personal

personal | computing | education | teaching | publications | work

name: David Geoffrey Hook.

date and place of birth: April 19th, 1962. Hobart, Tasmania.

nationality: Australian

marital status: Married

location: Melbourne, Australia

email: dgh@autochthonous.org

personal interests: Music, Cinema, Chinese and Japanese Martial Arts, Computer Graphics, Cryptography, Open Source Software.

computing languages and systems

personal | computing | education | teaching | publications | work

computer language experience

Java, Perl, JavaScript, C, PHP, Scala, Python, C++, Tcl/Tk, FORTRAN, and Pascal. SQL and a variety of 4 GL's. Interdata 7/16, M68000, 8086, 6502, 6800, Z80, and 8085 Assembly languages.

system experience

A mixture of BSD Unix, System III, System V (rel 2-4), Solaris, Irix, AIX, HP UX, Linux, Ultrix on Vaxen, P-E 32/40, Plexus, Suns, Apollos, 3b2s, Silicon Graphics, IBM RS 6000, HP 9000, DECStations, Pyramids and PCs. NOS on Cyber. MS-DOS, Windows, NT on PC. F4 on Facom. Oracle, Sybase, MySql and Postgres. Zope.

education and development

personal | computing | education | teaching | publications | work

qualifications

Graduate Diploma in Economics, Graduate School of Business and Economics, University of Melbourne, March 2010.

Master of Applied Science, Computer Engineering, (by research), University of Melbourne, June 1995. Thesis available as postscript or as pdf. Software developed as part of the thesis is available as libRT.

Bachelor of Arts, Philosophy, University of Melbourne, 1987.

Bachelor of Science, Computer Science, University of Melbourne, 1984.

Diploma Shiatsu and Oriental Medicine, Australian Shiatsu College, 1994.

professional memberships

Association for Computing Machinery, IEEE Computer Society.

other roles

Current director of the Tau Ceti Co-operative.

Co-founder and Chair of the Melbourne ACM SIGGRAPH Professional Chapter October 2000 to July 2010.

Member of executive and past Chair of ANZGRAPH August 2004 to August 2008.

Member ACM SIGGRAPH Professional and Student Chapters Committee July 2004 - July 2007.

Conference advisor and publicity co-chair for GRAPHITE 2007.

Publicity co-chair for GRAPHITE 2006.

2002 to 2003: Local Organising Co-chair and Sponsorship Co-chair for GRAPHITE 2003.

2002: Co-organiser of the Melbourne section of the ACM SIGGRAPH delegate visit to Melbourne, which subsequently lead to GRAPHITE 2003 being held in Melbourne.

presentations

Presented "A Window on the Post-Quantum World: Using Merkel-Based Signature Schemes" at ICMC 2020, Virtual On-line, a look at Bouncy Castle API support and changes to accommodate the stateful signature standards.

Presented "Tips and Tricks to Help Avoid a Post Quantum Apocalypse" at the PrimeKey Tech Days 2019, Stockholm, a look at the coming post-quantum algorithms, crypto agility and how the Bouncy Castle APIs are changing to allow for these.

Presented "A Reflection: Compliance, Security, and the new world of Multi-release Jars with Bouncy Castle" at ICMC 2019, Vancouver, covering how the Bouncy Castle efforts were affected by the multi-release jar standard and what the advantages and problems were.

Presented "Avoiding Burning at Sunset - Validation Planning in Bouncy Castle" at ICMC 2018, Ottawa, covering how the Bouncy Castle FIPS effort was planning to deal with recent changes to the NIST sunsetting policy and its implications in relation to FISMA compliance.

Presented "The Bouncy Castle APIs - Looking to the Future" at the PrimeKey Tech Days 2017, Stockholm, covering the Bouncy Castle roadmap for FIPS and the general APIs. An updated version of this talk was also presented at SecTalks, October 2017, in Melbourne, Australia.

Presented "FIPS Certification and the Bouncy Castle Project, or What Do You Mean I Can’t Just Do a New Release Tomorrow?" at ICMC 2017, Washington DC, covering the Bouncy Castle FIPS efforts and the changes we have seen in project development as a result.

Presented "Open Source Development and Sustainability: A Look at the Bouncy Castle Project" at the 2016 Linux Collaboration Summit, Lake Tahoe, covering the evolution of the Bouncy Castle project.

Presented at the Victorian branch of the Australian Java Users' Group on cryptography, Java security, Cryptographic Message Syntax and S/MIME, 3D graphics and 3D rendering in Java. "Hobby" project related to Java 3D rendering is XJRT.

Presented at the Sun User Group in Melbourne on the open source graphics projects VOGLE, VOPL, and VORT.

conference attendance

Ausgraph 1986, Ausgraph 1989, Ausgraph 1990, SIGGRAPH 1991, SGI Developers' Conference 1995, AUUG Winter Conference 1996, SIGGRAPH 1996, VRML 1997, JavaOne 1997, JavaOne 1998, Java@Work 1998, JavaOne 1999, SIGGRAPH 1999, JavaOne 2000, SIGGRAPH 2000, JavaOne 2001, RSA Security Conference 2001, SIGGRAPH 2001, SIGGRAPH 2002, ACM Conference on Computer and Communication Security 2002, GRAPHITE 2003, SIGGRAPH 2003, SIGGRAPH 2004, SIGGRAPH 2005, GRAPHITE 2005, JavaOne 2006, SIGGRAPH 2006, ASIACCS 2007, SIGGRAPH Asia 2008, MongoDB Melbourne 2012, Real World Crypto 2016, RSA Security Conference 2016, 2016 Linux Collaboration Summit, ICMC 2016, Java One 2016, RSA Security Conference 2017, ICMC 2017, PrimeKey Tech Days 2017, RSA Security Conference 2018, ICMC 2018, PrimeKey Tech Days 2018, Real World Crypto 2019, RSA Security Conference 2019, PrimeKey Tech Days 2019, ICMC 2019, ICMC 2020, Real World Crypto 2022, RSA Security Conference 2022.

short course attendance

1989: Advanced Computer Graphics Rendering Course, given by James Arvo and David Kirk.
1988: Computer Graphics Rendering Course, given by Rob Cook.

Both courses were week long intensives held at Mechanical and Production Engineering at The R.M.I.T.

1991: four day intensive on C++, given by Sharam Hekmatpour, at DECR, The University of Melbourne.

teaching

personal | computing | education | teaching | publications | work

conferences

Gave a half day Java tutorial at the AUUG Winter conference in Melbourne, 1996.

courses

2016: Run a one day course on the Bouncy Castle Java FIPS APIs. Course was sponsored by CERTOSS and StrongAuth Inc and held in Cupertino, California.

2004: Lecturer, COSC1212/1492 (CS542) Introduction to Graphics Programming Using Java3D, Computer Science, RMIT University.

1996 to 1998: development and teaching of a 3 day Java programming intensive for internal and external programming staff at Engineering Computer Resources, University of Melbourne. Course was given 4 times over the period.

tutoring

1987: Computer Science Tutor, Whitley College, University of Melbourne.

publications

personal | computing | education | teaching | publications | work

D.G.Hook and J.Eaves ''Java Cryptography: Tools and Techniques'' Leanpub, 2018-2019.

D.G.Hook ''Beginning Cryptography with Java'' Wrox, 2005. ISBN 0764596330. Also translated into Polish.

D.G.Hook and P.K.Dettman, ''Protecting Your Communications with the Bouncy Castle Cryptography APIs''. Windows Developer Power Tools, O'Reilly, 2007.

D.G.Hook and K.E. Forward. ''Using Kd-trees to Guide Bounding Volume Hierarchies for Ray Tracing'' the Australian Computer Journal, 1996.

D.G.Hook and P.R. McAree. ''Using Sturm Sequences to Bracket Real Roots of Polynomial Equations'' Graphics Gems, Academic Press, 1990.

W.P. Lewis, J.G. Weir, D.G. Hook, and E.V. Mochel. ''Education in 3D Geometry and Modeling via Computer Graphics''. The International Journal of Applied Engineering Education, Volume 6, Number 5, 1990.

K.E. Forward, J.M Higgins, and D.G. Hook. ''The University of Melbourne Engineering Workstation Network as a Learning Environment''. The International Journal of Applied Engineering Education, Volume 6, Number 1, 1990.

K.E. Forward, J.M. Higgins, D.G. Hook, and I.P. Williamson. ''A Network of Workstations as a New Teaching Resource for Engineering Education''. World Conference on Engineering Education for Advancing Technology, February 1989.

work experience

personal | computing | education | teaching | publications | work

VP Software Engineering, Crypto Workshop - Keyfactor

June '21 - Present

Further development and support of the Bouncy Castle APIs as well as managing a team to do the same.

Director, Consultant - Crypto Workshop

Nov '12 - June '21

Specialist Cryptography consulting and API development in a variety of languages and environments.

Further development and support of the Bouncy Castle APIs as well as contracting to do the same.

Development of a FIPS certifiable APIs based on Bouncy Castle Java and C#. Work on the documentation in support of the same. APIs were certified in 2016.

Development of a highly threaded cryptographic MixNet for anonymous electronic voting for the Victorian Electoral commission. MixNet encryption was based on Elliptic Curve ElGamal and made use of threshold encryption and zero knowledge proofs of correct decryption.

Subcontractor to Champion Data Oct' 2012 to Dec' 2014:

Vice President, Development - Lock Box

Jan '08 - Oct '12:

Managed a small team of programmers to develop a secure file sharing product and associated backend billing support System built on Spring, Hessian, Tomcat, JSP, and made extensive use of the Java concurrency libraries.

Responsible for product architecture, product future, design of protocols, and actively involved in programming development.

Actively involved in supporting documentation for purposes of marketing, fund raising, and IP protection, including 3 patents.

Actively involved in the development of software to support CRMF, CMP, PKCS-12, X.509, ASN.1, OCSP, TSP, CMS, S/MIME and OpenPGP.

Further development and support of the Bouncy Castle APIs as well as contracting to do the same.

Product selected one of 24 (one of 6 in ICT) finalists for the 2009 Innovic "Next Big Thing Award".

Developed several specialist libraries for supporting encryption, X.509 certificate generation, and an OpenPGP command line toolkit as consulting projects.

Side project: reprogramming of a Linux based webcam to make it suitable for use with the Iridium Data Network and stand alone operation in Antarctica for the Mawson's Huts Foundation.

Contractor/Staff - Majitek

April '05 - December '07:

Design of protocols and client side implementation for electronic voting in 2007 Swindon elections.

Senior developer for a distributed registry service for medical practitioners, system featured search based on fuzzy matching by spelling of names as well as their sound.

Technical lead for the development of an on-line phone directory service with "fuzzy matching" built on LDAP and Lucene. System covered the entire Australian public phone network. Role also required mentoring of junior staff for the client, introducing methodology, and training.

Initial GridSystem development.

Two proof of concepts at implementing high reliability directory lookup with a variety of Java messaging technologies. One based on using LSIP technology for data storage, the second based on LDAP.

CloudSystem reporting using JasperReports

Writing

December '04 - April '05:

''Beginning Cryptography in Java''

Contract Developer - Myretsu

July '03 - December '04:

Java security using Jini and JERI. Working in a team developing an asynchronous object based system for dynamically configuring and controlling automation systems. Security and cryptography work based around X.509.

Founding member of The Legion of the Bouncy Castle

April '00 - Present:

Developed light weight cryptography API suitable for cross JVM (J2ME to JDK) development.

Implemented initial JCE provider that used light weight API.

Implemented PBE and Asymmetric encoding schemes.

Designed and implemented ASN.1 package for processing and creating DER encoded objects, X.509 certificates and PKCS12 key stores.

Designed and implemented current S/MIME and CMS API.

Designed and implemented current OCSP API.

Designed and implemented current OpenPGP API.

Integration, and enhancement, of the TSP API.

Designed and implemented current CRMF/CMP APIs.

Actively involved in ongoing maintenance and enhancements.

Webmaster of www.geoffhook.com

July '99 - Present:

Basic design of web site.

Implemented common gateway interface scripts in Perl for dynamically creating pages using source images and an XML file detailing the image.

Implemented topic/keyword indexing software for driving archive database.

Contractor - The University of Melbourne - School of Creative Arts

January '04 - June '04:

Implemented a general purpose content system, Compendium, for preparing slide presentations based on artwork under Zope/Plone, under Mac OS X. CMS included a basic transclusion implementation to simplify the school having to meet its copyright registration requirements for images.

Work involved, database design (PostgreSQL), working in conjunction with and supervising a designer who also had programming skills.

Contractor - The University of Melbourne - School of Creative Arts

July '03 - August '03:

Implemented a history of theatre database in PHP, using PostgreSQL on the backend, under Mac OS X.

Work involved working in conjunction with and supervising a designer who also had programming skills.

Contractor - Synergy Plus

April '03 - July '03:

Enhancements and maintenance to an seed compliance system using Websphere and Visual Age for Java. Backend databases, Oracle and Seibel.

Enhancements and maintenance to an on-line insurance system using Websphere and WSAD. Backend system DB2 on an AS400. Implemented classes for a QSI payment gateway to allowing on-line processing of payments and refunds both on the web site and off the AS400.

Contractor - The Online Assesment Company

Jan '03 - April '03:

Development of protocols for secure on-line electronic voting. Writing Java code in support of such. System was subsequently used for council elections in the UK at the end of the project.

Contractor - Devolution

Jan '03 - Jan '03:

Writing an on-line freight quoting system using MySql and PHP.

Contractor - AIA (Australia) Ltd.

Mar '02 - Dec '02:

Further work on the on-line travel system towards integrating it with the company's commission system.

Further work on the company's intranet based salary packaging system to allow it to export data to other internal systems.

Auditing recent work done on the company's web sites, doing further work in order to maintain security.

Implementation work on a web site for selling consumer credit insurance on-line.

Work towards moving the company's on-line payment system to a Java Servlet based solution.

Mentoring of full time staff to allow them to take over.

Contractor - IconMedialabs

Dec '01 - Jan '02:

Implemented "Paper, Profit and Loss" system for an oil trading intranet site using EJB's and JSP running with Weblogic as the container manager, Oracle as the back end database. Also developed additional Java API infrastructure for further supporting Icon Java development.

Contractor - AIA (Australia) Ltd.

Dec '98 - Nov '01:

Implemented internal salary packaging system to be used by general staff and Human Resources. System was web based and allowed general users to try different packages without ever releasing information about what was being tried to any one other than the user. Human Resources' administration facilities were likewise protected. The system was specified by a business analyst, with later modifications made to the spec based on implementation feedback from Human Resources and the developer (me).

Provided technical lead for, and developed, two independent secure Internet sites for insurance agents. Both sites have their own look and feel with a common back-end and information to users which is made available on a strictly need to know basis and only to authorised users, site was set up to be managed by non-technical staff. Also identified and made recommendations concerning training of other non-technical staff in web/HTML development at project beginning. Site utilised Apache, Perl, SQL (Sybase originally, migrated to Oracle), Tomcat, and JavaScript.

Responsible for migrating web services from Sybase to Oracle, including coding.

Design and implementation of a set of Perl and JavaScript modules and accompanying web site tools to enable selling of a range of Travel Insurance products over the Internet. Web sites were based around the Apache web server, provided reporting and administration facilities that could be used by non-technical staff, and allowed for real time purchasing by clients using the payment gateway detailed below.

Implementation of a real time payment gateway based around the National Australia Bank Quest Box for processing payments for travel insurance and other AIA products. Implementation involved setting up of appropriate security as well as implementing the Quest protocol.

Writing documentation in support of the above.

Mentoring of full time staff to allow them to take over.

Added the necessary support to TWIG to allow it to work with Sybase (largely PHP work with Sybase table setup).

Working in a development team on a network aware insurance system written in Java: developing front end components, developing classes for supporting basic infrastructure and communication, training and supervising junior staff, assisting in overall system direction, evaluating and providing implementation advise on aspects of the system involving information or access security.

Contractor - TAGTEAMCREATIVE

Oct '00:

Implemented searching and reporting scripts for tracking riders in the Herald Sun Tour 2000.

Contractor - Dept. Chemistry, University of Melbourne

July '98 - Feb '99:

Design and development of a set of Swing Set based applets for allowing teaching of concepts in chemistry.

Contractor - Eracom

Oct '98 - Oct '98:

Further work on the Java Cryptography Extension based around PKCS 11 and the ERACOM CSA 7000.

Implementation of a swing based GUI for viewing the contents of an ERACOM CSA 7000.

Writing of technical documentation supporting the above.

Contractor - Australian Business Access

Jan '96 - Oct '98:

Participation in design and development of a secure transaction system written in Java. Primary responsibilities were the design and development of a message switch, supporting applets, and the supporting tool kits to enable "clean" use of the underlying cryptography required in conjunction with Internet communication protocols.

Recognising, analysing, and dealing with informational and security issues that arise in a transaction environment based around "need to know" security.

Analysing and working around platform incompatibilities that arise when doing applet development.

Development of a Java cryptography application interface package based on the 1.2 JCE and the JCA. Design and development of a software implementation of various cryptography algorithms as a service provider interface for the JCE. Design and development of a hardware based service provider interface for the JCE based around hardware compliant with PKCS 11.

Developing familiarity with the various encryption standards.

Design and development of a medical imaging Java applet which allowed for calculation of cross section areas and volumes across image slices from MRI scans.

Design and development of numerous special purpose applets for the purpose of animation and site navigation.

Design and development of some VRML worlds, for the purposes of demonstration and site navigation. These were based on VRML 2.0.

Following the evolution of Java 3d and VRML.

Analysis, reports, and other documentation to support the above.

Contractor - Department Engineering Computer Resources

Jan '96 - July '98:

Development of a general purpose rendering library and tools for assisting in image development in an architectural environment. Part of this involved the development of algorithms and associated software for the rapid processing of polygon meshes to facilitate faster processing of objects such as DXF polygon meshes, Wavefront objects, and 3d Studio model files.

Developed and ran a 3 day Java course.

Contractor - Telemedical Imaging Group - Australian Computing and Communications Institute

July '95 - Dec '95:

Introduction and setting of standards in regards to software development and quality control (with a view to implementing ISO 9000).

Investigation, and evaluation, of imaging software and the Java language environment.

Development of imaging software and associated tools and libraries in Tcl/Tk, C and Motif, built around the AVW software library. Writing image conversion and processing tools for the DICOM standard.

Reports and documentation to support the above.

Contractor - Department Engineering Computer Resources

Jun '95 - Dec '95:

Enhancements to architectural rendering software at the Department, primarily for assisting in the production of computer generated animations for supporting demonstrations to potential sponsors of the Formula One Grand Prix in Melbourne.

Time out!

Feb '95 - Jun '95:

Mainly travel, (London, Paris, Berlin, New York, etc..., you probably get the idea!). Some computer graphics consulting to Engineering Computer Resources, University of Melbourne.

Programmer, Dept. of Engineering Computer Resources, University of Melbourne

Jan 1988 - Jan 1995:

Design and development of teaching software and the necessary graphical user interfaces using sunview, SGI GL, and X11.

Design and development of tools and libraries for 3 and 2 dimensional graphics (projects: VOGLE - a device independent 3d graphics library, VOGL - a device independent subset of Iris Gl, VOPL - a 2d plotting library). These projects involved working with, and coordinating, the efforts of other programmers.

Design and development of tools, libraries, and algorithms for rendering and modeling using ray casting (projects: VORT - a general purpose ray tracer for rendering CSG solid models and arbitrary algebraic surfaces together with some image processing tools, SEAGLE - a commercial package for producing photo realistic images for the EAGLE CAD package, amongst other things this was the software used in the making of animations for the promotion and studies done for the Melbourne Grand Prix). These projects involved working with, and coordinating, the efforts of other programmers.

Tailoring imported software to the needs of users.

Writing manuals and other documentation.

Programming under the sunview, SGI GL and X window systems, together with writing software to generate code for standards such as HPGL and PostScript.

System and network administration and maintenance on a variety of Sun operating systems.

Analysing user needs. Advising, assisting, and training users of widely varying ability (both technical and language).

Writing translators for a variety of model and image formats (sometimes without any supporting documentation).

Dealing with suppliers.

Master's research: Development of a bench marking library for comparing ray tracing acceleration techniques and development of a new data structure and associated algorithms for the acceleration of ray tracing. This work was applied successfully in SEAGLE.

Voluntary work: maintenance and further development of a MicroSoft Access database for the Shiatsu Therapy Association of Australia.

Part-time programmer, Dept. of Computing, The R.M.I.T.

Jun '87 - Dec '87:

This involved programming rtree structures for spatial indexing, and an experimental variation of kd-trees, the skd-tree, together with developing a simple parser for testing and comparing these file structures in a simple GIS system.

Programmer. Mechanical and Production Engineering, The R.M.I.T.

Jun '86 - Jun '87:

Maintenance of UNIX on 4 Unisons, an Apollo, and an IRIS.

Assisting students with problems in computer related subjects.

Maintenance, and porting of programs written in FORTRAN, Pascal, and C.

Organising quotes for equipment and assisting in the preparation of tenders.

Using JCL and PFD for programming on a Facom running TSS.

Additional part-time consulting, till Nov '86, to Australia Post on balancing the 3b2 network, and a variety of problems related to UNIX, ACSnet, and PROGRESS.

Programmer, SYNTHESYS

Feb '86 - Jun '86:

Contracted to Australia Post for the Express Courier system, a system built on top of PROGRESS.

My role involved: writing a menu driven shell to ease the maintenance of UNIX and the data base, maintenance of ACSnet on a 3b2 and configuring it to work on top of MONET, writing a number of transactions in PROGRESS, and writing assorted shell scripts to handle communications and daily maintenance.

Part-time programmer, Dept. of Computing, The R.M.I.T.

Dec '85 - Feb '86:

This involved rewriting a simulation of the equi-join operation in relational databases. The original program was in VMS Pascal, translated into C.

Programmer and system manager, Melbourne House

Feb '84 - Oct '85:

Design of the semantics and syntax of a special purpose high level programming language for video game design.

Writing the preprocessor, and code generators for the compiler, together with a couple of assemblers and downloaders for various micros. The assemblers offered span-dependent instructions.

The maintenance of a D.E. Pillar, and a Plexus P-25, both running UNIX, Sys III.

Development of general purpose utilities for software development.

Responsibility for purchases of computers and related equipment.

Liaison with supplier company representatives.

User education.

Reporting on all of the above, researching options, and monitoring the progress of the project.