In effect, if Alice wants to send a love letter to Bob, she has two options. Either she encrypts the message with Bob’s public key to guarantee privacy, or she encrypts it with her own private key to guarantee authorship. However, if she combines both options she can guarantee privacy and authorship. There are quicker ways to achieve this, but here is one way in which Alice might send her love letter. She starts by encrypting the message using her private key, then she encrypts the resulting ciphertext using Bob’s public key. We can picture the message surrounded by a fragile inner shell, which represents encryption by Alice’s private key, and a strong outer shell, which represents encryption by Bob’s public key. The resulting ciphertext can only be deciphered by Bob, because only he has access to the private key necessary to crack the strong outer shell. Having deciphered the outer shell, Bob can then easily decipher the inner shell using Alice’s public key-the inner shell is not meant to protect the message, but it does prove that the message came from Alice, and not an impostor.
By this stage, sending a PGP encrypted message is becoming quite complicated. The IDEA cipher is being used to encrypt the message, RSA is being used to encrypt the IDEA key, and another stage of encryption has to be incorporated if a digital signature is required. However, Zimmermann developed his product in such a way that it would do everything automatically, so that Alice and Bob would not have to worry about the mathematics. To send a message to Bob, Alice would simply write her e-mail and select the PGP option from a menu on her computer screen. Next she would type in Bob’s name, then PGP would find Bob’s public key and automatically perform all the encryption. At the same time PGP would do the necessary jiggery-pokery required to digitally sign the message. Upon receiving the encrypted message, Bob would select the PGP option, and PGP would decrypt the message and verify the author. Nothing in PGP was original-Diffie and Hellman had already thought of digital signatures and other cryptographers had used a combination of symmetric and asymmetric ciphers to speed up encryption-but Zimmermann was the first to put everything together in one easy-to-use encryption product, which was efficient enough to run on a moderately sized personal computer.
By the summer of 1991, Zimmermann was well on the way to turning PGP into a polished product. Only two problems remained, neither of them technical. A long-term problem had been the fact that RSA, which is at the heart of PGP, is a patented product, and patent law required Zimmermann to obtain a license from RSA Data Security, Inc. before he launched PGP. However, Zimmermann decided to put this problem to one side. PGP was intended not as a product for businesses, but rather as something for the individual. He felt that he would not be competing directly with RSA Data Security, Inc., and hoped that the company would give him a free license in due course.
A more serious and immediate problem was the U.S. Senate’s 1991 omnibus anticrime bill, which contained the following clause: “It is the sense of Congress that providers of electronic communications services and manufacturers of electronic communications service equipment shall ensure that communications systems permit the government to obtain the plain text contents of voice, data, and other communications when appropriately authorized by law.” The Senate was concerned that developments in digital technology, such as cellular telephones, might prevent law enforcers from performing effective wiretaps. However, as well as forcing companies to guarantee the possibility of wiretapping, the bill also seemed to threaten all forms of secure encryption.
A concerted effort by RSA Data Security, Inc., the communications industry, and civil liberty groups forced the clause to be dropped, but the consensus was that this was only a temporary reprieve. Zimmermann was fearful that sooner or later the government would again try to bring in legislation that would effectively outlaw encryption such as PGP. He had always intended to sell PGP, but now he reconsidered his options. Rather than waiting and risk PGP being banned by the government, he decided that it was more important for it to be available to everybody before it was too late. In June 1991 he took the drastic step of asking a friend to post PGP on a Usenet bulletin board. PGP is just a piece of software, and so from the bulletin board it could be downloaded by anyone for free. PGP was now loose on the Internet.
Initially, PGP caused a buzz only among aficionados of cryptography. Later it was downloaded by a wider range of Internet enthusiasts. Next, computer magazines ran brief reports and then full-page articles on the PGP phenomenon. Gradually PGP began to permeate the most remote corners of the digital community. For example, human rights groups around the world started to use PGP to encrypt their documents, in order to prevent the information from falling into the hands of the regimes that were being accused of human-rights abuses. Zimmermann began to receive e-mails praising him for his creation. “There are resistance groups in Burma,” says Zimmermann, “who are using it in jungle training camps. They’ve said that it’s helped morale there, because before PGP was introduced captured documents would lead to the arrest, torture and execution of entire families.” In 1991, on the day that Boris Yeltsin was shelling Moscow’s Parliament building, Zimmerman received this e-mail via someone in Latvia: “Phil, I wish you to know: let it never be, but if dictatorship takes over Russia, your PGP is widespread from Baltic to Far East now and will help democratic people if necessary. Thanks.”
While Zimmermann was gaining fans around the world, back home in America he had been the target of criticism. RSA Data Security, Inc. decided not to give Zimmermann a free license, and was enraged that its patent was being infringed. Although Zimmermann released PGP as freeware (free software), it contained the RSA system of public key cryptography, and consequently RSA Data Security, Inc. labeled PGP as “banditware.” Zimmermann had given something away which belonged to somebody else. The patent wrangle would continue for several years, during which time Zimmermann encountered an even greater problem.
In February 1993, two government investigators paid Zimmermann a visit. After their initial enquiries about patent infringement, they began to ask questions about the more serious accusation of illegally exporting a weapon. Because the U.S. Government included encryption software within its definition of munitions, along with missiles, mortars and machine guns, PGP could not be exported without a license from the State Department. In other words, Zimmermann was accused of being an arms dealer because he had exported PGP via the Internet. Over the next three years Zimmermann became the subject of a grand jury investigation and found himself pursued by the FBI.
Encryption for the Masses … Or Not?
The investigation into Phil Zimmermann and PGP ignited a debate about the positive and negative effects of encryption in the Information Age. The spread of PGP galvanized cryptographers, politicians, civil libertarians and law enforcers into thinking about the implications of widespread encryption. There were those, like Zimmermann, who believed that the widespread use of secure encryption would be a boon to society, providing individuals with privacy for their digital communications. Ranged against them were those who believed that encryption was a threat to society, because criminals and terrorists would be able to communicate in secret, safe from police wiretaps.
The debate continued throughout the 1990s, and is currently as contentious as ever. The fundamental question is whether or not governments should legislate against cryptography. Cryptographic freedom would allow everyone, including criminals, to be confident that their e-mails are secure. On the other hand, restricting the use of cryptography would allow the police to spy on criminals, but it would also allow the police and everybody else to spy on the average citizen. Ultimately, we, through the governments we elect, will decide the future role of cryptography. This section is devoted to outlining the two sides of the debate. Much of the discussion will refer to policies and policy-makers in America, partly because it is the home of PGP, around which much of the debate has centered, and partly because whatever policy is adopted in America will ultimately have an effect on policies around the globe.
The case against the widespread use of encryption, as argued by law enforcers, centers on the desire to maintain the status quo. For decades, police around the world have conducted legal wiretaps in order to catch criminals. For example, in America in 1918, wiretaps were used to counteract the presence of wartime spies, and in the 1920s they proved especially effective in convicting bootleggers. The view that wiretapping was a necessary tool of law enforcement became firmly established in the late 1960s, when the FBI realized that organized crime was becoming a growing threat to the nation. Law enforcers were having great difficulty in convicting suspects because the mob made threats against anyone who might consider testifying against them, and there was also the code of
omerta
, or silence. The police felt that their only hope was to gather evidence via wiretaps, and the Supreme Court was sympathetic to this argument. In 1967 it ruled that the police could employ wiretaps as long as they had first obtained a court authorization.
Twenty years later, the FBI still maintains that “court ordered wiretapping is the single most effective investigative technique used by law enforcement to combat illegal drugs, terrorism, violent crime, espionage, and organized crime.” However, police wiretaps would be useless if criminals had access to encryption. A phone call made over a digital line is nothing more than a stream of numbers, and can be encrypted according to the same techniques used to encrypt e-mails. PGPfone, for example, is one of several products capable of encrypting voice communications made over the Internet.
Law enforcers argue that effective wiretapping is necessary in order to maintain law and order, and that encryption should be restricted so that they can continue with their interceptions. The police have already encountered criminals using strong encryption to protect themselves. A German legal expert said that “hot businesses such as the arms and drug trades are no longer done by phone, but are being settled in encrypted form on the worldwide data networks.” A White House official indicated a similarly worrying trend in America, claiming that “organized crime members are some of the most advanced users of computer systems and of strong encryption.” For instance, the Cali cartel arranges its drug deals via encrypted communications. Law enforcers fear that the Internet coupled with cryptography will help criminals to communicate and coordinate their efforts, and they are particularly concerned about the so-called Four Horsemen of the Infocalypse—drug dealers, organized crime, terrorists and pedophiles—the groups who will benefit most from encryption.
In addition to encrypting communications, criminals and terrorists are also encrypting their plans and records, hindering the recovery of evidence. The Aum Shinrikyo sect, responsible for the gas attacks on the Tokyo subway in 1995, were found to have encrypted some of their documents using RSA. Ramsey Yousef, one of the terrorists involved in the World Trade Center bombing, kept plans for future terrorist acts encrypted on his laptop. Besides international terrorist organizations, more run-of-the-mill criminals also benefit from encryption. An illegal gambling syndicate in America, for example, encrypted its accounts for four years. Commissioned in 1997 by the National Strategy Information Center’s U.S. Working Group on Organized Crime, a study by Dorothy Denning and William Baugh estimated that there were five hundred criminal cases worldwide involving encryption, and predicted that this number would roughly double each year.
In addition to domestic policing, there are also issues of national security. America’s National Security Agency is responsible for gathering intelligence on the nation’s enemies by deciphering their communications. The NSA operates a worldwide network of listening stations, in cooperation with Britain, Australia, Canada and New Zealand, who all gather and share information. The network includes sites such as the Menwith Hill Signals Intelligence Base in Yorkshire, the world’s largest spy station. Part of Menwith Hill’s work involves the Echelon system, which is capable of scanning e-mails, faxes, telexes and telephone calls, searching for particular words. Echelon operates according to a dictionary of suspicious words, such as “Hezbollah,” “assassin” and “Clinton,” and the system is smart enough to recognize these words in real time. Echelon can earmark questionable messages for further examination, enabling it to monitor messages from particular political groups or terrorist organizations. However, Echelon would effectively be useless if all messages were strongly encrypted. Each of the nations participating in Echelon would lose valuable intelligence on political plotting and terrorist attacks.
On the other side of the debate are the civil libertarians, including groups such as the Center for Democracy and Technology and the Electronic Frontier Foundation. The proencryption case is based on the belief that privacy is a fundamental human right, as recognized by Article 12 of the Universal Declaration of Human Rights: “No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honor and reputation. Everyone has the right to the protection of the law against such interference or attacks.”
Civil libertarians argue that the widespread use of encryption is essential for guaranteeing the right to privacy. Otherwise, they fear, the advent of digital technology, which makes monitoring so much easier, will herald a new era of wiretapping and the abuses that inevitably follow. In the past, governments have frequently used their power in order to conduct wiretaps on innocent citizens. Presidents Lyndon Johnson and Richard Nixon were guilty of unjustified wiretaps, and President John F. Kennedy conducted dubious wiretaps in the first month of his presidency. In the run-up to a bill concerning Dominican sugar imports, Kennedy asked for wiretaps to be placed on several congressmen. His justification was that he believed that they were being bribed, a seemingly valid national security concern. However, no evidence of bribery was ever found, and the wiretaps merely provided Kennedy with valuable political information, which helped the administration to win the bill.