Steven M. Bellovin

Steven M. Bellovin is a researcher on and . He is currently a Professor in the Computer Science department at , having previously been a Fellow at Research in , .

In September 2012, Bellovin was appointed Chief Technologist for the United States , replacing , who returned to .

In February 2016, Bellovin became the first technology scholar for the .



He received a BA degree from , and an MS and PhD in Computer Science from the .

As a graduate student, Bellovin was one of the originators of . He later suggested that should create the Phage mailing list as a response to the .

He and Michael Merritt invented the password-authenticated key agreement methods. He was also responsible for the discovery that were invented in 1882, not 1917, as previously believed.

Bellovin has been active in the . He was a member of the from 1996–2002. Bellovin later was Security Area co-director, and a member of the (IESG) from 2002–2004. He identified some key security weaknesses in the ; this and other weaknesses eventually led to the development of .

He received 2007 National Computer Systems Security Award by the National Institute of Standards and Technology (NIST) and the National Security Agency (NSA). In 2001, he was elected to the for his contributions to network and security.

Bellovin is an active user and a developer focusing on architectural, operational, and security issues.

Selected publications

Bellovin is the author and co-author of several books, RFCs and technical papers, including:

  • : Repelling the Wily Hacker (with ) – one of the first books on internet security.
  • : Repelling the Wily Hacker 2nd edition (with and Aviel D. Rubin)
  • : Stopping Next Year’s Hackers
  • RFC 1579 Firewall-Friendly FTP
  • RFC 1675 Security Concerns for IPng
  • RFC 1681 On Many Addresses per Host
  • RFC 1948 Defending Against Sequence Number Attacks
  • The Security Flag in the IPv4 Header ()
  • RFC 3554 On the Use of Stream Control Transmission Protocol (SCTP) with IPsec (with J. Ioannidis, A. Keromytis, R. Stewart.)
  • RFC 3631 Security Mechanisms for the Internet (with J. Schiller, Ed., C. Kaufman)
  • RFC 4107 Guidelines for Cryptographic Key Management (with R. Housley)

As of November 11, 2015, his publications have been cited 12,669 times, and he has an of 46.


See Also on BitcoinWiki