Dr Whitfield Diffie is one of the most influential figures in modern cybersecurity. In 1975, he co-invented public key cryptography—a breakthrough that underpins nearly all secure digital communication today.
Dr Diffie won the 2015 Turing Award and has held positions as Manager of Secure-Systems Research at the Laboratory of the Canadian Telephone System, Chief Security Officer at Sun Microsystems and Vice-President for Security at ICANN. He has played a pivotal role in shaping the way we think about privacy, trust, and control in the digital age.
Ahead of his keynote at MSP GLOBAL, we sat down with Dr. Diffie to explore the future of cryptography, including the challenge posed by quantum computing, and what IT professionals and MSPs need to do next.
You’ve often said you “did an hour’s good work in 1975 and have been making a living off it ever since.” How did that hour of work come to define your career—and digital security?
Pure luck. I had a long-standing interest in cryptography that was ignited in 1972 by a difference of views between NSA and ARPA.
I left a steady job at the Stanford AI Lab and began traveling around, digging up rare manuscripts, talking to anyone willing to talk, and thinking about the requirements for a cryptographic system.
That journey led me first to my wife of 43 years and then to Martin Hellman at Stanford. Marty and I ended up working together for four years and what came out of that was public key cryptography.
Public key encryption now secures everything from text messaging to internet commerce to national security. Did you have any sense of the scale your work would reach?
I did. When she was interviewed by the RSA conference, my late wife remembered my telling her that by the end of the century, people would be having intimate relations with people they had never met and that cryptography was the only way to secure their communications. She said she didn’t believe me, but she ran off with me anyway.
The change in scale has been incredible. Back when the military was the biggest client for cryptography, a large order was maybe 100,000 machines. Today, high-grade cryptography runs in billions of browsers.
You worked in AI in the first years of your career. What was your perspective on its future back then?
At MIT, I was working on symbolic mathematical manipulation — teaching machines to do calculus. I didn’t consider it AI then, but in hindsight, it was.
What grabbed me at that time was the problem of program reliability. I imagined mathematical proofs of program correctness rather than endless debugging.
That may still be the most important problem in engineering, but it hasn’t made nearly as much progress as cryptography, and I was lucky to have been drawn away from it.
Let’s talk about how cryptography became a public concern instead of something locked inside government agencies. What changed?
Several things. First was David Kahn’s book The Codebreakers in the late ’60s which sparked interest in the field. Then IBM began working on cryptography for banking applications and brought in Horst Feistel, who had a developed block ciphers (what we use today) for the U.S. Air Force in the 1950s.
That work led to the Data Encryption Standard (DES), which made cryptography available to everyday business. Finally, our work — public key encryption — offered a completely new mathematical framework, which attracted mathematicians and opened the field in new directions.
Fast forward to today—how real is the threat posed by quantum computing to existing cryptographic systems?
It appears real, even if the timelines are uncertain.
Experts differ — Adi Shamir thinks it may take until the end of the century, others say we’ll see it by 2030. But the business point is that NSA and NIST take it seriously.
They’ve developed new post-quantum cryptographic standards, and there’s now a 10-year timeline for government systems to comply.
That creates a clear roadmap — and a business opportunity — for everyone who needs to remain compatible.
For MSPs and other IT professionals, what does the post-quantum transition mean in practical terms?
It means change — very significant change. The new cryptographic standards are computationally different. They cost more in terms of time and memory, and nobody’s exactly sure how the transition will go.
Major cloud providers like AWS are already working on implementation, but we might see alternative approaches emerge mid-transition, just the way public key cryptography did back in the Seventies. So follow the standards — but stay alert for new ideas.
In addition to quantum computing, you’ve also spoken about the growing impact of biotechnology and AI. How do you see these fields intersecting with cybersecurity?
Biotech will change the world even more than computing. On one hand, biotech will change our very selves. On another, gene-synthesis labs are getting cheaper and more widespread. Controlling who can access them will be impossible.
I see a window of vulnerability where it will be easier to create new diseases than to develop treatments. That may be an existential threat to civilization.
AI, meanwhile, may accelerate everything.
I used to believe humans would no longer be controlling the world by the end of this century. Now I think it might be by 2050.
So, with all these changes on the horizon—quantum, biotech, AI—what should today’s tech leaders be doing?
Stay flexible. Work to implement the new standards but be open to alternatives. Post-quantum cryptography is going to be a dominant concern for the next decade. It’s not clear that the current solutions are the final answer.
And don’t forget: the rest of the information security stack — implementation, operating systems, communications protocols — is riddled with bugs. Crypto is the best-cooked part of information security, and everything else needs even more work.
Final question: Why should MSPs and IT professionals come to your keynote at MSP GLOBAL?
Because we’re entering a new phase in the story of digital trust. Cryptography is evolving again — under pressure from quantum computing, driven by AI, and intertwined with the growing complexity of our digital and biological systems.
If you’re responsible for securing information — or building services that depend on it — this matters to you. I’ll be talking about those trends, the direction we’re headed, and what it means for everyone in this business.
Don’t miss Whitfield Diffie at MSP GLOBAL
For MSPs and IT professionals, the future is arriving faster than ever. Post-quantum cryptography, AI-driven security, and the fusion of biotech and digital systems are no longer abstract concepts — they’re on your project timeline.
Whitfield Diffie helped shape the cryptographic foundations of our digital lives, and now he’s turning his attention to what’s next.
Join his keynote at MSP GLOBAL in Barcelona to get a front-row view into the emerging challenges — and opportunities — that will define the next decade of secure computing.
October 22-23, 2025 – 
PortAventura Theme Park (Barcelona), Spain