Hamlet might not like my distortion of his immortal soliloquy, but he would probably sympathize with the agony over the dilemma we have created in the application or non-application of modern cryptology to cyberspace. Each transaction we make on the network reveals our status and habits in mounting detail to everyone out there who is listening, compiling, and selling. As our privacy slips steadily away from us, a remedy has arrived in the form of strong cryptography. One little problem, though -- our friendly governments don’t want us to use it.
Certainly, our governments have reason for concern. They all have storied histories about the use, misuse, and exploitation of cryptography. I think of the ingenious wheels of the German Enigma machine and the sacrificial bombing of Coventry to keep the secret of its having being broken, the breaking of the Japanese code that might have forewarned Pearl Harbor, and the scrambling of Churchill’s conversations in the bunker beneath Whitehall. Wars have surely been won and lost based on a country’s relative ability to keep its own secrets and to uncover those of its enemies.
Now we are at this strange point in time where the our interests as citizens may not be aligned with the interests of our governments, who, after all, are supposed to act on our behalf. The question that Hamlet might debate is what our governments should do about cryptography. Some very basic societal interests must be traded off, and unfortunately on a national policy level that debate either isn’t happening, or is being kept secret from any skeptical ears. Furthermore, it isn’t very clear who has jurisdiction in this global domain. Exactly where is cyberspace anyway?
These days nearly every public meeting that I attend to discuss the National (or Global) Information Infrastructure quickly degenerates to an impassioned and pointless discussion among us technologists of cryptographic policies. The informed policy makers among us keep quiet. I am reminded of the Druids or the great stone figures on Easter Island. Like those enigmatic historical figures, perhaps there is wisdom in the policy-makers’ silence. On the other hand, maybe there isn’t anything more there than a stoic facade.
It seems impossible that the governments with their giant mathematical fortresses of copiously-funded secret research allowed the technology of cryptology to seep into the public domain. Yet it happened with the discovery in 1976 of public key cryptography by Martin Hellman and Whitfield Diffie.
I remember visiting Hellman in his office at Stanford at about that time. Marty told me about his idea for one-way functions with trapdoors, and how such functions -- if they existed -- would make a new protocol for cryptography possible. I was filled with intellectual curiosity about what Hellman proposed, but I was very skeptical about its having any impact on the real world. “Marty,” I said. “You do know about that place the government has where all the mathematicians work on this sort of thing? You know, the National Security Agency?”
What I was thinking as I said this was surely those thousands of mathematicians in NSA knew about this stuff long ago. After all, this was just Marty in his little office at Stanford, and his training had been about the same as mine. I didn’t know anything about codes and codebreaking, and therefore he couldn’t either, QED.
To say something about public key cryptography by way of analogy I would like to relate an incident that happened recently to a member of my family. In order to protect his anonymity, I shall use the encrypted name, Doug. Anyway, Doug was on an abortive ski vacation in Vermont. Leaving the watery slopes in 70 degree weather, he lost the clutch in his car, and ended up having to abandon it for a week in Vermont, while he returned to New Jersey. So far, so much misery, but when he went to get his mail at his apartment, he remembered that the only key to his mailbox was on the key ring in the car in Vermont. The postman, of course, continued to drop irretrievable mail in the slot on the top of the mailbox. Hurriedly, Doug called the garage in Vermont, and told them to mail him the key right away. Which they did, and two days later Doug discovered what he had done -- the only key to the mailbox was now locked within the mailbox.
Doug’s mailbox is like a public key cryptosystem. Anyone can drop messages in the slot (by encrypting with the recipient’s public key), but only the true recipient can retrieve messages by using his private key (the trap door in what is otherwise computationally-locked). However, Doug’s story also shows that key management in any cryptographic protocol is tricky!
Soon after Diffie and Hellman’s work, a number of mathematical functions with the one-way property were proposed and evaluated, the most famous being the factorization of large numbers that led to RSA codes. (Rivest, Shamir, and Adleman at MIT.) The rest is, as they say, history. The opening up of cryptology to academics created an outpouring of results in the public domain, and today you can pick up any of a dozen textbooks and learn how to brew your own unbreakable codes (i.e., codes that are computationally infeasible to break during the time that you would care about). Of course, the government might prosecute you for carrying any of these books out of the country. Nonetheless, cryptographic knowledge is now widespread throughout the world. Oops! I didn’t say “throughout the world,” because export of the knowledge is illegal. The jury is instructed to disregard the earlier sentence.
The genie seems to be out of the bottle, and the governments are trying to stuff it back. In a sense their policy so far has been rather successful. Cryptography is hardly used at all, because export control has deterred the adoption of standards, which in today’s computer world need to be global. If strong cryptography became standard and user-friendly, then we would have our privacy reinstated. Citizens could transact electronic commerce with impunity. So could drug rings, spies, and unfriendly governments.
Aye, and there’s the rub.
Robert W. Lucky
rlucky@bellcore.com