By Rachel Chalmers
The mood at RSA Data Security’s annual conference is a pretty good indicator of the state of the information security industry in general and cryptography in particular. This year’s conference, the largest ever, brings together a menagerie of players – mathematicians, vendors, owners of IP, pirates, freedom-loving individuals and paranoid governments – whose interests are frequently impossible to reconcile. As cryptography becomes more and more essential to secure electronic commerce, marketers and entrepreneurs have moved into this once arcane field of mathematics. Yet even as the big bucks roll in, the nuts and bolts retain their fascination. Press conferences launching new products languish in near-empty rooms, while across the hall in the Developers’ Track Seminar, candidates whose employers shelled out $1,600 for the privilege are sitting cross-legged at the feet of industry guru Bruce Schneier. The cryptographers themselves tend to deflect questions about commercial applications of their ideas. Someone will get us to build it, says an unconcerned Schneier of his latest planned system, which secures audit trails in ecommerce. He is realistic about the limitations of his craft, and dismissive of those in search of a silver bullet for preventing fraud. Cryptography is just maths, he explains, if you think it can solve all your problems, you don’t understand cryptography and you don’t understand your problems. Cryptographers know that it is impossible to make systems perfectly secure. Our secret is that most of the stuff we have doesn’t work very well, said Sun’s chief science officer John Gage in his keynote speech. It’s equivalent to writing bug-free software, explains Certicom’s Tim Dierks, it’s at best an impossible task. The academicians are content to make engineering trade-offs between the security they need and the time and money they are prepared to spend on it. For vendors, that’s a more difficult call. It’s hard to sell software if you have to admit it may not be perfect. Besides, the software is only half the problem. The best encryption in the world is no use whatsoever without well thought out and strictly applied security policies. Managing unpredictable human behavior is the most expensive and time-consuming part of the job.
Avaricious vendors
Unscrupulous vendors respond to these complex problems in unhelpful ways. Dierks points out that most results in academic cryptography are negative; that is to say, someone has taken a published algorithm and broken it. That’s not to say that those algorithms are weak, and that unbroken algorithms are strong. On the contrary, the algorithms that have been broken and fixed many times are more likely to be secure for having survived the rigors of peer review. An untested algorithm is an unknown quantity. Vendors who say their encryption has never been cracked may only be saying that reputable cryptographers have not considered it worthy of their attention. Nor is the conflict between pragmatic academics and avaricious vendors the only one to spice up the RSA Conference. There’s also the tension between holders of intellectual property who want to keep it out of pirates’ hands, and the old-style cypherpunks and free software fanatics. The Business Software Alliance, a foe to software pirates the world over, has a particular image problem here. Then there’s the most serious fight of all, the one between the US Government, which wants to keep strong encryption out of the hands of criminals and terrorists, and the rest of the industry, which is united in wanting to get strong encryption into as many hands as possible. The 22-hour DES crack (see separate story) encapsulates these tensions. The 56-bit DES algorithm is the strongest that can be legally exported from the USA. (The government has already recognized that DES is inadequate for its own purposes, and the hunt for the Advanced Encryption Standard (AES) is under way. Obsolete though it is, DES is apparently good enough for the rest of us.) DES is one of the truly great algorithms – after 25 years, the only attack that works is brute force – but computing power has outrun it and at 56 bits per key, it is no longer secure. Brute force attacks on DES are now fast enough to be useful and cheap enough to be feasible. As of today, if it’s not 128-bit or better, it’s not strong encryption. And if it is, the government doesn’t want you to have it. The Electronic Frontier Foundation’s John Gilmore wants strong encryption to protect personal privacy. Banks want strong encryption to prevent fraud. RSA wants to sell strong encryption to customers around the world. In each case, national boundaries are irrelevant. This is not the case with the Department of Commerce or with the 33 nations that are signatories to the Wassenaar agreement. In December the Wassenaar nations agreed to limit consumers’ access to cryptographic software. The US Government – with its allies in the UK, Canada, New Zealand and Australia – wants to continue keeping an eye on electronic communications as it has done, through the Echelon program, since shortly after the Second World War. Widespread use of encryption would make that impossible. To misquote Rousseau, information wants to be free but is everywhere in chains. The situation is not good for electronic commerce or for ordinary people, but certainly makes for a diverting conference.
