Susan Landau

SusanLandauPublic-key cryptography was mathematically elegant and also quite elementary. That’s what made it so powerful and so wonderful.
The NSA said “Wait a minute: this work should be classified.” They had been accustomed to being the only place that cryptography was done. They didn’t want a competitor developing algorithms that maybe they would have trouble breaking into. They wanted to hold the keys to the kingdom.
There was a big fight between the academic and industry research community and the NSA. But it was settled fairly amicably, fairly quickly. The next problem was who would control the development of cryptography standards for the US government.
The NSA does this for military and diplomatic communications, but there’s a vast need for cryptography for civilian agencies such as health and human services, education, agriculture. The National Bureau of Standards had been doing this in the 1970s but in the 1980s the NSA began pushing in this direction.
Congress, who had always looked more favourably on the civilian side, put the National Institute of Standards and Technology in charge.
But the law also included this little thing about three people from NSA approving certain things. They exercised tremendous control, and kept blocking standards that were more friendly to the commercial sector. That battle went on between 1987 until the mid 1990s. It was quite ugly.

One thought on “Susan Landau

  1. shinichi Post author

    Crypto Wars

    by Susan Landau

    Susan Landau is professor of Cyber Security Policy at Worcester Polytechnic Institute.

    _________________________

    How did governments lose control of encryption?

    http://www.bbc.com/news/technology-35659152

    The clash between Apple and the FBI over whether the company should provide access to encrypted data on a locked iPhone used by one of the San Bernardino attackers highlights debates about privacy and data security which have raged for decades.

    Cryptography was once controlled by the state and deployed only for military and diplomatic ends. But in the 1970s, cryptographer Whitfield Diffie devised a system which took encryption keys away from the state and marked the start of the so-called “Crypto Wars”.

    Whitfield Diffie and three other experts spoke to the BBC World Service Inquiry programme about the tensions at the heart of the spat between Apple and the FBI.

    _________________________

    “Public-key cryptography was mathematically elegant and also quite elementary. That’s what made it so powerful and so wonderful.

    “The NSA said ‘Wait a minute: this work should be classified.’ They had been accustomed to being the only place that cryptography was done. They didn’t want a competitor developing algorithms that maybe they would have trouble breaking into. They wanted to hold the keys to the kingdom.

    “There was a big fight between the academic and industry research community and the NSA. But it was settled fairly amicably, fairly quickly. The next problem was who would control the development of cryptography standards for the US government.

    “The NSA does this for military and diplomatic communications, but there’s a vast need for cryptography for civilian agencies such as health and human services, education, agriculture. The National Bureau of Standards had been doing this in the 1970s but in the 1980s the NSA began pushing in this direction.

    “Congress, who had always looked more favourably on the civilian side, put the National Institute of Standards and Technology in charge.

    “But the law also included this little thing about three people from NSA approving certain things. They exercised tremendous control, and kept blocking standards that were more friendly to the commercial sector. That battle went on between 1987 until the mid 1990s. It was quite ugly.

    “Another battle was over the clipper chip. Clipper was a very hard algorithm with a secure key, but the key was split and was to be shared with agencies of the federal government. The idea was [that] a business person travelling overseas would be able to use a clipper-enabled phone and talk securely with the office back at home.

    “But if you’re doing something illegal the US government will be able to decrypt easily, because the keys are held by its agencies.

    “It was a complete flop. Outside the US, no one wanted it. Inside the US, no one bought it. It was a total failure.

    “The controls on cryptography in the 1990s were very odd because they were controls on an export. If you wanted to export a computer or communications device with cryptography, you needed an export licence from the US government.

    “Much of the time you would get ‘We’re looking at it, we’ll get back to you.’ Of course, when you’re selling high tech, you don’t need a delay of two months, [so] you decide not to have strong encryption within the device – you put in something very weak that the US government will allow to go without a licence. The effect was to not have strong encryption domestically as well as abroad.

    “In 2000, the US government loosened the controls on export of devices with strong encryption; it looked as if the private sector won the battle.”

    Reply

Leave a Reply to shinichi Cancel reply

Your email address will not be published. Required fields are marked *