Vol. 9 No. 6 (June 1999) pp. 245-247.
PRIVACY ON THE LINE: THE POLITICS OF WIRETAPPING AND ENCRYPTION by Whitfield Diffie and Susan Landau. Cambridge: MIT Press, 1998.
Reviewed by Lawrence E. Rothstein, Department of Political Science & Labor Research Center, University of Rhode Island.
Whitfield Diffie, Sun Microsystems Distinguished Engineer, one of the early developers of public key cryptography and recently dubbed "the Prophet of Privacy", and Susan Landau, computer scientist and policy analyst, have collaborated on a highly informative book outlining the evidence and arguments favoring public key cryptography over key escrow or key recovery cryptographic systems. After a brief introduction defining terms, Diffie and Landau chronicle government policy efforts in favor of key escrow or key recovery and their opposition in the business, scientific and civil liberties communities. Their presentation focuses on privacy arguments, but also includes arguments based on economic developments and the encouragement of cryptographic research and development.
They argue that in a world where communication is increasingly electronic and between persons who are unlikely to meet face to face, the encoding of messages so that they may only be deciphered by the intended party and so that the code establishes the authenticity of the message is the only possibility for protecting privacy that was safeguarded in earlier times by the parties stepping out of earshot of likely eavesdroppers. Until about 25 years ago, the widespread use of cryptography to protect privacy was impossible. Cryptographic systems were symmetrical, using the same key to encode and decode a message. Systems had to be centrally managed to carefully control and monitor the distribution of the keys and the number of users of each system was practically limited. Furthermore, truly secure use required that a key be used only once and then changed, requiring the use of expensive and synchronized code generating machinery in the hands of both the encoder and decoder.
With the development of public key cryptography in the 1970s, owing much to author Diffie’s work, encoding and decoding became asymmetrical. Messages encoded with one key are decoded with another key. While the private key is derived from the public key, it is not possible in a reasonable amount of time to compute the private key from the corresponding public one. One key could, therefore, be accessible to many others without compromising security. Furthermore, the "Diffie-Hellman key exchange" concept allows real time electronic negotiation of secret and individual decoding keys where all of the messages exchanged contain no decipherable secret information. (I can’t explain the algorithms, but those with a mathematical bent might look at the "knapsack problem".) Thus privacy can be created at each end of the communication without a centralized resource to encode and decode.
As Diffie and Landau note, this changed the traditional power relationship of cryptography. In the past cryptographic systems were best suited to top down organizations such as the military which could manage secure and centralized facilities for distributing keys, equipment and messages. Now, public key systems were suitable for interactive communications between equals. This, the authors argue, is what individuals and businesses want and what privacy demands. Government, particularly law enforcement and intelligence agencies, see this development as a threat to their collection of information from electronic communication. Hence, the FBI, the State Department and the National Security Agency, with the support of the Reagan, Bush and Clinton administrations, have lobbied and intrigued to maintain centralized control of cryptographic systems.
It was not until the beginnings of the computer revolution that the NSA became interested in controlling civilian cryptographic systems. They already had the monopoly over designs of electro-mechanical cryptographic machinery, which were highly complex and expensive. Computers and electronic processors made more widely used and less expensive cryptography a possibility. By the early 1970s the government began efforts to choose and develop a cryptographic standard for itself and those public and private users with whom it shared sensitive information. While the Data Encryption Standard (DES) algorithm was selected by the National Bureau of Standards, the selection was heavily influenced by the NSA. Because of the investment of the government in its development and because of restrictions on transmitting government information to those not using the standard, DES also became the de facto standard for commercial cryptographic systems. The invention of public key cryptography and the ability of increasingly sophisticated and speedy computers to break the DES codes in reasonable amounts of time constituted the death knell for this standard and NSA’s de facto control over cryptographic research.
The 1980s and 1990s became a story of the NSA’s, the State Department’s and later the FBI’s efforts to maintain control of cryptographic research, the use of cryptographic systems and access to encrypted information focusing on export controls, the Clipper chip, key escrow and recovery systems and regulation of data common carriers. Except for the latter, these efforts have been largely unsuccessful. The Clipper chip and key escrow or recovery systems give universal access to encrypted communications to the government either through a hardware-based, "back door" decryption capability or through the depositing of all private keys with the government or some organization required to give the government access upon authorized request. Hence, no encrypted messages could be certain of privacy with respect to the government. The outright prohibition of publication of research on cryptography and sale of products containing unapproved cryptographic systems failed in part because of the 1st Amendment and in part because of strong business opposition. The attempt to promote the Clipper chip was opposed by businesses partly because foreign sales would be difficult when the U.S. government would have access to any encrypted communication. The FBI’s efforts to seed the market by purchasing thousands of Clipper chip communication devices also failed.
The government then turned to export controls, requiring the specific approval for export by the State Department of any cryptographic system or equipment that might have a military use. Diffie and Landau argue that this authority was not only used to prevent militarily useful systems from being exported, but also to prevent the development of any global cryptographic standard for commercial use. They suggest that intelligence agencies feared a standard would create such a large volume of encrypted traffic so as to threaten their ability to identify, intercept, store and decode important messages, even where they might have an escrowed key. Business opposition, the realities of the global marketplace and courts have put a damper on this strategy. Several bills are in the works to cancel export approval or transfer it to the much more business-minded Department of Commerce and a California Federal District Court (since publication of the book, the 9th Circuit Court of Appeals) has struck down the export controls on cryptographic algorithms as a violation of the 1st Amendment.
Both intelligence and law enforcement agencies (particularly the FBI) have lobbied to enhance their ability to conduct court-approved wiretaps. According to the authors, what has been advocated as maintenance of existing capacity to wiretap in the face of increasing traffic and encrypted communications is really a vast increase in the capability of intercepting these communications. The Communications Assistance for Law Enforcement Act of 1994 requires telephone companies to make their networks "wiretap ready" in response to new telecommunication features including encryption. It also requires the telephone companies to implement switching techniques that allow for the simultaneous tapping of a much greater number of lines than had previously been technically feasible. Furthermore, the FBI has consistently overstated the importance of wiretaps in providing important evidence for convicting criminals, especially organized crime figures. They have generally conflated statistics on electronic bugs and wired informants with wiretap results. Despite projecting that by 1994 40% of wiretap intercepts would involve encrypted communications, FBI records indicate that only 8 out of 2139 court-approved intercepts were encrypted.
In raising doubts about the cost and effectiveness of wiretaps and documenting many cases of abuse, Diffie and Landau make a strong case for privacy of communication over the government’s need for control of cryptography for law enforcement purposes. They also appear to trust businesses to develop cryptographic systems that will protect the privacy of individuals. This latter conclusion is implicit rather than explicit as they do not deal with evidence or arguments that support this. I am sure we can all cite evidence to the contrary.
The wealth of information provided, both in the text and the notes, on the regulations, laws and jurisprudence dealing with encryption, wiretapping and privacy make this an important reference book. While I have studied most of the legislation and court cases mentioned in the book, I found many enlightening anecdotes and behind-the-scenes references with which I was not familiar. At times the organization of material is a bit cryptic (no pun intended), moving from a chronological presentation to a topical one with some repetition of material and frequent digressions. I would also have enjoyed a clearer explanation of public key cryptography. This is possible, as I did find a relatively brief and accessible explanation with examples at a website (http://www.cs.wm.edu/~hallyn/public_key/).
Overall this is a well-researched and fascinating study.