Cryptography

The History and Mathematics of Codes and Code Breaking

Tag: Data Encryption Standard

Cryptohipster Beliefs

Whitfield Diffie is, in essence, a cryptohipster. Or, one might call him a cryptotarian (crypto libertarian). He graduated from MIT, and studied cryptography just for the thrill of it. In the early 70’s, Diffie had the foresight to realize that one day, people would have their own computers. He believed that “if people then used their computers to exchange emails, they deserved the right to encrypt their messages in order to guarantee their privacy.”

I do agree that private citizens have a right to have access to secure encryption technologies. Encryption technologies would be used to protect communication – the same communication that might take place face-to-face. Since in-person private conversation has never been a right that’s been questioned, why should we give up our communication rights if it’s simply a different medium of communication? Living in America, we have a right to privacy. This right shouldn’t be infringed upon due to the development of the internet. If someone is able to develop their own encryption system, they should be able to use it at their will. There’s a lot of work that goes into developing/utilizing such a system, including the logistical problems that come with key distribution. If people want to go through the trouble of exchanging keys, they should be able to communicate in private.

Standardizing Security

Cryptology, by definition, refers to the science and study of secure communications. Similarly, the intended purpose of cryptography is to hide information by way of code. So why is it that, to this day, a limit on the level of security for encrypted files exists in commercial use? Moreover, why are civilians denied the highest levels of security, considering that means for optimal encryption are readily available? The controversy at hand is in fact a matter of national security, and the Data Encryption Standard, or DES, is appropriately headed by the National Security Agency (NSA).

After facing much opposition from the NSA, German emigrant Horst Feistel created Lucifer, an unprecedented cipher algorithm, in the 1970’s. In light of its almost guaranteed security, this cipher system was adopted by a number of commercial organizations. Naturally, however, the NSA limited the number of possible keys produced by Lucifer to roughly 100,000,000,000,000,000. In justifying this constraint, the NSA argued that Lucifer, even under these limiting conditions, would provide sufficient security, given the assumption that “no civilian organization had a computer powerful enough to check every possible key within a reasonable amount of time” (Singh, 250). Although a restraint on security for the sake of security at first seems counter-intuitive, and although I am usually a huge proponent of privacy, I have to side with the NSA on this one.

The demand for greater security (if there exists any) seems somewhat excessive. As argued by the NSA, Lucifer provides sufficient security for its intended context. Commercial organizations under the protection of Lucifer are secure from any rival eavesdropper, and therefore need not worry (Sing, 250). Furthermore, businesses protect only information regarding business – their transactions, projected costs and profits, matters of the technical sort. An individual’s personal liberties are not at stake, their right to privacy is perfectly satisfied, and nobody (save businesses in a far-fetched hypothetical hacking scenario) is any more susceptible as a result of the DES. Perhaps the strongest argument yet is in the sake of national security. In my opinion, national security takes precedence over the security of commercial organizations. The NSA was careful to set the encryption standard so that only the NSA, the organization with the most technological resources in the world, could break it if necessary. Therefore, my question is: If the DES satisfies the commercial world’s criteria for security, as well as the NSA’s criteria for national security, why argue for the sake for greater encryption?

Photo: James, I think your cover’s blown! by Ludovic Bertron

Powered by WordPress & Theme by Anders Norén