Who’s Afraid of the Big Bad Wolf?

  1. Culture Shock
  2. The Kinder Gap
  3. Faceless on the Net

Question: What do police call an illegal wiretap?

Answer: A ‘confidential informant’.

President Clinton has recently begun to tire of guns and drugs. He’s found a new wolf in the valley, and it answers to the name “encryption”. In recent years, encryption has become easy and nearly unbreakable. It soon promises to be universal, and this has some people in the federal government scared. Federal agencies such as the FBI have always had the ability to eavesdrop on private conversations whenever they desire. They used it to great effect in the era of J. Edgar Hoover, and despite legal safeguards against its use today, there is little doubt that phone tapping exists on a much wider scale than the courts actually allow.

What is encryption? Encryption encrypts messages so that they can’t be read except by the person who has the key to decrypt the message. A ‘message’ can be anything sent along a computer wire. We usually think of it as encrypting letters--text--but encryption will also work on digital telephones. “Digital” means computerized, and anything computerized can be encrypted. Encryption scrambles messages at one end, and then descrambles them at the other. Scrambling normal telephone calls has always been unreliable at best: it has always been pretty hard to descramble them even with the key. Because of the way computers work, however, scrambling digital, or computerized, telephone calls is much easier. And in the future, all telephone calls will be digital.

Encryption has always had other problems as well. With the advent of computers, one person’s encryption method used to be easily broken by someone else with a bigger computer. With the new encryption, not only is it easy to use, but mathematicians tell us that, the better computers get, the harder it will be for other computers to break the cipher. In other words, as computer technology advances, these new forms of encryption will become closer and closer to unbreakable.

What is unbreakable encryption? There isn’t really any such thing: all encrypted messages can be figured out, given sufficiently powerful computers and enough time. Current encryption is considered nearly unbreakable because, even with the best computers out there, it would still take weeks to decrypt an encrypted message. This is presumably the part that scares the FBI. Currently, national law states that agents need a damn good reason before they can legally tap a telephone line. In the future, natural law will require that they really want to spend the resources necessary--weeks of computer time on their best computers. Natural law trumps national law every time.

These new encryption methods are easy for two reasons. First, they can be done by computer, and second, they use what’s called a ‘public’ and a ‘private’ key. Previously, encryption methods only used one key. If you ever had a Captain Video Secret Decoder Ring, you’re familiar with this: you have to know how the message was encoded--the ‘key’--in order to decode what the other person said. As a kid, of course, you didn’t really care. All that mattered was how cool it was that you could turn garbage into a real message. In the adult world, there are people who want to steal your message--after all, that’s why you had it encrypted in the first place!

In order for two people to use single-key encryption, both people have to have the same key. This is where single-key encryption methods usually get broken: someone ‘intercepts’ the key as it is sent from one person to another. That is, in order for Fred to send an encrypted message to Barney, Fred has to first send the key to Barney. But if Fred can send the key and know it isn’t going to get caught, why not just use the same method to send the unencrypted message? And suppose Fred wants to include Ralph in the secret club? He also has to send Ralph the key as well. If any one of them decide to ‘defect’ to Wilma, the other two are ‘compromised’. Wilma can read all of their messages.

Private-key encryption solves this problem. With private-key encryption, everybody has their own key set. There are two keys per set: a public key and a private key. Only the private key can decrypt a message. Fred gives his public key to Barney and Ralph. They can use this public key to encrypt messages that they want to send to Fred, but neither they nor anyone else can use this public key to decrypt messages. The public key can only encrypt messages. Likewise, Barney and Ralph each have their own key set, and hand out their public keys to each other.

The change in paradigms is phenomenal. When an individual feels that their ‘key’ has been compromised, they can switch to a new one, immediately. They don’t have to worry about finding a reliable and secret way to send the new key to their friends. All they have to do is make the public key available to everyone, enemies and friends alike. So what if their enemies get their public key? All it means is that their enemies can send them messages in secret. As long as the private key is kept secret, the public key is worthless for spying.

The ability to keep the encoding and decoding keys separate opens a world of possibilities for individual privacy. Individuals can request that companies use the ‘public’ key to store information about them: Banks can, for example, have their customers’ public keys on file. When a customer’s canceled checks arrive, the information is encoded with the customer’s public key, and the un-encoded information destroyed. At this point, only the customer can access that information. Even the bank cannot read the encoded information, because the bank doesn’t have the customer’s private key, which is needed to decode the data. Canceled check information will probably be handled electronically in the future, but even if not, the checks can be scanned into a computer, the digital picture encoded, and the paper checks destroyed. Our checks, and credit cards, explain in detail what politicians we support, what magazines we read, what organizations we join, who our friends and acquaintances are. With public-key technology, this kind of information, which we already expect to be kept private, will truly become private.

The big change comes, though, when computers take over our telephones. Public key encryption is so simple, even a computer can do it. A telephone with a public key computer chip can have a new key set every day, every call, every minute, or even every second. Computers can incorporate constantly changing public/private keys. And the technology is so cheap that, not only will some computers be able to do this, all computers will. It will be built in to every single computer, from modems to telephones to teller machines. Everything we do will be encrypted.

I pick up my digital telephone and dial Jane, my mistress. My telephone asks the AT&T satellite for a ‘public’ key. My telephone then encodes the telephone number and sends it to the satellite using this public key. The satellite decodes the telephone number (using its own private key) and dials it. The satellite asks Jane’s telephone for its public key, encrypts my caller-id information with Jane’s public key, and sends it on down. Jane’s phone rings and displays my name. She picks up her phone and says “hello, love pig, oink oink!”. Her telephone asks the satellite for a public key. The satellite generates a new public/private key set and sends Jane the public half of it. Jane’s telephone encrypts her wonderful words of love and sends them up to the satellite. The satellite asks my phone for a new public key, which my telephone dutifully sends. The satellite decrypts Jane’s voice with its own private key, and then re-encrypts it using my public key. My telephone receives it and decrypts the message, which I hear. The process continues until my wife comes in and we hang up on each other.

And if either of us are sufficiently paranoid, we’ll also use a second public key to encrypt everything we say. I’ll program my telephone to use Jane’s public key, and she’ll program hers to use mine. Which means that everything we say will be encoded twice: once with our respective public keys, and once with the telephone company’s continually changing public key.

Anyone listening in on this conversation will need to spend weeks to decode each part of it, and this assumes that they can grab Jane and my conversation out of the millions of messages going through that satellite. Decrypting a single sentence will be nearly impossible. Decrypting an entire message will be, for all purposes, completely impossible. It will take months of computer time on the most expensive computers. But the technology to encrypt these messages is simple and cheap. If anyone wants it--and the paranoid people who make up big business will certainly want it--it will be cheaper to install it on all computers than to make special models.

And even if you don’t want your telephone calls encrypted, AT&T and Sprint do. Information is worth money, and lots of it, and the telephone company can sell information about who your friends are, and what businesses you frequent, to other companies. In order to keep another company from stealing this information, they’ll just make sure it’s all encrypted. You’ll likely be able to keep them from selling information about you--just as you can, today, request that your name be kept off of mailing lists--but you won’t be able to request that all of your calls be left unencrypted. It’s too much work, they’ll say, and who would ask such a thing anyway? It’s like walking down Main Street without any clothes on.

The Clinton administration has made it very clear that they dislike this new type of ‘assault computer’ as much as they dislike ‘assault weapons.’ And assault weapons are just ugly guns (!). There’s no real difference between most rifles labeled ‘assault weapons’ and those semi-automatic (one shot per trigger pull) hunting rifles. Assault computers, on the other hand, threaten to provide every citizen of the United States with real privacy. The National Security Administration and the FBI must be shitting enough bricks to build a wall.

How is public key encryption used today? At the end of every message I send to the infobahn is the following line:

[j--r--y] at [acusd.edu] Finger/Reply for PGP Public Key

This tells other people on the net how they can get my ‘PGP Public Key’. PGP is a free public key encryption program, and it stands for Pretty Good Privacy. Which it is.

1: finger [j--r--y] at [acusd.edu]<r>

[teetot.acusd.edu]

Login name: jerry                       In real life: Jerry Stratton
Directory: /u4/jerry                    Shell: /cgi-bin/csh

Project: To strive, to seek, to find, and not to yield.

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.3a

mQCNAi1+fU4AAAEEALM1DA7qr79n5iyS6hjV8Uxy4ovdZ1QiKsZ3WUMNe9LDfAju
MLkGRBnTgaSnzKZX74rR4A0KvR39k9PEx20DHKhpLocDmpXABVuN7NmJ4jmSfu8L
cJztlpkKe58aGQrY8HbV8AAF/Ae7ob2gjKeQpt/rCHTDm9QTobpXOFxpHq8BAAUR
tCdKZXJyeSBTdHJhdHRvbiA8amVycnlAdGVldG90LmFjdXNkLmVkdT4=
=LU49
-----END PGP PUBLIC KEY BLOCK-----

So far, no one has sent me anything dangerous--in fact, in two years of having a ‘public’ key, I’ve received a grand total of one encrypted message, and it was pretty boring. There was one person who encrypted their message in Dutch, but I think they thought I knew the language.

The NSA is afraid that somebody, sometime, might decide to send me their great grandmother’s secret recipe for (zabaglioné a lá kola), and this would destroy the fabric of civilization as we know it. Can you imagine what it would be like if the government couldn’t spy on the average citizen? They might actually have to go back to catching criminals! Dangerous work, that. Rather than be forced to do their job, they want a law requiring that all private keys be registered with the federal government.

The last version of this was the Clipper Chip proposal. It sort of died when an AT&T employee showed that it wasn’t secure and described exactly how to break it. The Clinton administration is still looking for proposals that aren’t as obviously insecure, and no doubt whatever administration that follows will continue the search. Our masters in Washington want a method that looks secure, so that we don’t complain, but that isn’t so secure that they can’t break into it on their own every now and then.

The problem is that requiring such a “key registration” scheme cripples American communications firms. Other countries are not bound by American laws, and if another country comes out with a telephone or computer that is more secure than the equivalent American product, they’ll beat our firms in the global telecommunications market. Nippon Telephone & Telegraph have already come out with chips that are more powerful than “registered” chips could be (New York Times 6/4/96). They stand to gain quite a bit, at the expense of American firms, if some form of registration passes into law here.

The bureaucrats claim it’s for crime, but the worrisome part about all this is that such a law can only affect people who aren’t committing crimes. The President and the NSA must know this. Unbreakable public-key encryption is so easy, even the personal computers from ten years ago can handle it. Anyone who needs an unapproved encryption method will use an unapproved encryption method. This law is only useful to allow the government to eavesdrop on everybody else’s conversations and data. When this is pointed out to administration officials, they don’t even bother to reply rationally. They bring out the spectral hand of non-existent terrorists, somehow smart enough to build bombs but stupid enough not to pop a black market computer chip into their telephone. And the number of cases this could help are ridiculously low: the government claims that there are less than a thousand wiretaps today anyway. (?) Most of these don’t lead to convictions and are performed after the crime has been committed anyway.

The only reasonable conclusion is that they’re lying: the only purpose that their proposal can possibly hope to accomplish is to allow them to eavesdrop on the private information--telephone calls, electronic mail, and financial transactions--of the average citizen. They want to spy on me, and they want to spy on you. They want to know how much money you made at your garage sale, how fast your car is going, and whether or not you plan on opposing their stupid laws.

Unfortunately, it also means that anybody else can spy on us, because who trusts the federal government to keep all these private keys safe? They don’t even trust themselves to do it. Military intelligence is specifically exempted from the registration requirement.

There are two ways that private keys can be ‘stolen’ from the registration list. First, keys can be stolen from the list itself, either by hacking into the main computer(s), or by bribing someone who works there, or a combination of the two--bribing a janitor for access to an inside terminal, for example, or bribing a programmer for a secret password to the main computers.

The second is by intercepting the private keys as they are ‘transported’ to the ‘registration vault’. Requiring that private keys be somehow transported to a special place breaks one of the major advantages of public key cryptography. Remember? One of the big advantages for Fred is that he doesn’t have to send his private key anywhere, and this vastly reduces the chances that someone is going to steal it. Under a registration scheme, the private key must be transferred at least once. And if a law enforcement officer requests the key, it has to be transferred again. This is the major weakness in any type of registration scheme for private keys, and it is highly likely that anyone with the wherewithal to do so--criminals, business executives, and the wealthy--will do their best to avoid registering their private keys.

Leaving you and I as the only people the feds can spy on. It’s up to you: if you bend over, they will come.

  1. And if assault weapons are just ugly guns, where does that leave Unix and DOS?
  2. “Prepare some zabaglioné using port wine. When the mixture begins to set, add 2 teaspoons of the following mixture: equal quantities of liquid cola extract and liquid coca extract flavoured with a little syrup made from the rind of bitter oranges. This zabaglioné, which should be eaten very hot, is not only a very tasty dessert, but also an excellent medicine.”--the Larousse Gastronomique .
  3. Mike Godwin, “Law of the Net”, InternetWorld, July/August 1994, p. 94.
  1. Culture Shock
  2. The Kinder Gap
  3. Faceless on the Net