Random Access - Monday, Dec 6, 1999A jog down crypto lane
by Chris Gulker
The crescent moon hangs high in the eastern Silicon Valley sky: Venus shines brightly, unblinking just below. The air is chill as 3 figures step out into the pre-dawn gloom and began to jog up Sand Hill Road, the Wall Street of high tech.Cassie, the dog, is, as usual, in the lead, her blinking LED collar marking the way. Spouse Linda jogs a few steps behind, while I'm in my customary middle position. It's 6:00 A.M.
People who work in the Valley's startups often exercise either late or early - the work days are usually long, and leave little time for life 's other pursuits. As we jogged in silence, I wondered what was on my companion's minds.
Linda is probably thinking about her upcoming weekend trip to New Mexico to visit her old college roommate. Cassie, doubtless, is contemplating the bowl of kibble that awaits her back at gulker.com's world headquarters.
I'm thinking about crypto.
In particular, I'm thinking about the Seymour Hersh article that's just appeared in the New Yorker, claiming that America's shadowy, super-spook outfit, the National Security Agency, has completely lost it.
The NSA, which once employed 95,000 workers, had famously kept generations of American leaders ahead of their foreign counterparts. They had bugged everything from the Russian Embassy's Xerox machine (which handily microfilmed every copied document) to all the planet's communications satellites.
They were to America in the 50s and 60s what Bletchley Park's codebreakers had been to the World War II allies: namely all the difference in the world. America's leaders often knew what the other guys were going to do before they did it, thanks to the NSA's SIGINT, short for 'Signals Intelligence'.
Our spooks were supposed to be able to pick up everything, from fax to phone call to email, and somehow filter it all down to the important stuff, using powerful computers and ingenious software created by the world's best mathematicians and programmers. The NSA even recently filed for a patent on its speech recognition software.
Their ECHELON system, much rumored but never, until recently, proven, was said to be an open window onto all that transpired in commerce and politics. Or was it?
Hersh claims that the advent of strong cryptography and fiber optics has rendered the NSA useless and impotent. India's nuclear test was a complete surprise to the US: Iraq routinely baffles the US and UN weapons teams and terrorist Osama bin Laden dodges every effort to bring him in, mainly because the NSA can no longer get the goods it once routinely procured.
Hersh's story, reprinted online by the cryptography site Cryptome, has unleashed a buzz on the crypto-oriented Net.
Some claim the story is just another NSA disinformation program, aimed at deflecting public attention from the NSA's real skullduggery. Others aren't so sure.
Many knowledgeable observers have noted that, in the never-ending race between code-makers and code-breakers, the code-makers have lately been pulling far ahead. Simon Singh's latest tome, The Code Book, traces cryptography from the Romans to modern public-key systems, and makes the point that the technology of certain epochs has favored one side and then another.
But never have the code breakers been at such a loss. True, there have been some well-publicized attacks on encryption in the last few months, including one Net-based project that used screensavers on thousands of computers to break the relatively low-level encryption that the US Government, for one, would have allowed in its citizen's hands.
But, the world's governments and terrorists have no plan whatsoever to use low-level crypto. They use the real thing: industrial-strength, long-key encryption. And further, they send those messages over fiber optic lines that are much harder to tap than old-fashioned copper wires and radio transmissions.
In fact, it's just this inability to cope that has lead to the US Governments ill-starred efforts to outlaw strong crypto. If we can't break their codes, we'll tell them they can't use codes. Sort of like shaking a finger at a machine-gun-toting terrorist and saying "Don't you dare fire that thing!"
Crypto Pandora is out of her box: anyone can download free crypto software that should defy the best efforts of code breakers for the next decade or so.
And strong crypto may not be the biggest issue the NSA faces. Early on, Bletchley Park's legendary code-breaking teams realized that their biggest problem was not necessarily the German Enigma machines. Rather, it was the sheer volume of intercepts. The German armed forces generated thousands of messages a day all over the world.
Most were the mundane, routine stuff that keep the bureaucrats employed. But occasionally, that traffic haystack contained a precious needle - a missive upon which the success or failure of the whole Allied war effort could hang.
Today, the problem is much worse. Global prosperity has built a communications system where torrents of information flow. A single telco switch in London or Tokyo may hourly handle more traffic than moved in a year during World War II. The sheer volume hides a single message better than the ciphers of generations past. Indeed, one new scheme that relies on hiding bits of plaintext messages in the Internet's flow promises to be as secure as any advanced cipher.
As I watch the dawn redden the sky over nearby Stanford University home of many modern crypto breakthroughs, I can't help wondering if the world will be worse, or better, if private things stay private.
Random Access | www.gulker.com | Help/Info
editor@gulker.com This page was last built with Frontier on a Macintosh on Mon, Dec 6, 1999 at 10:12:38 AM.