From: nobody@pmantis.berkeley.edu
Date: Wed, 20 Jan 93 00:13:14 PST
To: cypherpunks@toad.com
Subject: ILF Brings You Gilmore in Sci Am
Message-ID: <9301200813.AA13985@pmantis.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain


The Information Liberation Front brings you this article from the
February, 1993 "Scientific American."



Electronic Envelopes?

The uncertainty of keeping e-mail private

Recent legislative efforts to mandate remote wiretapping attachments
for every telephone system and computer network in the U.S. may have
been the best thing that ever happened for encryption software. "We
have mostly the FBI to thank," says John Gilmore of Cygnus Support in
Palo Alto, Calif. Gilmore is an entrepreneur, hacker and electronic
civil libertarian who helped to found the Electronic Frontier
Foundation (EFF). He is now watching closely the development of two
competing techniques for keeping electronic mail private.

As matters now stand, computers transmit messages from one user to
another in plain text. If a geneticist m Boston sends e-mail to a
molecular biologist in San Diego, any of the half a dozen or so
intermediary machines that forward the letter could siphon off a
copy- -and so could any of the dozens of workstations that might be
attached to the local-area network at the sender's or recipient's
university or company.

The Electronic Privacy Act of 1986 prohibits snooping by public e-
mail carriers or law-enforcement officials, except by court order.
Nevertheless, many people are becoming uncomfortable with the
electronic equivalent of mailing all their correspondence on
postcards and relying on people to refrain from reading it. They are
turning to public-key encryption, which allows anyone to encode a
message but only the recipient to decode it. Each user has a public
key, which is made widely available, and a closely guarded secret
key. Messages encrypted with one key can be decrypted only with the
other, thus also making it possible to "sign" messages by encrypting
them with the private key [see "Achieving Electronic Privacy," by
David Chaum; SCIENTIFIC AMERICAN, August 1992].

Two programs--and two almost diametrically opposed viewpoints
embodied in them--are competing for acceptance. Privacy Enhanced Mail
(PEM) is the long-awaited culmination of years of international
standard setting by computer scientists. Pretty Good Privacy (PGP) is
a possibly illegal work of "guerrilla freeware" originally written by
software consultant Philip Zimmermann.

The philosophies of PEM and PGP differ most visibly with respect to.
key management, the crucial task of ensuring that the public keys
that encode messages actually belong to the intended recipient rather
than a malevolent third party. PEM relies on a rigid hierarchy of
trusted companies, universities and other institutions to certify
public keys, which are then stored on a "key server" accessible over
the Internet. To send private mail, one asks the key server for the
public key of the addressee, which has been signed by the appropriate
certification authorities. PGP, in contrast, operates on what
Zimmermann calls "a web of trust": people who wish to correspond
privately can exchange keys directly or through trusted
intermediaries. The intermediaries sign the keys that they pass on,
thus certifying their authenticity.

PGP's decentralized approach has gained a wide following since its
initial release in June 1991, according to Hugh E. Miller of Loyola
University in Chicago, who maintains an electronic mailing list for
discussion among PGP users. His personal "keyring" file contains
public keys for about 100 correspondents, and others have keyrings
containing far more. As of the end of 1992, meanwhile, a final
version of PEM had not been officially released. Gilmore, who
subscribes to the electronic mailing list for PEM developers, says he
has seen "only five or 10" messages actually encrypted using the
software.

Although PGP's purchase price is right--it is freely available over
the Internet and on electronic bulletin boards throughout the
world--it does carry two liabilities that could frighten away
potential users. First, U.S. law defines cryptographic hardware and
software as "munitions." So anyone who is caught making a copy of the
program could run afoul of export-control laws. Miller calls this
situation "absurd," citing the availability of high-quality
cryptographic software on the streets of Moscow.

Worse yet, RSA Data Security in Redwood City, Calif., holds rights to
a U.S. patent on the public-key encryption algorithm, and D. James
Bidzos, the company's president, asserts that anyone using or
distributing PGP could be sued for infringement. The company has
licensed public-key software to corporations and sells its own
encrypted-mail package (the algorithm was developed with federal
support, and so the government has a royalty-free license). When
Bidzos's attorneys warned Zimmermann that he faced a suit for
developing PGP, he gave up further work on the program.

Instead PGP's ongoing improvements are in the hands of an
international team of software developers who take advice from
Zimmermann by e-mail. The U.S. is the only nation that permits the
patenting of mathematical algorithms, and so programmers in the
Netherlands or New Zealand apparently have little to fear.

U.S. residents who import the program could still face legal action,
although repeated warnings broadcast in cryptography discussion
groups on computer networks have yet to be superseded by legal
filings. Meanwhile, Gilmore says, the only substantive effect of the
patent threat is that development and use of cryptographic tools have
been driven out of the U.S. into less restrictive countries.

--Paul Wallich



--