Encryption and the Internet

A tale of spooks, hackers, and international business

Copyright © Espen Andersen, December 1995
Links updated March 1999

Encryption--codification of plaintext messages into ciphertext which only can be unpacked by people knowing a specific code--is increasingly important as Internet ceases to be a primarily free-for-all academic research exchange and evolves into a platform for commerce and operational data. Long the purview of secretive government organizations and obscure mathematicians, encryption technology is now in the very focus of the debate on the future uses of the Internet.

Encryption is available in two main forms: Single key (symmetric) and public key (asymmetric). In single-key encryption--not unlike the simple ciphers designed by children for secret communication with friends--a plaintext message is run through a computer program, and encoded based on a key. A very simple example of this is the ROT13 encoding, used for hiding messages on Usenet newsgroups. In ROT13, each letter in the plaintext message is exchanged with a letter 13 places later in the alphabet (a becomes m, b becomes n, and so on). In the English 26 letter alphabet, this works especially well, since the same computer program can be used to decrypt the message. More elaborate schemes are available--the most well known one being the DES algorithm, developed and controlled by the US government.

 Single key encryption is quick, and can be hard to break, but requires that the sender and receiver of a message meet (or communicate through a secure channel) before messages are exchanged and agree on the key. This key exchange requires that all parties that communicate keep the key secret--if one person fails to do so, the cipher is broken and can no longer be trusted. (One-time keys, which are discarded when they have been used, can mitigate this problem).

Public key encryption

Public (or, more precisely, public/private) key encryption relies on mathematical algorithms that take the plaintext message, encrypt it using one key, and decrypt it using another. The beauty of these algorithms (which are based on factoring prime numbers) lie in that each of the two keys can only decrypt messages encrypted with the other. This enables encrypted communication without prior contact between the parties: One key is designated as "public", and is communicated (quite openly - it can be put on a business card or on a personal home page) to the sender of a message. The sender then encrypts the message using the public key, and sends it to the recipient, who decrypts it with the private key. Since the message can only be decrypted with the private key, and the private key never is communicated to anyone, the message is safe from prying eyes.

 While private communication is desirable, private/public key encryption is equally useful when done in reverse: If the sender sends out a message encrypted with the private key, anyone with the public key can read it--and be sure that the sender really is the person that sent it. This ability to authenticate the sender of a message is as important as the ability to send private messages: It is equal to a signature on a document, a necessity for electronic commerce.

 The two approaches can be combined: If the message is first encrypted with the receiver's public key, and then with the sender's private key, it is both private and signed--a property which is extremely important if the message is a form of contract, for instance a stock purchase order. There are still weaknesses in the public/private key encryption scheme--for instance, you have to be sure that the public key someone sends you is indeed sent by the right person--but they are addressable in a data communication environment without having to have a separate, secure communications channel.

The history and politics of PGP

The algorithm for public/private key encryption was developed by three cryptographers named Rivest, Shamir and Adleman, and is referred to as the RSA algorithm. It was developed at MIT, and published in international cryptography journals. However, the difficulty in breaking public/private key encryption, and the simplicity with which the scheme can be applied in the age of widely available computers, has attracted governmental interest and some rather bizarre attempts to limit its use. The result says a lot about the applicability of geographically based laws in the truly global world of the Internet, and the ability of regulation to keep up with technology.

 The US government, at the initiative of the secretive National Security Agency, has branded computer software that enables public/private key encryption with keys more than 40 bits long as "munitions", falling under a law that prohibits export of weapons. (Certain exceptions are made, for encryption programs that can only be used for authentication, and for internal use in international subsidiaries of US companies.) The reason given is that if public/private encryption becomes widely available, the governments ability to monitor the content of computer communication is harmed--meaning that communications monitoring can no longer be used to capture spies and drug dealers.

 However, given the speed of electronic distribution, the cat is alread well out of the bag. A now rather famous cryptographer and computer programmer named Phil G. Zimmermann has written a computer program, available for most computers, that implements public/private key encryption, and made it available in the public domain (that is, free for all). The program, called PGP (for Pretty Good Privacy,) does public/private key encryption and also provides some simple means of managing public keys. The program is available from an FTP server at MIT, but requires that the connecting party is within the United States and also is a US citizen.

 Needless to say, the PGP program has spread around the Internet as wildfire, and is now available pretty much to anyone who wants it. The source code of the program has also been published by Zimmermann in a book on MIT Press (see below), since its publication (apparently) does not come under the law of export of munitions. Mr. Zimmermann is facing a number of legal challenges (he is searched every time he leaves the United States, lest he smuggles out a diskette), but receives considerable support from lawyers interested in his case, as well as monetary support from people who think the right to private communication comes in under the First Amendment of the US constitution, which guarantees freedom of expression to its citizens. The latest in the badminton match between Mr. Zimmermann and the spooks is that he has written a PGP version which can be used with the NetPhone program, enabling strongly encrypted digital telephone over the Internet.

 It should be noted that the question of PGP by no means is the only issue in the debate over the conflict between citizen's right to privacy and the government's need to monitoring communications: The US government has also tried to legislate that all encryption over telephone and data communications networks be done using a government-controlled computer chip called the Clipper chip, which would allow the government to monitor the communication via a "back door". Unfortunately, this is not some fringe political wing or an out-of-touch bureaucrat speaking out of turn, but a seriously considered legislative proposition. Similarly, the EU has recently discussed legislation limiting the access to strong encryption, notably over the protests of international banks.

 For governments, there is more at stake than the ability to eavesdrop on citizens. If private strong encryption with authentication is widely available, it can enable digital payment forms (barter or digital cash) which would allow people to drop out of the official economy altogether. As [Release 1.0] notes, the issue of the Clipper chip is as much a question of taxation as privacy--it is hard to tax someone when you cannot confiscate their business records, or even their money.

Applications of PGP

The political issues aside, public key encryption has wide applicability. The technology enables privacy and authentication of any form of communication, as long as it can be digitally represented. This means that any form of communication can not only be legally binding, but also legally enforceable. For example, many contracts today are set up orally, the prime example being buy and sell orders done in stock exchange or commodities markets. These contracts are legally binding under most countries' laws, but they are only enforceable because both parties are interested in continuing to do business within the market. An example is the international diamond market, where millions of dollars worth of diamonds are bought and sold based on oral contracts. This is possible because both buyer or seller knows that if they do not fulfill their obligations, they will never again be able to buy or sell diamonds.

 Public key encryption enables legally enforceable contracts with little setup time. In current electronic payment situations, the electronic relationship is set up outside the electonic communciation systems, typically through a credit card agreement. The credit card company then takes on the risk of ensuring that the payment is legitimate, using its knowledge of prior payments and credit histories to mitigate the risk, and taking a fee (mostly from the seller) for doing so. With public key encryption, commercial relationships can be set up directly between the seller and buyer, without a third party. The additional infrastructure requirements are fairly low: There is a need for a trusted repository of public keys (which could be set up by almost anyone, since any two people can control the integrity of the keys between them), and a need for a trusted source for the encryption application itself, to make sure than nobody has enabled a "back door" or "master key". (With PGP, this trust is built on openness: the source code is available for testing and auditing.) Neither of these institutions are expensive or difficult to set up (the second exists, on a small scale, at MIT already). The benefits, in terms of reducing credit card fraud and enabling easy payment systems across borders, would be huge.

The future debate

The debate over widespread use of cryptography has brought together some unlikely bedfellows: From large corporations interested in implementing electronic commerce, via libertarians opposed to any kind of government intervention, to old Internet hands such as Mitch Kapor and Esther Dyson interested in preserving the free nature of the Internet. The initiative to limit access to strong encryption comes largely from law enforcement and more or less overtly from intelligence agencies.

 The availability, simplicity and usefulness of PGP, makes it unlikely that any kind of legislation against it would be effective, or even endorsed in the long run. Rather, the only people with access to encryption would be the people that the government would want to monitor--"when encryption is outlawed, only outlaws have encryption". Companies with international connections should get involved in making public key encryption widely available, and lobby against legislation limiting its use. As the situation is today, large international companies, possibly the new technology's biggest beneficiaries, are currently the only companies who are really limited in their ability to use it.


RISKS Digest (Electronic magazine, archives at http://catless.ncl.ac.uk/Risks/)
Phil G. Zimmermann (1995): The Official PGP User's Guide, MIT Press
Phil G. Zimmermann (1995): Pretty Good Privacy: Source Code and Internals, MIT Press

 The PGP software program can be found at ftp://netdist.mit.edu/pub/PGP/. The public domain version of PGP is for personal and non-commerical use only. To buy or licence the product, contact ViaCrypt (email: viacrypt@acm.org, US phone: (602) 944-0773). People outside the United States can find an "international" version of PGP created by Ståle Schumacher Ytteborg at http://www.pgpi.com. This page also has lots of information about the legal, political and technical sides of PGP.

 For a listing of security products available for commercial purposes, a good place to start is Trusted Security Systems' worldwide product survey, which can be found at http://www.tis.com/crypto/survey.html.

[Give Feedback][Home page][Serious papers][Humor papers][Norwegian papers]