Using the U.S. postal service is an act of faith these days. Let that letter drop from your fingertips into the black void of a Chicago mailbox and you'd better believe in some higher authority than the courier in that angular little truck. When it absolutely, positively has to be there in 100 microseconds, through rain or sleet or snow, E-mail is your best bet. But how secure is it? To the post office's credit, your letters are relatively private. Tampering with the mail is a felony, and the feds have to show probable cause before they can start steaming open even your junk mail. Not so on the Internet. Log in to any of the major nodes, situated like airline hubs around the world, and you can read people's messages. You can set up a little electronic drug-sniffing dog that will instantly get you copies of all mail containing incriminating phrases like "10,000 kilos of cocaine" or "spanking Clinton." The possibilities are endless. Security is of obvious concern to vitamin-D-deprived 'net geeks who kill a lot of time posting to alt.barney.beastiality and downloading digitized pornography from Sweden. But when interactive television, telephones, and computer lines merge onto one superhighway, electronic security will become everyone's concern. Widespread monitoring of telephone conversations, what movies you watch, what bulletin boards you read, who you E-mail, even where you are on your cellular phone could become automated and easy. It would only take a computer with enough disk space to turn the Internet into an enormous surveillance system. Currently the Internet is as insecure as it is unregulated, but salvation may be at hand. It goes by the name of encryption.
Philip Zimmerman is the author of a computer program called Pretty Good Privacy that can keep your E-mail safe from prying eyes. PGP is a modern encryption program, many times stronger and more convenient than its antediluvian counterparts of World War II espionage. Unlike the German Enigma machine, which looked like a manual typewriter with a few extra gears, PGP comes in the form of software and uses specially chosen numbers to mathematically mangle your E-mail. Soon the same technology will apply to phone conversations and faxes. Zimmerman wrote PGP in 1991 as "freeware," free software for the public, spread over the Internet. It has since become the de facto standard for E-mail encryption around the world.
While PGP has drawn widespread praise on the 'net, it has also drawn the rather unfriendly attention of--and some pretty hefty criminal investigations by--the FBI and the National Security Agency. Right now PGP--which Zimmerman describes as merely the electronic equivalent of putting a letter in an envelope instead of sending a postcard--is legal, though the NSA claims it's a threat to national security. The name "Pretty Good Privacy" is a bit of an understatement--it could take a computer 1,000 years to decode a PGP-encrypted message. The thought of waiting that long to get a wiretap has the FBI anxious, and brandishing a good deal of Orwellian legislation. These bills, themselves encrypted in "legalese," are clearly intended to extend the arms of the law, even if, some would say, it means strangling your right to privacy and free speech.
While Zimmerman has taken most of the legal heat, he didn't actually invent the coding method PGP uses. The method, called RSA encryption (after its inventors Ronald Rivest, Adi Shamir, and Leonard Adelman, who were at MIT), first reached the public domain in a 1977 Scientific American article that is looking more and more like a candidate for The Anarchist Cookbook. By now encryption has its own subculture. As you might expect from mathematicians who play with computers, the language is a combination of cyberpunk, chaos theory, and a branch of mathematics called number theory; it's adorned with phrases like "ciphertext," "known-plaintext attacks," "cryptosystems," and "one-way hash functions." Remarkably, though, RSA encryption rests on very simple principles. Unlike old-fashioned encryption, everyone knows how PGP works and how to crack it. It just takes a very long time.
Traditional encryption worked with what is called a "single key"--for instance, replacing every letter with the one that occurs three later in the alphabet (Caesar, distrusting his messengers, reportedly used this key). This key, or code, both encrypted and decrypted a message, and the fact that it did both was also the Achilles heel of these systems; before use, the key had to be transmitted over a secure channel from one party to the other. Put the codebook in a self-destructing briefcase, handcuff it to Maxwell Smart, and send him off. With the code delivered, both parties could communicate over an insecure channel like the airwaves. Interception of the codebook, however, meant a complete loss of security; anyone with the book could instantly descramble a communication. This was the situation in World War II, and it's as obsolete as the rotary phone.
Modern encryption methods like PGP use a double-key system: there's a public key and a secret key. Everyone gets your public key, and you keep the secret key. The public key tells other people's computers only how to encrypt messages; the secret key tells your computer how to decrypt them. Giving out your public key is like giving out an open safe to which only you know the combination; someone can put something in it and lock it, but only you can unlock it. Since the public key can't decrypt a message, it can be distributed freely. This is what has revolutionized encryption. E-mail, phone conversations, faxes, and television and computer transmissions can now be secured with little effort, something that would have been impossible with traditional methods.
It helps to understand a bit how PGP actually works. PGP's public keys are just large numbers. To encode a chunk of text, PGP converts the words into a number, raises another large number to that power, divides by your public key, and keeps the remainder. Then it converts that number back into characters that look (not surprisingly) like alphanumeric soup. To decipher a message, PGP does some more fancy math with your secret key. The real beauty of public-key encryption is that the security it provides rests on something as simple as factoring: your secret key is actually two large prime numbers PGP picks at random; to make your public key, it multiplies them together.
So given the public key, you say, isn't it possible to figure out the secret key by looking for the two prime factors? Sure: if the public key is the number six, the secret key must be the numbers two and three. Things get very labor-intensive, however, as the public key gets larger, and PGP's public keys start at a hundred digits. If you started factoring when the Holy Roman Empire came to power you might finish by the year 2000, and that's if you have a computer that makes your Mac look like an abacus. Recent advances in factoring technique have eased the task some, allowing it to be broken down and tackled simultaneously by multiple computers. The original Scientific American article on RSA encryption offered $100 to anyone who could factor a sample 129-digit public key affectionately known as RSA129. This year a collaborative effort on the Internet, consisting of a hundred quadrillion calculations on some 1,000 computers over eight months, finally succeeded in factoring RSA129 into its two constituent primes. If you have a penchant for multiplication, you can check the work yourself. But even the triumph over RSA129, while an incredible computational feat, does little to threaten the security of something like PGP: it only takes a minute to pick a new set of keys.
Public-key systems have the added feature of being able to be used in reverse, as a way of "signing" a message. You can use your secret key to encode a message that can then be decoded by anyone with your public key. Since you are the only one with your secret key, it can only have come from you. Soon you'll be able to use your secret key to "sign" E-mail checks ("digital money" is the buzzword) or vote electronically. Using RSA encryption is easier than getting money from the bank, and you don't even have to memorize your key like some 300-digit ATM number. PGP handles it all for you like an accomplished assistant with a math degree.
Now while it's probably true that no one cares about your silly E-mail musings to your college friends in California, subverting the government is always good for the soul, and you never know when you might run for office. Besides, you can pick up PGP for free on the 'net, from numerous FTP sites and bulletin boards. It's available for Macintosh, MS-DOS, Amiga, Unix, and VMS. Find a coconspirator to try it out with you. I picked up a copy for my Mac from soda.berkeley.edu/pub/cypherpunks/pgp. It comes with a text file explaining how to use it; read it while you're downloading the PGP program itself, which will take about 15 minutes on a slow modem. If you've downloaded stuff before, you know the routine; you'll have to uncompress the file before using it.
I took PGP out for a quick test drive. First I had it make me a set of keys. It lets you choose anything from casual grade (a 100-digit public key) to military grade (300 digits) and asks for a name and password to associate with it. Feeling a little silly, I picked military grade. It took PGP under a minute to generate the keys and save them on my "keyring" (a disk file). I had PGP write my public key (it looked impressively like a paragraph of random characters) to a file that I E-mailed to a friend we'll call "Jamie." Jamie in turn E-mailed me his public key, which I passed on to PGP for addition to my metaphorical keyring. Keys exchanged, the intrigue began--fear and loathing on the infobahn. I composed a bad haiku about cross-dressing government officials and had PGP encrypt the file using Jamie's public key. Less than a second later it spit out a file containing the encrypted poetry, which I E-mailed off with the calm certainty that my wretched attempt at verse would be our little secret. A minute later my computer beeped me with a message from Jamie, which I gave to PGP. PGP noted that it had been encrypted using my public key and asked for my password. Decoding took less than a second, and the resulting file read simply, "I'm naked." The KGB never had it so easy.
As encryption programs like PGP begin to make cyberspace free from eavesdropping, the government is working hard to maintain its ability to listen in. In 1991 the Senate introduced a bill that, had it passed, would have required manufacturers of encryption devices to include a "back door" guaranteeing the ability of the government to undo the encryption. Currently pending is something nicknamed the "telephony bill" (no irony intended), which would require phone companies to pipe phone-line transmissions directly to the FBI upon request. No more field trips in the FBI van down to AT&T with a tape recorder; now phone conversations and computer transmissions would come to their front door. What if the message is encrypted? In lieu of the 1991 bill, the government is now pushing to make a particular method of encryption the standard, hoping to obviate the need for programs like PGP. The Clipper chip (an encryption device for the telephone) and the Tessera chip (for computer transmissions) will soon be the standard for electronic security to and from as well as within the U.S. government. The Clinton administration has put in an order for 50,000 Clipper chips (manufactured by AT&T), giving it a good head start on any competition and making it a hell of a first client. The Clipper chip, of course, has a back door, something the NSA may soon try again to make mandatory on all encryption devices intended for export, effectively closing off foreign markets to all but the Clipper--an auspicious alignment of forces for the little chip. That back door and the fact that the chip doesn't use the RSA encryption scheme make it less attractive to potential users like banks, who want to be assured of security. And, like many things meant to protect the public, information on the Clipper chip is classified.
Encryption may never actually become illegal. It's likely that freedom of speech will be declared by the courts to include the freedom to express yourself in large random numbers. Wiretaps have been legal since the turn of the century, but no one has ever been forced to use the phones instead of some mode of communication that law enforcement can't monitor; successful members of the mafia have always used cafes and restaurants when the need for intimacy arose. And that's really the point: keeping encryption legal poses no threat to U.S. security. Anyone seriously interested in subverting the government will get their hands on a good encryption program like PGP even if it is declared illegal. Also, there's nothing to stop someone from using something like PGP in addition to the Clipper or Tessera chips should they become standard. A transmission could be double-encoded: first with something like PGP, and then with a Clipper chip. Good encryption programs are public, and they're here to stay. A Clipper chip in every home won't facilitate law enforcement, and a back door left ajar for the government is a welcome mat for invasions of privacy.
Traditionally new technologies have made surveillance easier; telephones, satellites, video cameras, motion detectors, and computers are all part of this evolutionary chain of technology. But encryption is an odd beast in this emerging electronic kingdom, the first such advance that reverses this troubling tendency. Though it may present new stumbling blocks for law enforcement, it could also single-handedly preserve privacy on the 'net and the under-construction superhighway. So maybe you're gay, or interested in drug legalization, or maybe you just like the idea of putting your letters in envelopes. Why not use something like PGP? It could be a good long time before anyone steams open any of your E-mail.
Art accompanying story in printed newspaper (not available in this archive): illustration/Steven Gillig.