Interview with Jeroen van de Graaf, Senior Cryptographer at ZKM
Share on

Alice Liu: Today I’m joined by Jeroen van de Graaf, Senior Cryptographer at ZKM. We'll be diving into the history of cryptography, sharing Jeroen's personal journey in the field. Jeroen has been involved in the space for over 40 years, and I’m very excited to hear his insights today. Jeroen, please introduce yourself and share a bit about your background and your journey into cryptography?

Jeroen van de Graaf: Thank you, Alice. That’s a lot to unpack, so let me start from the beginning. I was 18 when I decided to study mathematics. At the time, the university I wanted to attend - the University of Amsterdam - didn’t even have a computer science department. My choice was either mathematics or to attend the Free University of Amsterdam, where Andrew Tanenbaum taught. Tanenbaum was quite well-known for his work on operating systems, but I already knew that I was more interested in the theoretical side of computing rather than applied computer science, so I chose mathematics.

I consider myself quite fortunate to have studied in Amsterdam. One major highlight was our professor of algebra, Hendrik Lenstra, who’s well-known in the field. At that time, I was very interested in prime numbers and how to prove if a number was a prime. This was quite difficult back then, especially because we lacked the computational tools that are taken for granted today. To determine if a number was a prime, I had to use books like the Abramowitz and Stegun tables, which listed prime numbers up to a certain point. We didn't have advanced algorithms or computers to do these calculations.

As I got deeper into mathematics, Professor Lenstra suggested cryptography could be a very interesting path. I was also fortunate to be in Amsterdam, where there was the Mathematical Institute - now known as the Center for Mathematics and Computer Science (CWI). In 1982, I dedicated a week to studying cryptography, which I see as the real beginning of my career in this field. RSA had been discovered only a few years earlier, and I remember my professor saying how remarkable it was that something as abstract as number theory could have such practical applications in cryptography.

Alice Liu: It’s fascinating that you were there at such a pivotal moment. And I didn’t know about the challenges the NSA posed back then regarding cryptographic research - it’s interesting to hear about their control attempts. Could you tell us more about how the field has evolved since then? What are some of the key changes you've seen over the years?

Jeroen van de Graaf: The evolution has been incredible. First, let me describe the technological environment back in the early 80s. The computers we had access to were very limited. We had machines like the Commodore 64, which were state-of-the-art at the time, but there was no internet, no email, and even word processing was rudimentary. I remember typing my master’s thesis in 1985 on a special typewriter by IBM that required me to swap different “balls” for fonts and symbols. It was an enormous effort compared to today’s standards.

At that time, cryptography was mainly for the military, for spies, and for diplomats - though I also liked to say for lovers, in a more clandestine sense. Fast forward to today, and cryptography is everywhere. We use it in WiFi, GSM networks, secure online transactions - you name it. I think the most profound change has been that cryptography, once a niche topic for national security, has become ubiquitous in everyday life.

We also see cryptography playing a significant role in blockchain technology. This isn’t primarily for privacy, like in the traditional sense, but rather for ensuring the integrity of transactions. This shift - using cryptography for verifying integrity rather than just confidentiality - has been a major evolution. The nature of the research has also changed; the field now is more theoretical and is evolving at an astounding pace, something we never could have anticipated forty years ago.

Alice Liu: You mentioned privacy as a primary motivation throughout your career. Can you explain what privacy entails in the context of cryptographic research, particularly with ZK and multi-party computation?

Jeroen van de Graaf: Privacy has always been one of my core interests. One of the key ideas I worked on, largely influenced by my work with David Chaum, is unlinkability. The idea is to enable someone to prove something without linking that proof to their identity - for instance, being able to anonymously publish messages or make payments without revealing the sender's identity. Chaum's early work on digital credentials also resonates here - he aimed for individuals to prove they were over 18 without having to disclose their birthdate or other personal information. It’s about providing the necessary proof while withholding everything else.

This philosophy also extends into more modern applications like ZK and blockchain. ZK proofs allow us to prove correctness without revealing underlying information. This is also what multi-party computation achieves - enabling multiple parties to compute a function together without revealing their private inputs. I believe privacy is fundamentally about control over your own data, and cryptographic advances in ZK and multi-party computation are about ensuring that control is in the hands of the individuals.

Alice Liu: You’ve seen cryptographic concepts transition from theoretical research to practical applications over the years. Are there any emerging concepts now that you think will be similarly transformative in the future?

Jeroen van de Graaf: Absolutely. One major area where we’re seeing rapid development is verifiable computation, which is connected to zero-knowledge proofs and zkVMs. The idea here is that you could offload computational work to a powerful third party - say a cloud provider like Amazon - and get back both the result and a proof that the result is correct. Importantly, verifying the proof requires far less computational power than performing the original computation. This is what makes zero-knowledge succinct proofs so exciting. They allow for secure delegation of computation while maintaining trust.

Another area that holds promise is fully homomorphic encryption (FHE). FHE allows for computations to be done directly on encrypted data, meaning sensitive data can be processed without anyone ever seeing it in plain text. There’s a long way to go in terms of efficiency, but the promise of being able to safely outsource computations on private data is massive. I think over the next few years, we’ll see breakthroughs in efficiency for both verifiable computation and FHE, which will fundamentally change what’s possible with privacy-preserving technologies.

Alice Liu: Speaking of advancements, there’s been a lot of buzz around quantum computing and its potential threat to current cryptographic systems. What’s your take on this - do you think quantum computers are an immediate concern for cryptography?

Jeroen van de Graaf: I’m glad you asked this, Alice. My honest answer is that I don’t see quantum computing as an immediate threat - in fact, I’m not convinced we’ll see a scalable quantum computer capable of breaking modern cryptography in my lifetime. Since Peter Shor presented his quantum algorithm in 1994, people have been predicting that quantum computers are just around the corner, but they still seem far away. There are serious technical challenges, like quantum decoherence, which make it incredibly difficult to maintain the stable quantum states required for complex computations.

While I think it’s sensible for researchers to prepare for post-quantum cryptography, I also believe there’s no reason to panic or urgently move away from our current systems. The practical difficulty of scaling quantum computers to the level where they could break something like RSA is immense. As long as there’s an economic infeasibility in breaking cryptographic keys - even with a quantum computer - current systems will remain secure for most purposes. But research into quantum-resistant cryptography will continue, and that’s certainly a good thing.

Alice Liu: Thank you for that perspective, Jeroen. It’s really helpful to hear from someone with your background. And with that, I think we’ll wrap things up for today. Thank you for joining, Jeroen, and for sharing your journey and thoughts on the evolution of cryptography, privacy, and the exciting future ahead.

Jeroen van de Graaf: Thank you, Alice, for having me. It’s been a pleasure, and I hope we can continue these discussions as the space evolves.

Follow @ProjectZKM on X for the latest updates on Jeroen’s work.

More articles
News
zkVM Architecture: A Comparative Analysis
Read More
November 21, 2024
News
Highlights from Cryptology ePrint Archive
Read More
December 5, 2024