Whitfield Diffie (b. 1944) is co-inventor, with Martin Hellman, of public-key cryptography — the 1976 breakthrough that made secure communication between strangers mathematically possible and that underlies virtually all internet security today. Without Diffie-Hellman key exchange and the conceptual framework it established, neither applied-cryptography nor any of Schneier's technical work would exist in its current form. Diffie is the intellectual ancestor of Schneier's entire cryptographic career.
The 1976 Breakthrough
Before Diffie and Hellman, all cryptography was symmetric: both parties needed to share a secret key in advance. This created a fundamental bootstrapping problem — how do you securely exchange the key before you have secure communication? Diffie and Hellman's 1976 paper "New Directions in Cryptography" solved this with a radical insight: mathematical operations can be asymmetric, easy to perform in one direction but computationally infeasible to reverse. A public key can be freely distributed; messages encrypted with it can only be decrypted by the corresponding private key. Two parties can establish a shared secret over an insecure channel without ever having met.
This theoretical breakthrough enabled RSA (published a year later by Rivest, Shamir, and Adleman), PGP, SSL/TLS, and the entire infrastructure of internet security. When Schneier wrote applied-cryptography in 1994, he was systematically documenting and explaining a field that Diffie and Hellman had made possible. The book's comprehensive treatment of public-key systems is, in a real sense, an extended elaboration of the Diffie-Hellman insight.
Crypto Wars Involvement
Diffie was not merely a theoretical contributor — he was deeply engaged in the policy debates that consumed the cryptography community in the 1990s. He was a prominent critic of the clipper-chip-announcement, testified before Congress, and was a consistent voice arguing that strong civilian cryptography served national security rather than threatening it. His standing as a pioneer gave his policy arguments authority that activists alone could not command.
The NSA's long-running attempts to restrict civilian cryptography — which predated the Clipper Chip and ran through the crypto-wars-export-controls — were in part a response to Diffie and Hellman's work: by making strong cryptography a matter of published mathematics rather than classified technology, they had broken the government's monopoly on cryptographic capability. The export control regime was partly an attempt to re-establish that monopoly, which Diffie spent years opposing.
Intellectual Relationship to Schneier
Schneier's intellectual debt to Diffie is foundational in the most literal sense. applied-cryptography treats Diffie-Hellman as basic infrastructure — a given — and builds the applied discipline of cryptographic engineering on top of it. When Schneier in secrets-and-lies argued that cryptography was a necessary but insufficient condition for security, he was implicitly arguing about the limits of Diffie's contribution: yes, public-key cryptography solved the key distribution problem, but it did not solve the human and institutional problems that determine whether security systems actually work.
Diffie later wrote about the broader social implications of cryptographic technology, including surveillance and privacy — territory that Schneier would develop more extensively in data-and-goliath and related work. Both figures share a view that cryptographic tools are embedded in political contexts and that technical solutions have political prerequisites. Schneier's security-mindset framework owes something to Diffie's habit of asking not just "does this work mathematically?" but "what adversary model does this assume?"
Diffie received the Turing Award in 2015 (jointly with Hellman), the belated formal recognition of a contribution whose practical importance had been obvious to the cryptographic community for decades and whose policy implications had shaped the crypto-wars-export-controls that Schneier documented and fought.