Not my key
“What crypto policy should this country have? Codes that are breakable or not?”
RSA encryption co-inventor, Ron Rivest’s absolutely not hypothetical question in 1992 was all the more prescient this past year as the US government began to press Apple to begin decrypting the company’s iPhones for the purposes of national security. It was an all too familiar back-and-forth between social advocates, technology experts and the government. Rivest’s question still lingers: does the public have the right to secure codes?
My personal opinion is yes. If you disagree, the reality is that that’s too bad.
Steven Levy’s Crypto is an oral history more detailed than my barstool argument. As chronicled in the book, the general situation over the last half century plus is that governments, in particular the NSA, have had the monopoly on code breaking and encryption, so much so that for many behind “The Triple Fence,” it appeared to be an absolute waste of time to study cryptography - why waste your time since you weren’t gonna really need codes, and even if you made one, the NSA or another government had far more resources to crack it.
Despite their omnipotence, there was one problem that governments had yet to solve. Regardless of how good your or any government’s code was, at some point, you still needed to hand off the key to the recipient. This key could be stolen of course. In the 60s and 70s, this bothered a young mathematics student, Whit Diffie, so much, that he spent years on the another critical question - how do you solve the key exchange problem?
This question creates the dividing path in Crypto’s mostly oral history of cryptography. Governments had lots of ways to sneak keys around, and they had plenty of ways to generate new codes with new keys quickly and know exactly, hopefully, which messages may have been comprised. For the average person, these resources were clearly outmatched. So there was a reason for the above average person to study cryptography - defeating the key exchange issue so you could trust getting and receiving messages.
This lead Diffie and an electrical engineering professor, Martin Hellman, to create public key cryptography. It’s what everybody now uses on the web, but more importantly had been a vague spectre to the NSA years. The idea is brilliantly simple and generates encrypted messages where key interception is no longer an issue, because the key that’s transmitted, the public key, everyone is already aware of.
Wikipedia's simple explanation
Following Diffie and Hellman’s conceptual breakthrough, Rivest and two others combined the public key idea with one way functions, that is encrypting something so that you can’t reverse the process, and then the insanely powerful but easy to use encryption system became a usable rather the conceptual system.
A third of the way into Crypto, the clash between these unlikely and unexpecting crypto-heroes begins to unfold. As the creators of this technology attempt to cash in and lead the way for email, ecommerce and Bitcoin, others attempt to give it away as a moral principle, meanwhile the US government attempts to stop them all.
It’s a brilliant story, built on eight years of interviews where surprisingly was the same arguments from decades ago echo from the past to our current political climate.
Though, he never says it, Levy’s focuses in questions and stories that greatly resemble Daniel Dennett’s idea that Darwin’s evolutionary theories were a form of universal acid. This is acid that is so strong that it can burn through anything, even its containers, so to create it, means that it will inevitably burn through the earth.
Regardless of any mistakes Darwin may have made, the idea still holds, and Levy’s history demonstrates this exact same point - once public key cryptography and one-way functions were out, it didn’t matter if the government tried to reduce the key size to how ever many bits it felt it could easily crack in the name of national security. The idea was enough that someone with the proper motivation in the world could simple just go ahead and create something more powerful at 1024-bytes once the computing power allowed it.
Likewise, today, with the US government pressuring Apple, it means very little. Most folks, particularly those who engage in crime, know about burner phones, and it’s not as if data centers and smartphone manufacturers only exist in the US. If you’re running a terrorist cell, just don’t use your iPhone for crime. The idea of encryption is already out there. To this exact point - Levy’s epilogue is about a young post-WWII British government cryptographer who invented, and was prevented from ever speaking about, public key cryptography.
Levy makes a poignant argument in his closing pages that encryption created by public key cryptography and the RSA algorithm were ultimately beneficial, and attempts to always have a backdoor made consumers not trust, and therefore not use, US products, hurting software and commerce generally.
Though written in 2001, Crypto’s history is acutely relevant to our present situation and baseline to anyone who wants to move from the barstool to coffee shop at the very least.
Levy’s book is also one of the better historical works on computing history that took great pains to find the original people involved and interview them in depth. Often computing history is surrounded by the hype of wealth (ahem, Social Network) rather the intrinsic value of the technology. When cryptography and the next hot topic become so personal and integrated in all aspects of our lives, books like Levy’s are all the more critical to generating and informed discussion and a way to find a path forward, instead of rehashing the same tired arguments.
Saturday, April 23, 2016