The politics of wiretapping and encryption

Book Excerpt: Privacy on the Line

1 2 3 4 5 6 Page 2
Page 2 of 6

Now consider the significance of the changes from the viewpoint of industrial espionage. A 1945 spy who taps the phone has learned only that interesting information will be available at the Pfister Hotel in Milwaukee a few days hence. The spy knows where to go to get the information, but is still separated from it by substantial cost, work and risk. On the other hand, the spy of 1995 can expect to have all the information appear on the same phone line the meeting invitation was issued. All that is necessary is to keep listening. The spy of 2005 is in a more complex position. The webconferencing tools operate over the Internet with its combination of high bandwidth and mobility. It is entirely possible for the spy to learn about the meeting -- because one participant does e-mail from a cafe with a free and unencrypted wireless connection -- but be unable to capture the meeting itself -- because the same participant attends from the office. A spy located inside the telecommunication system or, more likely, one who has ways of getting access to intercept facilities built into the telecommunication system, is in a much better position.

The potential impact on privacy is profound. Telecommunications are intrinsically interceptable, and this interceptability has by and large been enhanced by digital technology. Communications designed to be sorted and switched by digital computers can be sorted and recorded by digital computers. Common-channel signaling, broadcast networks and communication satellites facilitate interception on a grand scale previously unknown. Laws will not change these facts.

Governments have responded to the existence and relative transparency of telecommunications with some willingness to acknowledge rights of communication -- in particular rights of private communication -- where necessary but have been resistant to developments that could curtail this new ability to watch the citizenry. The result has been an ongoing battle over the legal regulation of communications interception, the inclusion of facilities for interception in communication systems, and the deployment of security measures, particularly by the private sector. The first battleground was cryptography.

When it is not be possible to prevent communications from being intercepted, it may still be possible to protect them. The primary technology for protecting telecommunications is cryptography, which, despite its ancient origins, is largely a product of the 20th century. For the first 50 years after radio brought cryptography to the fore in World War I, the field was dominated by the military. Then, in the late 1960s and the early 1970s, a combination of the declining cost of digital computation and foreseeable civilian needs brought a surge of academic and commercial interest in the field.

The work of the civilian cryptographers revealed two things. One was that cryptography was not a field that could effectively be kept secret. In the 1930s and the 1950s -- both formative periods in American military cryptography -- computational capabilities lagged so far behind requirements that building secure cryptosystems took a lot of cleverness and used techniques not applicable elsewhere. By comparison, in a world in which inexpensive digital computing is ubiquitous, cryptography does not usually represent a large fraction of the computing budget.

Today, constructing cryptographic devices and programs is regarded as easy. Developing sophisticated cryptographic hardware is within the abilities of a talented engineer or a small start-up company. Developing cryptographic programs is far easier; it is within the means of any competent programmer who possesses a copy of, for example, Bruce Schneier's book Applied Cryptography

ir?t=computerworld-20&l=ur2&o=1
.

In the 1970s, independent cryptographers startled the cryptographic world by demonstrating that privacy can be manufactured "end to end" without the help of any centralized resources. Diffie-Hellman key exchange allows two parties to derive a secret from negotiations in which every bid and every response is public. This changed the basic power relationships in cryptography. Before public-key technology, cryptography always required centralized facilities to manufacture and distribute keys, a feature particularly compatible with the top-down organization of the military. By contrast, public-key cryptography was developed to support the interactions of businesses in a community of equals.

1 2 3 4 5 6 Page 2
Page 2 of 6
7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon