Daniel Harkins

Dan Harkins is a researcher in the field of applied cryptography at Aruba, a Hewlett Packard Enterprise Company, as well as a technical Fellow. He specializes in designing secure protocols for network access and device communication. He is the author of numerous RFCs in the field of authentication and secure key establishment. His current focus of research is in robust and misuse resistant cryptography and in ways to provision trust in per-user or per-device credentials that scale from the home network to the enterprise.

Dan has been designing secure key exchange protocols for over 20 years at almost every layer of the stack, and he is a recognized security professional in the IETF, IEEE 802.11, and the Wi-Fi Alliance. His research in robust and “misuse resistant” cryptography has resulted in scalable and secure innovations for HPE Aruba. For network security professionals, Dan is of course well known as the primary author of RFC 2409, the Internet Key Exchange (IKE). IKE is a fundamental building block of IPsec and is still widely used today within Aruba products and millions of other IT products to build secure communication channels. More recently, Dan’s innovations form the backbone of the newly announced WPA3-Personal and Enhanced Open certifications from Wi-Fi Alliance. These are Simultaneous Authentication of Equals (SAE) which performs an authenticated key exchange using a simple password (RFC 7664) and that replaces WPA2-PSK mode; and Opportunistic Wireless Encryption (OWE) which provides automatic encryption of “open” SSIDs with no user action (RFC 8110). He also completely rearchitected the support password system used in Aruba WLAN products to provide per-engineer one time use credentials, and worked with Engineering and PLM to deploy it across the portfolio. From IKE to WPA3, Dan has been inventing and designing security solutions to make networks more secure and more robust and to scale from small IoT networks to large enterprise networks.