems. This protocol has been implemented into WhatsApp, Facebook Messenger, and Google Allo, encrypting the conversations of more than a billion people worldwide. The Signal protocol uses triple Diffie-Hellman, and a double ratchet mechanism to provide strong forward-secrecy. It is this massive deployment of an elegant encryption protocol for which Moxie and Trevor are awarded the Levchin prize.


Phil Rogaway

For groundbreaking practice-oriented research that has had exceptional impact on real-world cryptography.

Phil Rogaway is a giant in the area of symmetric encryption. The award is given for his groundbreaking practice-oriented research, authenticated encryption and his work on format preserving encryption which has had an exceptional impact on real-world cryptography.

The miTLS team:
Cedric Fournet, Karthikeyan Bhargavan, Alfredo Pironti, and Markulf Kohlweiss

For the analysis of TLS and the development of the miTLS project.

The team discovered multiple vulnerabilities in the TLS protocol and its implementation using tools for proving formal properties of protocols. Using these tools they built miTLS, which is designed to be a provably correct version of the TLS.