Draft:Nick Sullivan (cryptography)

Submission declined on 13 December 2024 by BuySomeApples (talk). This submission's references do not show that the subject qualifies for a Wikipedia article—that is, they do not show significant coverage (not just passing mentions) about the subject in published, reliable, secondary sources that are independent of the subject (see the guidelines on the notability of people). Before any resubmission, additional references meeting these criteria should be added (see technical help and learn about mistakes to avoid when addressing this issue). If no additional references exist, the subject is not suitable for Wikipedia. This submission is not adequately supported by reliable sources. Reliable sources are required so that information can be verified. If you need help with referencing, please see Referencing for beginners and Citing sources. If you would like to continue working on the submission, click on the "Edit" tab at the top of the window. If you have not resolved the issues listed above, your draft will be declined again and potentially deleted. If you need extra help, please ask us a question at the AfC Help Desk or get live help from experienced editors. Please do not remove reviewer comments or this notice until the submission is accepted. Where to get help If you need help editing or submitting your draft, please ask us a question at the AfC Help Desk or get live help from experienced editors. These venues are only for help with editing and the submission process, not to get reviews. If you need feedback on your draft, or if the review is taking a lot of time, you can try asking for help on the talk page of a relevant WikiProject. Some WikiProjects are more active than others so a speedy reply is not guaranteed. How to improve a draft Wikipedia:Contributing to Wikipedia – a basic overview on how to edit Wikipedia. Help:Wikitext – how to use the markup Help:Referencing for beginners – how to include references Wikipedia:Article development – how to develop your article Wikipedia:Writing better articles – how to improve your article Wikipedia:Verifiability – make sure your article includes reliable third-party sources You can also browse Wikipedia:Featured articles and Wikipedia:Good articles to find examples of Wikipedia's best writing on topics similar to your proposed article. Improving your odds of a speedy review To improve your odds of a faster review, tag your draft with relevant WikiProject tags using the button below. This will let reviewers know a new draft has been submitted in their area of interest. For instance, if you wrote about a female astronomer, you would want to add the Biography, Astronomy, and Women scientists tags. Add tags to your draft Editor resources Easy tools: Citation bot (help) | Advanced: Fix bare URLs Declined by BuySomeApples 2 seconds ago. Last edited by BuySomeApples 2 seconds ago. Reviewer: Inform author. Resubmit Please note that if the issues are not fixed, the draft will be declined again.

Nicholas "Nick" Sullivan is a Canadian-American applied cryptographer and internet security expert, known for his work in cryptography and privacy-enhancing technologies. He founded Cloudflare Research.^[1], where he led initiatives to develop advanced security protocols. He is currently an independent consultant.

Early in his career, Sullivan worked at Symantec, where he contributed to Symantec's Internet Security Threat Report.^[2]

Sullivan later joined Apple, where he worked on the development of cryptographic and security features for Apple's products. He holds over a dozen patents related to encryption and internet security from his tenure at the company.^[3]

Sullivan joined Cloudflare in 2013. During his time at Cloudflare, he led various initiatives to enhance cryptographic technologies, internet security protocols, and privacy-enhancing methods:

• Heartbleed: Helped qualify the risks associated with the Heartbleed vulnerability by launching a public challenge inviting researchers to demonstrate exploitation of the vulnerability.^[4]
• Universal SSL: Worked to improve internet privacy and speed by promoting the widespread deployment of SSL encryption.^[5]
• TLS 1.3: Played a key role in the implementation and global deployment of the TLS 1.3 protocol to improve internet security.^[6][7]
• Post-Quantum Readiness: Led efforts to prepare Cloudflare for the advent of quantum cryptography, with the company being recognized for its post-quantum readiness.^[8]
• Oblivious DNS over HTTPS (ODoH): Collaborated with Apple to develop ODoH, a privacy-focused DNS protocol.^[9]
• Credential Stuffing: Researched credential stuffing attacks and helped design and deploy Might I Get Pwned: A Second Generation Compromised Credential Checking Service.^[10][11]
• League of Entropy: Contributed to the development of verifiable randomness beacons.^[12]
• RPKI: Advocated for secure routing protocols to mitigate internet outages due to route leaks.^[13][14]

Sullivan is currently an independent consultant, focusing on cryptography and internet security. He also serves on the board of eQualitie, advocating for internet privacy and security.

Sullivan has been actively involved in the Internet Engineering Task Force (IETF) and the Crypto Forum Research Group (CFRG). His contributions include:

• TLS and DTLS Extensions: Co-authored standards for multiple standards including delegated credentials^[15][16]
• IANA TLS Registry: One of three experts designated to manage the IANA registry for TLS extensions^[17]
• Co-chair of MLS WG: Serves as co-chair of the Messaging Layer Security (MLS) working group.^[18]
• Co-chair of CFRG: Serves as co-chair of the Crypto Forum Research Group and co-author of RFC 9380 and RFC 9497, relevant to oblivious pseudorandom functions.^[19]

Sullivan is a frequent speaker at security and cryptography conferences^{[20] [21]} and has given guest lectures at MIT ^[22] UC Berkeley ^[23] and Stanford^[24] discussing various security topics. He has also published multiple educational articles, including the widely cited explainer on Elliptic Curve Cryptography for Ars Technica ^[25]. He made an appearance in a video by Tom Scott on Cloudflare's wall of entropy^[26]

Sullivan has co-authored several research papers in cryptography and internet security, including:

• "The Ties that un-Bind: Decoupling IP from Web Services and Sockets for Robust Addressing Agility at CDN-scale" (ACM SIGCOMM 2021).^[27]
• "Portunus: Secure Remote Access to Private Network Resources" (USENIX ATC 2023).^[28]
• "The Security Impact of HTTPS Interception" (NDSS 2017).^[29]
• "RPKI is Coming of Age: A Longitudinal Study of RPKI Deployment and Invalid Route Origins" (IMC 2019).^[14]
• "Protocols for Checking Compromised Credentials" (CCS 2019).^[10]