Practical Applications - Cryptology Unlocked

Cryptography Reference

In-Depth Information

Why? It took the crypto-monopoly they believed to have owned away from

them. I will first discuss the 'classic' PGP 2.6 in the following sections, and

start dealing with OpenPGP, the currently popular standard, in Section 7.1.4.

7.1.1 Phil Zimmermann, the NSA, and US Laws

The motivation for PGP was the insight that though email is very convenient,

it is also very insecure. Most users cannot imagine that the security of email

messages corresponds to that of postcards at most. I'd even claim it's less.

Anyone, like nosy mail sorters or postmen, who can touch the postcard can

read what's on the back, which is not too scary since they all are honest people,

or mostly. In contrast, nobody can say what paths email messages may take on

the Internet. Your mail may be transported across countries with lots of bribable

system administrators — perhaps paid by their secret service — who knows?

I think you know the problem, so I don't have to make an effort to convince

you. You also know that there is only one way to secure information in insecure

networks: by encrypting it.

That's exactly what Phil Zimmermann, a computer engineer from Boulder,

Colorado, thought, too. Not all business people are conservative. Phil Zimmer-

mann had even done time for activities against the nuclear race in the early

1980s. These sorts of practical experiences may have aroused a certain dislike

of overly mighty governments. At the same time, he very well saw the large

number of surveillance possibilities that the quickly evolving Internet brought

along. As an enthusiast cryptologist, he felt a need to counter 'Big Brother'.

Zimmermann thought of a cryptographically secure program that should allow

everybody to send encrypted emails. The name PGP for 'Pretty Good Pri-

vacy' was probably intentional — it was a matter of protecting people's privacy

against the government.

PGP Was Born

Zimmermann put enormous effort into the development of PGP for about ten

years and almost ruined himself financially. In addition to his intensive dealing

with cryptology and the development of PGP, he was confronted with the law

rather unexpectedly. And what's more, at a time when he thought he was ready

to make some money from PGP.

First of all, there were patent-law problems. He didn't get a free license for

the RSA method. This meant that he couldn't sell PGP, and he couldn't

Search WWH ::

Custom Search

Home