Introduction
RFC 1984 has been complemented by RFC 2804, Policy on Wiretapping, where the IETF announced its stance that wiretapping had no place in the protocol standards, and should be achieved using alternative means. This position was not based on a consensus of political opinion, but was based purely on technical arguments.
The War on Crypto
In the late eighties, with the increased use of the Internet, then still mostly limited to governments, military, big corporations, and universities, the friendly nature of the Internet and its old trust in everyone was disappearing. Protocols such as Telnet and FTP that used plaintext passwords were becoming a big problem. The Internet was becoming too big to trust.
Everyone was further abandoning expensive secure private leased lines in favor of cheaper Internet connections, just as now people are switching from classic phone lines to Voice over IP telephony. These things all need security and they need privacy. In other words, they needed cryptography.
Dual Use
Cryptography has always been enshrouded in secrecy. What started as the art of concealing a secret has now bloomed into protecting secrets out in the open in plain view of everyone, using near-unbreakable mathematical formulae. Of course, the early adopters of these technologies were the military, but in the 70s it became clear that companies would need cryptography, and today just about everyone is communicating using electronic means, and has a need for privacy.
Researchers at IBM invented DES, the Digital Encryption Standard, and the NSA gave in. They allowed American companies to use DES, and even suggested that IBM slightly change its new encryption scheme, to make the protocol far more robust against a certain attack than it would have otherwise been.
Public Cryptography
One by one, all inventions made secretly within the military were being re-invented by non-military cryptanalysts. And new algorithms and ciphers were being designed at universities and private companies. Rivers, Shamir, and Adelman invented RSA public key encryption. In 1976 Diffie and Hellman came up with a technique which has become known as DH key exchange, enabling the safe exchange of public keys. Unbeknownst to them, the technique had already been discovered a few years earlier by Malcolm J. Williamson of GHCQ, the British version of the NSA, who kept it secret. Phil Zimmerman wrote PGP, the first simple-to-use encryption program for the PC. And in 1994 Bruce Schneier published his book on the once-secret science of cryptography, completely letting the genie out of the bottle. The book, Applied Cryptography (John Wiley & Sons, 1995, ISBN 0-471-11709-9), quickly became the standard work for anyone who needed or wanted to learn and understand cryptography.
12
Chapter 1
The Escrowed Encryption Standard
Under the Clinton administration, the US government adopted a strategy of containment to control the spread of unbreakable cryptography. The idea was to allow a broken cryptography standard to be used by the general public, with a built-in backdoor for governmental use. The Escrowed Encryption Standard, with its now infamous Clipper Chip, was signed into law in 1994.
The Clipper Chip was designed by the NSA and implemented the Skipjack algorithm, which contained a backdoor accessible to the US government. Perhaps not surprisingly, few foreign entities embraced this crippled security. Other governments and organizations, especially in Europe, were working hard on making unbreakable crypto, and in the end the US Government gave into pressure and the Clipper Chip never saw the light of day.
Export Laws
Encryption methods not requiring the Clipper Chip were still legal for US companies and citizens, but in order to try to prevent everyone else from using cryptography, cryptography was classed as munitions, an item on the list of controlled weapons and resources that may not be exported to other countries without explicit government permission. Cryptography was treated exactly the same way as nuclear bombs.
But the export laws could not prevent the world from obtaining cryptographic software independently. The European countries still do not recognize software patents, meaning encryption algorithms patented in the US can be freely used by anyone outside the US. This included the RSA and IDEA algorithms, both used by the PGP software, though Phil Zimmerman never actually licensed RSA for this.
Other countries, especially Europe and Israel, were working hard to catch up with the US. Companies from these countries were free to sell strong cryptographic software to the US, but US companies were not getting the government permission they needed to export their products outside the US. The result was that many products existed in two versions: a US version, with full encryption, which usually meant 128-bit encryption, and an international version, which was usually limited to 40-bit encryption. This was most visible when Netscape invented the Secure Socket Layer (SSL), a method allowing a browser to talk securely to a web server without anyone being able to eavesdrop on the content of the communication. This was essential for doing business on the Internet, allowing users to give a web server their credit card information with the confidence that it could not be read by an unauthorized party.
Netscape had to release two browser versions, one with 40-bit encryption and one with 128-bit encryption. But since its browser program was freely downloadable, it was impossible for Netscape to restrict the 128bit version to the US alone, but it still needed to make some effort in order to comply with the US export laws. It was not really practical to stop the spread of the 128-bit encryption version of their browser. People mirrored the software in Europe, others wrote software to tweak the 40-bit version to enable its 128-bit encryption that was built into the software binaries.
The Linux Debian distribution started a non-US branch, which contained the cryptographic software, and only non-US Debian download sites could have this software. Cryptography in the Linux kernel existed for a while as a separate patch on a non-US site, www.kerneli.org.
13
Introduction
Pressure from researchers at universities in the US increased. With help of the EFF, Prof. Bernstein, then still a graduate student at Berkeley, sued the US government in 1995, claiming that talking about cryptography was a right protected by the First Amendment. He followed up with another lawsuit in 2002 claiming that "it's inexcusable that the government is continuing to interfere with my research in cryptography and computer security." But while Bernstein was fighting to liberate crypto, someone else had found a loophole in the law.
The Summer of '97
The munitions laws that restricted cryptography were focused on software. Bernstein was suing the US government so he would be able to teach cryptography in his classes. But exporting paperwork, such as research material, was never covered by the export restrictions. Two groups of hackers, the Dutch 'Hacktic' group and the San Francisco 'Cypherpunks', took on a project and printed the entire source code of the PGP program, with checksums on every page.
They then took this stack of paper and flew to The Netherlands to an open-air hacker event called 'Hacking In Progress'. They scanned the papers, ran character recognition software on them, manually fixing letters that were not read correctly, aided by the checksum printed on each page. At the end of the five-day event, the PGP source code had been reconstructed in digital form. PGP had now been legally exported from the US.
The export laws came under more and more pressure, mostly from US companies who were crippled in selling their software abroad. They could still only sell crippled 40-bit encryption outside the US, and nobody wanted it, since a lot of European software with strong cryptography had become commercially available. Then the EFF put the final nail in the coffin of weak crypto.
The EFF DES Cracker
In a basement room of John Gilmore in San Francisco, a machine was built, the DES Cracker. It consisted of a Linux machine that acted as console for a large array of specially-designed DES cracking chips. The costs, including all R&D, were $250,000. On July 18 1998, it took 'Deep Crack' only three days to crack RSA Laboratory's 'DES Challenge II'. On January 19 1999, it cracked the 'DES Challenge III' in 22 hours. The previous record on that challenge had taken 56 hours using 100,000 PCs worldwide. The US government could no longer claim that DES was good enough for encryption. A few months later it became clear why the US government wanted the international community to use weak crypto.
Echelon
In April 1999, Duncan Campbell, a British journalist, handed over his report entitled Interception Capabilities 2000 to the Director General for Research of the European Parliament. Campbell reported that, after years of research all over the world, he had uncovered the existence of Echelon, a massive top-secret network of interception capabilities built and operated by the US and the UK, aimed at their allies in Europe. Tension between Europe and the US rose. Accusations of industrial espionage were highlighted in a case where US airplane manufacturer Boeing underbid the European Airbus in a very large contract, apparently after having inside information handed to it by the NSA.
14