The Grill: Whitfield Diffie on the Hot Seat

Computerworld - Whitfield Diffie, a co-inventor of public-key encryption, is chief security officer at Sun Microsystems Inc. and co-author with Susan Landau of Privacy on the Line: The Politics of Wiretapping and Encryption (The MIT Press, 2007).



Why has public-key encryption been so important? Cryptography is the most flexible way we know of protecting communications in channels that we dont control. As we move a lot of value into the Internet and have Internet commerce and begin buying and selling things, that is basically the only way of protecting either the transactions or  where the goods are intellectual property  the goods themselves.

Before public-key cryptography, in order to be able to use cryptography with somebody, you had to share a secret with them, which is kind of an intimate relationship for somebody you might never have met before. Public- key cryptography relaxed all of that and made it much easier to manage keys in a very diverse environment like Internet commerce, as opposed to the more traditional large but rather unified environments like the Department of Defense.



Why do you think that more e-mails arent using encryption or digital signatures? I think it has to do with the difficulty of the key management. The key point is that cryptography has somehow not gotten itself tucked into the inner loop of development in these things. You really have to be a fan to be able to do it with your e-mail, and then you can really only do it with other people who are fans. So far, its remained a niche market.

Dossier

Name: Whitfield Diffie Title: Vice president and Sun fellow; chief security officer Company: Sun Microsystems Inc. Random Fact: Menlo Park, Calif. Favorite non-security technology: I like lots of them: cars, space travel, bioengineering. Clearly, the most exciting technology today is biological. Favorite movies: Theyre all ancient. Im very fond of Casablanca and To Catch a Thief and Rear Window and The Big Sleep. I dont go to movies much these days.

Whats the difference between Internet communications and phone communications for cryptography and privacy? The key managerial virtue of cryptography is that it separates security from the medium of transmission of the message. Once the message has been encrypted, it doesnt matter how you send it  whether you send it by an optical fiber, which is already fairly secure, or you send it by digitizing it and putting it onto the Internet, or whether you send it by satellite.



Are either government or corporate policies on data retention and data mining having important effects on privacy or security? Yes. Theyre very good for our sales of storage.

Information is very much like oil and gold and a lot other things. Once we got what was there readily bubbling up on the surface, then we mined out the original resources and we developed better technology, and now we can work gold seams that are a tiny fraction of what would have been worked in the boom of the 1850s.

Intelligence and data flows are very much the same thing. If you look at World War II intelligence, it really is a matter of picking plums. The reason they concentrated on the cryptography of the time is that they were able to find, so to speak, the channels with the best information in them. Those channels had some kind of protection in them, and once [cryptographers] got through the protection, they had very good information handed to them on a plate.

If you look at circumstances facing real-world spies today, they have things available to them and other things they might want that arent available to them. If they can do more processing on the things that are available to them, they may be able to get very good information they couldnt have gotten some time ago because they didnt have the techniques and the computing power. And so data mining is just going to become more and more a fact of life.

What will be the most significant change to security technologies in the next decade? Secure computing environments are probably the thing in which I see the path to growth. The cutting edge of information security has largely to do with what amount to censorship processes. Some is censorship outright in the sense that corporations dont want their employees wagering on the horses or looking at erotic pictures on the Web. Others are censorship of a less confrontational kind, because almost nobody wants to receive spam. If you could sharpen up your filters so that you censored out all of the spam and nothing else, youd be very pleased.

However, in information security, we missed the most important things of the last 10, 15, 20 years. Viruses, worms and spam, in particular, were not things that we exactly foresaw and not things that we dealt with ahead of the curve.

I think its a very reasonable possibility that computer security as we talk about it today will go away completely. If you say youre computing something securely today, you mean that youre doing it on your own computers and youve protected them however you consider it necessary. The major trend in computing is outsourcing. Ive been predicting since at least 1980 that any real corporate computation is going to mostly occur on somebody elses computers. I think, as a practical matter, that will be what will dominate our understanding of security in computing and information security in general in the next decade.



What do you foresee in 100 years? I would predict that the notion of person as we have it now is going to go away  that the merger between people and computers, between biology and computational phenomena, is going to happen much, much faster than people normally think.

Thirty years ago, I thought there were going to be designed human beings by the end of the 21st century, and now I think its by the end of the first quarter.

Related items

• The politics of wiretapping and encryption.
  Book excerpt from Privacy on the Line by Whitfield Diffie and Susan Landau.
• Computerworld TechCast: Public-Key Encryption