I got into crypto when I realized that IP is sending postcards around, no privacy. So I got curious how block ciphers worked. DES looked complicated, so I studied Blowfish, and put up a paper sketching how it would work in hardware. This got me a job at I. implementing Blowfish and IDEA in Verilog to make a chip. Also studied zener based RNGs and conditioning algorithms (and measuring algorithms viz Marsaglia's Diehard and Maurer's metric). I did implement the algorithms but the chip was cancelled as it was nonstandard and AES was coming up.
Also spent a few days in a Faraday cage measuring noise (for RNG) properties on wafers. That was interesting, although the room was very stuffy.
Later at T. I worked for a few months on a contract to develop secure printing, so that the document would remain encrypted until you were at the printer entering your password. That way if the disk in the printer was taken the document would still be confidential too. Used in banks apparently. That involved Linux & Windows interoperating, using open-source algorithms. I just got a patent for it, something like 5 years later. My third.
When I. laid me off I spent a year helping a friend and former manager to create a startup. It would have used a crypto dongle to decode content that was floating in the cloud. I learned quite about about RSA and bignum implementations. And weird number theory voodoo. I once had Rivest as a TA, actually.
Around late 80's to early 90s I was into the cypherpunk mailing list and learned quite a bit about social and economic effects of crypto, e.g. with Tim May, Robert Hettinga. I've met Ryan Lackey and corresponded with one of the Seastead authors via a social channel. I met Ryan when the group was invited to the SF PD to check out their training simulator. I managed to catch the web of my hand in the pneumatically actuated fake gun, and it really bit. I also got blown away when a traffic stop guy pulled out a shotgun.
More recently I was using Atmel cryptomemory chips for authentication. And expiration, but that doesn't require crypto. It would have been easier to just use a PIC and implement my own protocol, and then lock the PIC down. In the end I used the fresh-off-the-fab cryptocompanion chip to perform some of the handshake, and it also stores the shared secret better, physically.
Mind you, this is with a Microchip PIC 16F processor talking to the cryptocompanion and the disposable cryptomemory. Some of the handshake work was being done by the electrically isolated ARM which talked to the PIC via isolated 2-wire RS485. That was because the PIC didn't have enough memory to compute a required function, so the ARM had to get involved. Crazy complex but it worked.
People often don't understand the difference between confidentiality, authentication, and integrity.
Even worse, because that is simple ignorance, is fools who bandy about "PKI" without a clue as to what it does or requires, or motivation for the choice. Just a buzzword.
Oh, and another peeve: you can't sue Verisign so what good is a cert from them? And since they're in bed with the government, and anyway individual folks can be bought, what's to stop them from issuing false (deceiptful, fraudulent) certs? Zero.
A reputation based system might be better, or an insured, bonded UL type better-business bureau that you can sue.
