Who Should Keep the Keys?
(2 of 3)
The battle lines were first drawn last April, when the Administration unveiled the Clipper plan and invited public comment. For nine months opponents railed against the scheme's many flaws: criminals wouldn't use phones equipped with the government's chip; foreign customers wouldn't buy communications gear for which the U.S. held the keys; the system for giving investigators access to the back-door master codes was open to abuse; there was no guarantee that some clever hacker wouldn't steal the keys. But in the end the Administration ignored the advice. In early February, after computer- industry leaders had made it clear that they wanted to adopt their own encryption standard, the Administration announced that it was putting the NSA plan into effect. Government agencies will phase in use of Clipper technology for all unclassified communications. Commercial use of the chip will be voluntary -- for now.
It was tantamount to a declaration of war, not just to a small group of crypto-activists but to all citizens who value their privacy, as well as to telecommunications firms that sell their products abroad. Foreign customers won't want equipment that U.S. spies can tap into, particularly since powerful, uncompromised encryption is available overseas. "Industry is unanimous on this," says Jim Burger, a lobbyist for Apple Computer, one of two dozen companies and trade groups opposing the Clipper. A petition circulated on the Internet electronic network by Computer Professionals for Social Responsibility gathered 45,000 signatures, and some activists are planning to boycott companies that use the chips and thus, in effect, hand over their encryption keys to the government. "You can have my encryption algorithm," said John Perry Barlow, co-founder of the Electronic Frontier Foundation, "when you pry my cold dead fingers from my private key."
The seeds of the present conflict were planted nearly 20 years ago, when a young M.I.T. student named Whitfield Diffie set out to plug the glaring loophole in all traditional encryption schemes: their reliance on a single password or key to encode and decode messages. Ultimately the privacy of coded messages is a function of how carefully the secret decoder keys are kept. But people exchanging messages using conventional coding schemes must also find a way to exchange the key, which immediately makes it vulnerable to interception. The problem is compounded when encryption is employed on a vast scale and lists of keys are kept in a central registry.
Diffie's solution was to give everybody two keys -- one that could be widely distributed or even published in a book, and a private key known only to the user. For obscure mathematical reasons, a message encoded with either key could be decoded with the other. If you send a message scrambled with someone's public key, it can be turned back into plain text only with that person's private key.
Most Popular »
- Five Things the U.S. Can Learn from China
- World Leaders Put Off a Climate Change Treaty
- China Investigates Deaths After Swine Flu Shot
- How a Bank Robber Became an Antihero in France
- Good and Bad News for Boxing: Only One Pacquiao
- The Prisoner Review: A Pretentious Reimagining
- Box Office Weekend: 2012 Masters Disaster
- The Meaning and Mythos of Manny Pacquiao
- Happiness Paradox: Why Are Americans So Cheery?
- YouTube Effect: Making Money From Viral Videos
- Five Things the U.S. Can Learn from China
- China Investigates Deaths After Swine Flu Shot
- Good and Bad News for Boxing: Only One Pacquiao
- Happiness Paradox: Why Are Americans So Cheery?
- Did a Time-Traveling Bird Sabotage the Collider?
- Dubai: 10 Things to Do in 24 Hours
- In Fight Against AIDS, Kenya Confronts Gay Taboo
- How a Bank Robber Became an Antihero in France
- Shanghai: 10 Things to Do in 24 Hours
- Why Legalizing Marijuana Makes Sense
Quotes of the Day »
Quotes of the Day »
RSS