by Simon Singh
By the summer of 1991, Zimmermann was well on the way to turning PGP into a polished product. Only two problems remained, neither of them technical. A long-term problem had been the fact that RSA, which is at the heart of PGP, is a patented product, and patent law required Zimmermann to obtain a license from RSA Data Security, Inc. before he launched PGP. However, Zimmermann decided to put this problem to one side. PGP was intended not as a product for businesses, but rather as something for the individual. He felt that he would not be competing directly with RSA Data Security, Inc., and hoped that the company would give him a free license in due course.
A more serious and immediate problem was the U.S. Senate’s 1991 omnibus anticrime bill, which contained the following clause: “It is the sense of Congress that providers of electronic communications services and manufacturers of electronic communications service equipment shall ensure that communications systems permit the government to obtain the plain text contents of voice, data, and other communications when appropriately authorized by law.” The Senate was concerned that developments in digital technology, such as cellular telephones, might prevent law enforcers from performing effective wiretaps. However, as well as forcing companies to guarantee the possibility of wiretapping, the bill also seemed to threaten all forms of secure encryption.
A concerted effort by RSA Data Security, Inc., the communications industry, and civil liberty groups forced the clause to be dropped, but the consensus was that this was only a temporary reprieve. Zimmermann was fearful that sooner or later the government would again try to bring in legislation that would effectively outlaw encryption such as PGP. He had always intended to sell PGP, but now he reconsidered his options. Rather than waiting and risk PGP being banned by the government, he decided that it was more important for it to be available to everybody before it was too late. In June 1991 he took the drastic step of asking a friend to post PGP on a Usenet bulletin board. PGP is just a piece of software, and so from the bulletin board it could be downloaded by anyone for free. PGP was now loose on the Internet.
Initially, PGP caused a buzz only among aficionados of cryptography. Later it was downloaded by a wider range of Internet enthusiasts. Next, computer magazines ran brief reports and then full-page articles on the PGP phenomenon. Gradually PGP began to permeate the most remote corners of the digital community. For example, human rights groups around the world started to use PGP to encrypt their documents, in order to prevent the information from falling into the hands of the regimes that were being accused of human-rights abuses. Zimmermann began to receive e-mails praising him for his creation. “There are resistance groups in Burma,” says Zimmermann, “who are using it in jungle training camps. They’ve said that it’s helped morale there, because before PGP was introduced captured documents would lead to the arrest, torture and execution of entire families.” In 1991, on the day that Boris Yeltsin was shelling Moscow’s Parliament building, Zimmerman received this e-mail via someone in Latvia: “Phil, I wish you to know: let it never be, but if dictatorship takes over Russia, your PGP is widespread from Baltic to Far East now and will help democratic people if necessary. Thanks.”
While Zimmermann was gaining fans around the world, back home in America he had been the target of criticism. RSA Data Security, Inc. decided not to give Zimmermann a free license, and was enraged that its patent was being infringed. Although Zimmermann released PGP as freeware (free software), it contained the RSA system of public key cryptography, and consequently RSA Data Security, Inc. labeled PGP as “banditware.” Zimmermann had given something away which belonged to somebody else. The patent wrangle would continue for several years, during which time Zimmermann encountered an even greater problem.
In February 1993, two government investigators paid Zimmermann a visit. After their initial enquiries about patent infringement, they began to ask questions about the more serious accusation of illegally exporting a weapon. Because the U.S. Government included encryption software within its definition of munitions, along with missiles, mortars and machine guns, PGP could not be exported without a license from the State Department. In other words, Zimmermann was accused of being an arms dealer because he had exported PGP via the Internet. Over the next three years Zimmermann became the subject of a grand jury investigation and found himself pursued by the FBI.
Encryption for the Masses … Or Not?
The investigation into Phil Zimmermann and PGP ignited a debate about the positive and negative effects of encryption in the Information Age. The spread of PGP galvanized cryptographers, politicians, civil libertarians and law enforcers into thinking about the implications of widespread encryption. There were those, like Zimmermann, who believed that the widespread use of secure encryption would be a boon to society, providing individuals with privacy for their digital communications. Ranged against them were those who believed that encryption was a threat to society, because criminals and terrorists would be able to communicate in secret, safe from police wiretaps.
The debate continued throughout the 1990s, and is currently as contentious as ever. The fundamental question is whether or not governments should legislate against cryptography. Cryptographic freedom would allow everyone, including criminals, to be confident that their e-mails are secure. On the other hand, restricting the use of cryptography would allow the police to spy on criminals, but it would also allow the police and everybody else to spy on the average citizen. Ultimately, we, through the governments we elect, will decide the future role of cryptography. This section is devoted to outlining the two sides of the debate. Much of the discussion will refer to policies and policy-makers in America, partly because it is the home of PGP, around which much of the debate has centered, and partly because whatever policy is adopted in America will ultimately have an effect on policies around the globe.
The case against the widespread use of encryption, as argued by law enforcers, centers on the desire to maintain the status quo. For decades, police around the world have conducted legal wiretaps in order to catch criminals. For example, in America in 1918, wiretaps were used to counteract the presence of wartime spies, and in the 1920s they proved especially effective in convicting bootleggers. The view that wiretapping was a necessary tool of law enforcement became firmly established in the late 1960s, when the FBI realized that organized crime was becoming a growing threat to the nation. Law enforcers were having great difficulty in convicting suspects because the mob made threats against anyone who might consider testifying against them, and there was also the code of omerta, or silence. The police felt that their only hope was to gather evidence via wiretaps, and the Supreme Court was sympathetic to this argument. In 1967 it ruled that the police could employ wiretaps as long as they had first obtained a court authorization.
Twenty years later, the FBI still maintains that “court ordered wiretapping is the single most effective investigative technique used by law enforcement to combat illegal drugs, terrorism, violent crime, espionage, and organized crime.” However, police wiretaps would be useless if criminals had access to encryption. A phone call made over a digital line is nothing more than a stream of numbers, and can be encrypted according to the same techniques used to encrypt e-mails. PGPfone, for example, is one of several products capable of encrypting voice communications made over the Internet.
Law enforcers argue that effective wiretapping is necessary in order to maintain law and order, and that encryption should be restricted so that they can continue with their interceptions. The police have already encountered criminals using strong encryption to protect themselves. A German legal expert said that “hot businesses such as the arms and drug trades are no longer done by phone, but are being settled in encrypted form on the worldwide data networks.” A White House official indicated a similarly worrying trend in America, claiming that “organized crime members are some of the most advanced users of computer systems and of strong encryption.” For instance, the Cali cartel arranges its drug deals via encrypted communications. Law en
forcers fear that the Internet coupled with cryptography will help criminals to communicate and coordinate their efforts, and they are particularly concerned about the so-called Four Horsemen of the Infocalypse—drug dealers, organized crime, terrorists and pedophiles—the groups who will benefit most from encryption.
In addition to encrypting communications, criminals and terrorists are also encrypting their plans and records, hindering the recovery of evidence. The Aum Shinrikyo sect, responsible for the gas attacks on the Tokyo subway in 1995, were found to have encrypted some of their documents using RSA. Ramsey Yousef, one of the terrorists involved in the World Trade Center bombing, kept plans for future terrorist acts encrypted on his laptop. Besides international terrorist organizations, more run-of-the-mill criminals also benefit from encryption. An illegal gambling syndicate in America, for example, encrypted its accounts for four years. Commissioned in 1997 by the National Strategy Information Center’s U.S. Working Group on Organized Crime, a study by Dorothy Denning and William Baugh estimated that there were five hundred criminal cases worldwide involving encryption, and predicted that this number would roughly double each year.
In addition to domestic policing, there are also issues of national security. America’s National Security Agency is responsible for gathering intelligence on the nation’s enemies by deciphering their communications. The NSA operates a worldwide network of listening stations, in cooperation with Britain, Australia, Canada and New Zealand, who all gather and share information. The network includes sites such as the Menwith Hill Signals Intelligence Base in Yorkshire, the world’s largest spy station. Part of Menwith Hill’s work involves the Echelon system, which is capable of scanning e-mails, faxes, telexes and telephone calls, searching for particular words. Echelon operates according to a dictionary of suspicious words, such as “Hezbollah,” “assassin” and “Clinton,” and the system is smart enough to recognize these words in real time. Echelon can earmark questionable messages for further examination, enabling it to monitor messages from particular political groups or terrorist organizations. However, Echelon would effectively be useless if all messages were strongly encrypted. Each of the nations participating in Echelon would lose valuable intelligence on political plotting and terrorist attacks.
On the other side of the debate are the civil libertarians, including groups such as the Center for Democracy and Technology and the Electronic Frontier Foundation. The proencryption case is based on the belief that privacy is a fundamental human right, as recognized by Article 12 of the Universal Declaration of Human Rights: “No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honor and reputation. Everyone has the right to the protection of the law against such interference or attacks.”
Civil libertarians argue that the widespread use of encryption is essential for guaranteeing the right to privacy. Otherwise, they fear, the advent of digital technology, which makes monitoring so much easier, will herald a new era of wiretapping and the abuses that inevitably follow. In the past, governments have frequently used their power in order to conduct wiretaps on innocent citizens. Presidents Lyndon Johnson and Richard Nixon were guilty of unjustified wiretaps, and President John F. Kennedy conducted dubious wiretaps in the first month of his presidency. In the run-up to a bill concerning Dominican sugar imports, Kennedy asked for wiretaps to be placed on several congressmen. His justification was that he believed that they were being bribed, a seemingly valid national security concern. However, no evidence of bribery was ever found, and the wiretaps merely provided Kennedy with valuable political information, which helped the administration to win the bill.
One of the best-known cases of continuous unjustified wiretapping concerns Martin Luther King Jr., whose telephone conversations were monitored for several years. For example, in 1963 the FBI obtained information on King via a wiretap and fed it to Senator James Eastland in order to help him in debates on a civil rights bill. More generally, the FBI gathered details about King’s personal life, which were used to discredit him. Recordings of King telling bawdy stories were sent to his wife and played in front of President Johnson. Then, following King’s award of the Nobel Prize, embarrassing details about King’s life were passed to any organization that was considering conferring an honor upon him.
Other governments are equally guilty of abusing wiretaps. The Commission Nationale de Contrôle des Interceptions de Securité estimates that there are roughly 100,000 illegal wiretaps conducted in France each year. Possibly the greatest infringement of everybody’s privacy is the international Echelon program. Echelon does not have to justify its interceptions, and it does not focus on particular individuals. Instead, it indiscriminately harvests information, using receivers that detect the telecommunications that bounce off satellites. If Alice sends a harmless transatlantic message to Bob, then it will certainly be intercepted by Echelon, and if the message happens to contain a few words that appear in the Echelon dictionary, then it would be earmarked for further examination, alongside messages from extreme political groups and terrorist gangs. Whereas law enforcers argue that encryption should be banned because it would make Echelon ineffective, the civil libertarians argue that encryption is necessary exactly because it would make Echelon ineffective.
When law enforcers argue that strong encryption will reduce criminal convictions, civil libertarians reply that the issue of privacy is more important. In any case, civil libertarians insist that encryption would not be an enormous barrier to law enforcement because wiretaps are not a crucial element in most cases. For example, in America in 1994 there were roughly a thousand court-sanctioned wiretaps, compared with a quarter of a million federal cases.
Not surprisingly, among the advocates of cryptographic freedom are some of the inventors of public key cryptography. Whitfield Diffie states that individuals have enjoyed complete privacy for most of history:
In the 1790s, when the Bill of Rights was ratified, any two people could have a private conversation-with a certainty no one in the world enjoys today-by walking a few meters down the road and looking to see no one was hiding in the bushes. There were no recording devices, parabolic microphones, or laser interferometers bouncing off their eyeglasses. You will note that civilization survived. Many of us regard that period as a golden age in American political culture.
Ron Rivest, one of the inventors of RSA, thinks that restricting cryptography would be foolhardy:
It is poor policy to clamp down indiscriminately on a technology just because some criminals might be able to use it to their advantage. For example, any U.S. citizen can freely buy a pair of gloves, even though a burglar might use them to ransack a house without leaving fingerprints. Cryptography is a data-protection technology, just as gloves are a hand-protection technology. Cryptography protects data from hackers, corporate spies, and con artists, whereas gloves protect hands from cuts, scrapes, heat, cold, and infection. The former can frustrate FBI wiretapping, and the latter can thwart FBI fingerprint analysis. Cryptography and gloves are both dirt-cheap and widely available. In fact, you can download good cryptographic software from the Internet for less than the price of a good pair of gloves.
Possibly the greatest allies of the civil libertarian cause are the big corporations. Internet commerce is still in its infancy, but sales are growing rapidly, with retailers of books, music CDs and computer software leading the way, and with supermarkets, travel companies and other businesses following in their wake. In 1998 a million Britons used the Internet to buy products worth $600 million, a figure that was set to quadruple in 1999. In just a few years from now Internet commerce could dominate the marketplace, but only if businesses can address the issues of security and trust. A business must be able to guarantee the privacy and security of financial transactions, and the only way to do this is to employ strong encryption.
At the moment, a purchase on the Internet can be secured by public key cryptography. Alice visits a company’s Web
site and selects an item. She then fills in an order form which asks her for her name, address and credit card details. Alice then uses the company’s public key to encrypt the order form. The encrypted order form is transmitted to the company, who are the only people able to decrypt it, because only they have the private key necessary for decryption. All of this is done automatically by Alice’s Web browser (e.g., Netscape or Explorer) in conjunction with the company’s computer.
As usual, the security of the encryption depends on the size of the key. In America there are no restrictions on key size, but U.S. software companies are still not allowed to export Web products that offer strong encryption. Hence, browsers exported to the rest of the world can handle only short keys, and thus offer only moderate security. In fact, if Alice is in London buying a book from a company in Chicago, her Internet transaction is a billion billion billion times less secure than a transaction by Bob in New York buying a book from the same company. Bob’s transaction is absolutely secure because his browser supports encryption with a larger key, whereas Alice’s transaction could be deciphered by a determined criminal. Fortunately, the cost of the equipment required to decipher Alice’s credit card details is vastly greater than the typical credit card limit, so such an attack is not cost-effective. However, as the amount of money flowing around the Internet increases, it will eventually become profitable for criminals to decipher credit card details. In short, if Internet commerce is to thrive, consumers around the world must have proper security, and businesses will not tolerate crippled encryption.