Toward More Secrets (Winter, 1996-1997) --------------------------------------- By Seraf Encrypted data communications is quite possibly the least understood piece of the popular Internet culture's technological backbone. Perhaps this is because cryptology is not trendy technology, but rather a complex science that is only beginning to be well-understood. Since the times before Christ, the study of secret writing, or cryptology, has played an important but largely invisible role in government. In fact, the Caesar Cipher (as in Julius) now appears in nearly every textbook on the subject. But don't use an ancient code for anything more than slipping cuss words through monitored e-mail. While the Roman Empire's system simply rotates the alphabet three places, turning As into Ds, Bs into Es, Cs into Fs, etc., present-day cryptographic algorithms are much more complex. While pen and paper can break a simple substitution cipher like Caesar's on short notice, cracking most any of the heavy-duty cryptosystems developed over the past twenty years requires more time and more computing power than potential adversaries apparently have. Cracking modern cryptosystems by brute force trying every possible key until one "works" - usually takes a huge amount of time and/or money. Many newer symmetric cryptosystems use 128-bit keys, and this key size seems to have become a standard minimum in recent years. Building a machine to guess such a key within a year would presently cost billions of billions of dollars (no kidding) and require quite a feat of engineering. Many symmetric ciphers, though, use a smaller key. The Data Encryption Standard (DES) uses a 56-bit key, and (disregarding the shortcuts available for breaking DES) its messages can be cracked by brute force in a month with equipment costing well under $1 million. It is a fact that the National Security Agency (NSA) has such equipment ready and waiting, as do many other institutions public and private - from American Express to the British Government to CalTech. What is really at issue here is the value of the potentially obtained information to a privacy-invading party. Uncle Sam will not take a chunk out of the Defense Budget, nor allocate a sizable portion of NSA's computing power, in order to discover the key you're using to send articles to 2600. But he will - at the very least - put a few hundred thousand dollars worth of computers to work for a month on your e-mail if he thinks you're spending your afternoons meeting with Saddam. These days, cryptosystems with keys of about 56 bits are not trusted to keep data secure for more than a few days or weeks. 64-bit keys are a significant improvement, and may secure data for decades. 128-bit keys are currently rated at 50 years, and slightly longer keys at about 100. (With computing power and resources on the rise, it's good to take these statistics with a grain of salt.) Of course, all of this depends on the security of the algorithm being used. Cryptanalysis, the Zen of cipher-cracking, has become as much of a science as cryptography itself. DES has had significant holes poked in its weak sides by a number of cryptanalysts over the years, as have numerous other algorithms created by corporations, universities, and brilliant mathematicians alike. The best route is to use a well-respected crypto package. Experimenting with your own ciphers can be fun, but will often lead to disaster if implemented for communications which must be reliably secured. Right now, the U.S. government holds what may be the best cryptographic technology in existence. Skipjack, the algorithm implemented in Capstone and the much-criticized Clipper Chip, is classified, but is likely to be far ahead of current crypto research in the scientific community. (Note: One of the few civilians allowed to review the algorithm was Dorothy Denning, a slightly overzealous Georgetown University professor who is opposed to all non-government use of crypto.) When the National Security Agency - perhaps the most secretive publicly-known sect of our government - created the Data Encryption Standard in the mid-1970s, it was optimized to be resistant to differential cryptanalysis. It was not until 1990, however, that this method of crypto-cracking was publicly discovered by the notorious Eli Biham and Adi Shamir. This means that not only are today's government cryptosystems designed to resist attacks that won't be in use for twenty years, but that the government is ready to deploy those futuristic attacks against the algorithm you're using today. Does this secret research not defy the scientist's ethic to share knowledge and information? This is only the beginning of a growing U.S. government cryptomonopoly. New encoding algorithms are being developed in America constantly, and 2600 would be an ideal forum for their review and discussion. However, because of the U.S. Defense Trade Regulations (DTR) and 2600's international readership, they cannot be detailed here: Our favorite rag would be busted for trafficking in munitions, "transferring [cryptographic] technical data to a foreign person" (DTR 120.10). See for yourself. The United States Munitions List includes, along with plastique and land mines, the following items: "Speech scramblers, privacy devices, cryptographic devices, and software (encoding and decoding)..." (DTR 121.1). Even documents describing "unapproved" cryptosystems or listing their source codes are munitions. What is "approved?" RSA's nonthreatening authentication facilities have been deemed exportable, but its unmatched public key encryption remains restricted to domestic use, along with PGP and other RSA-bearing products. Superslick modern systems like RC4 have been given the green light to appear in such globally available products as Netscape, but only after security-reducing modifications. Then there are the algorithms denied export altogether, or that won't even be given a hearing. Such has been the fate of Granddaddy DES, as well as that of many cryptosystems being developed at the undergraduate and graduate levels in American universities. This is without question a breach of our First Amendment rights. If you design a cryptosystem, you are forbidden by your government to share it with whomever you please. Approval is required. We have had trade restrictions placed on our ideas. Exporting information that is "required for the design...of defense articles" (DTR 120.23) is illegal so a book such as Phil Zimmerman's "PGP Source Code and Internals" is by definition banned for export. (If you thought that banned books were a thing of the past, think again.) Even a foreigner on American soil is technically forbidden to examine such a publication at the corner bookstore. American cryptologists are considered to be the best in the world, and the majority of strong cryptosystems originate in U.S. companies and universities. This technology has brought electronic privacy and freedom to Americans who put it to good use, and could do the same for citizens of other nations if it was not so feared by the powers that be. If we don't act soon, restrictions on the domestic use of cryptographic technologies are just around the corner. Legislation to impose such constraints on the American people has already been introduced on at least one occasion, nearly forcing all available cryptosystems to be made readily crackable by Big Brother. Simply put, NSA is scared: terrified of Americans enforcing their own privacy with such strength; living in fear of foreign government organizations, businesses and individuals obtaining the same level of security as their American counterparts. Use crypto anywhere you can and make sure it's strong. Fight the U.S. government ban on knowledge and its underhanded attempts to thieve the world of digital privacy. U.S. citizens write to your senators and congressmen and explain how important this technology is to every citizen of the Electronic Age, here and abroad. Foreign citizens' obtain source code to strong European algorithms such as Xuejia Lai and James Massey's IDEA, and make every attempt you can to secure "restricted" algorithms. Raise your voice!