6
Pretty Good Privacy
The politics of privacy,
the future of cryptography
and the quest for an
uncrackable code
The exchange of digital information has become an integral part of our society. Already, tens of millions of emails are sent each day, the Internet has provided the infrastructure for the digital marketplace, and e-commerce is thriving. Money is flowing through cyberspace, and it is estimated that every day half the world’s gross domestic product travels through the Society for Worldwide Interbank Financial Telecommunications (SWIFT) network. Democracies that favour referenda will begin to have online voting, and governments are increasingly using the Internet to help administer their countries, offering facilities such as online tax returns. Without doubt, the Information Age is under way, and we live in a wired world.
Critically, the success of the Information Age depends on the ability to protect information as it flows around the world, and this relies on the power of cryptography. Encryption can be seen as providing the locks and keys of the Information Age. For two thousand years encryption has been of importance only to governments and the military, but today it also has a role to play in facilitating business, and tomorrow ordinary people will rely on cryptography in order to protect their privacy. Fortunately, just as the Information Age is taking off, we have access to extraordinarily strong encryption. The development of public-key cryptography, particularly the RSA cipher, has given today’s cryptographers a clear advantage in their continual power struggle against cryptanalysts. If the value of N is large enough, then finding p and q takes Eve an unreasonable amount of time, and RSA encryption is therefore effectively unbreakable. Most important of all, public-key cryptography is not weakened by any key-distribution problems. In short, RSA guarantees almost unbreakable locks for our most precious pieces of information.
Figure 51 Phil Zimmermann.
However, as with every technology, there is a dark side to encryption. As well as protecting the communications of law-abiding citizens, encryption also protects the communications of criminals and terrorists. Currently, police forces use wiretapping as a way of gathering evidence to counter organized crime and terrorism, but this would be ineffective if criminals used unbreakable ciphers.
In the twenty-first century, the fundamental dilemma for cryptography is to find a way of allowing the public and businesses to use encryption in order to exploit the benefits of the Information Age, without allowing criminals to abuse encryption and evade arrest. There is currently an active and vigorous debate about the best way forward, and much of the discussion has been inspired by the story of Phil Zimmermann, an American cryptographer whose attempts to encourage the widespread use of strong encryption have frightened America’s security experts, threatened the effectiveness of the billion-dollar National Security Agency and made him the subject of a major inquiry and a grand-jury investigation.
In the late 1980s Zimmermann, who had long been a political activist, began to focus his attentions on the digital revolution and the necessity for encryption:
Cryptography used to be an obscure science, of little relevance to everyday life. Historically, it always had a special role in military and diplomatic communications. But in the Information Age, cryptography is about political power, and in particular, about the power relationship between a government and its people. It is about the right to privacy, freedom of speech, freedom of political association, freedom of the press, freedom from unreasonable search and seizure, freedom to be left alone.
According to Zimmermann, there is a fundamental difference between traditional and digital communication, which has important implications for security:
In the past, if the government wanted to violate the privacy of ordinary citizens, it had to expend a certain amount of effort to intercept and steam open and read paper mail, or listen to and possibly transcribe spoken telephone conversations. This is analogous to catching fish with a hook and a line, one fish at a time. Fortunately for freedom and democracy, this kind of labor-intensive monitoring is not practical on a large scale. Today, electronic mail is gradually replacing conventional paper mail, and is soon to be the norm for everyone, not the novelty it is today. Unlike paper mail, email messages are just too easy to intercept and scan for interesting keywords. This can be done easily, routinely, automatically, and undetectably on a grand scale. This is analogous to driftnet fishing – making a quantitative and qualitative Orwellian difference to the health of democracy.
The difference between ordinary and digital mail can be illustrated by imagining that Alice wants to send out invitations to her birthday party, and that Eve, who has not been invited, wants to know the time and place of the party. If Alice uses the traditional method of posting letters, then it is very difficult for Eve to intercept one of the invitations. To start with, Eve does not know where Alice’s invitations entered the postal system, because Alice could use any mailbox in the city. Her only hope for intercepting one of the invitations is to somehow identify the address of one of Alice’s friends and infiltrate the local sorting office. She then has to check each and every letter manually. If she does manage to find a letter from Alice, she will have to steam it open in order to get the information she wants, and then return it to its original condition to avoid any suspicion of tampering.
In comparison, Eve’s task is made much easier if Alice sends her invitations by email. As the messages leave Alice’s computer, they will go to a local server, a main entry point for the Internet; if Eve is clever enough, she can hack into that local server without leaving her home. The invitations will carry Alice’s email address, and it would be a trivial matter to set up an electronic filter that looks for emails containing Alice’s address. Once an invitation has been found, there is no envelope to open, and so no problem in reading it. Furthermore, the invitation can be sent on its way without it showing any sign of having been intercepted. Alice would be oblivious to what was going on. However, there is a way to prevent Eve from reading Alice’s emails, namely, encryption.
The majority of the emails that are sent around the world each day are vulnerable to interception, because most people do not use encryption. According to Zimmermann, cryptographers have a duty to encourage the use of encryption and thereby protect the privacy of the individual:
A future government could inherit a technology infrastructure that’s optimized for surveillance, where they can watch the movements of their political opposition, every financial transaction, every communication, every bit of email, every phone call. Everything could be filtered and scanned and automatically recognized by voice recognition technology and transcribed. It’s time for cryptography to step out of the shadows of spies and the military, and step into the sunshine and be embraced by the rest of us.
In theory, when RSA was invented in 1977, it offered an antidote to the Big Brother scenario because individuals were able to create their own public and private keys, and thereafter send and receive perfectly secure messages. However, in practice there was a major problem, because the actual process of RSA encryption required substantial computing resources. Consequently, in the 1980s it was only governments, the military and large businesses that owned computers powerful enough to run the RSA encryption system. Not surprisingly, RSA Data Security, Inc., the company set up to commercialize RSA, developed its encryption products with only these markets in mind.
In contrast, Zimmermann believed that everybody deserved the privacy that was offered by RSA encryption, and he directed his efforts toward developing an RSA encryption product for the masses. He intended to draw upon his background in computer science to design a product with economy and efficiency in mind, thus not overloading the capacity of an ordinary personal computer. He also wanted his version of RSA to have a particularly friendly interface, so that the user did not have to be an expert in cryptography to operate it. He called his project Pretty Good Privacy, or PGP for short. The name was inspired by Ralph’s Pretty Good Groceries, a sponsor of Garrison Keillor’s A Prairie Home Companion, one of Zimmermann’s favourite radio shows.
During the late 1980s, working from his home in Boulder, Colorado, Zimmermann gradually pieced together his scrambling software package. His main goal was to speed up RSA encryption. Ordinarily, if Alice wants to use RSA to encrypt a message to Bob, she looks up his public key and then applies RSA’s one-way function to the message. Conversely, Bob decrypts the ciphertext by using his private key to reverse RSA’s one-way function. Both processes require considerable mathematical manipulation, so encryption and decryption can, if the message is long, take several minutes on a personal computer. If Alice is sending a hundred messages a day, she cannot afford to spend several minutes encrypting each one. To speed up encryption and decryption, Zimmermann employed a neat trick that used asymmetric RSA encryption together with old-fashioned symmetric encryption. Traditional symmetric encryption can be just as secure as asymmetric encryption, and it is much quicker to perform, but symmetric encryption suffers from the problem of having to distribute the key, which has to be securely transported from the sender to the receiver. This is where RSA comes to the rescue, because RSA can be used to encrypt the symmetric key.
Zimmermann pictured the following scenario. If Alice wants to send an encrypted message to Bob, she begins by encrypting it with a symmetric cipher. Zimmermann suggested using a cipher known as IDEA. To encrypt with IDEA, Alice needs to choose a key, but for Bob to decrypt the message Alice somehow has to get the key to Bob. Alice overcomes this problem by looking up Bob’s RSA public key and then uses it to encrypt the IDEA key. So Alice ends up sending two things to Bob: the message encrypted with the symmetric IDEA cipher and the IDEA key encrypted with the asymmetric RSA cipher. At the other end, Bob uses his RSA private key to decrypt the IDEA key, and then uses the IDEA key to decrypt the message. This might seem convoluted, but the advantage is that the message, which might contain a large amount of information, is being encrypted with a quick symmetric cipher, and only the symmetric IDEA key, which consists of a relatively small amount of information, is being encrypted with a slow asymmetric cipher. Zimmermann planned to have this complex combination of RSA and IDEA within the PGP product, but the user-friendly interface would mean that the user would not have to get involved in the nuts and bolts of what was going on.
By the summer of 1991, Zimmermann was well on the way to turning PGP into a polished product. Only one problem remained: the U.S. Senate’s 1991 omnibus anti-crime bill, which contained the following clause: “It is the sense of Congress that providers of electronic communications services and manufacturers of electronic communications service equipment shall ensure that communications systems permit the government to obtain the plain text contents of voice, data, and other communications when appropriately authorized by law.” The Senate was concerned that developments in digital technology, such as cellular telephones, might prevent law enforcers from performing effective wiretaps. However, as well as forcing companies to guarantee the possibility of wiretapping, the bill also seemed to threaten all forms of secure encryption.
A concerted effort by RSA Data Security, the communications industry and civil-liberties groups forced the clause to be dropped, but the consensus was that this was only a temporary reprieve. Zimmermann was fearful that sooner or later the government would again try to bring in legislation that would effectively outlaw encryption such as PGP. He had always intended to sell PGP, but now he reconsidered his options. Rather than waiting and risk PGP being banned by the government, he decided that it was more important for it to be available to everybody before it was too late. In June 1991 he took the drastic step of asking a friend to post PGP on a Usenet bulletin board. PGP is just a piece software, and so from the bulletin board it could be downloaded by anyone for free. PGP was now loose on the Internet.
Initially, PGP caused a buzz only among aficionados of cryptography. Later it was downloaded by a wider range of Internet enthusiasts. Next, computer magazines ran brief reports and then full-page articles on the PGP phenomenon. Gradually PGP began to permeate the most remote corners of the digital community. For example, human-rights groups around the world started to use PGP to encrypt their documents, in order to prevent the information from falling into the hands of the regimes that were being accused of human-rights abuses. Zimmermann began to receive emails praising him for his creation. “There are resistance groups in Burma,” says Zimmermann, “who are using it in jungle training camps. They’ve said that it’s helped morale there, because before PGP was introduced captured documents would lead to the arrest, torture and execution of entire families.” In 1991, on the day that Boris Yeltsin was shelling Moscow’s Parliament building, Zimmermann received this email via someone in Latvia: “Phil, I wish you to know: let it never be, but if dictatorship takes over Russia, your PGP is widespread from Baltic to Far East now and will help democratic people if necessary. Thanks.”
While Zimmermann was gaining fans around the world, back home in America he was less popular. In February 1993, two government investigators paid Zimmermann a visit on the grounds that the U.S. government included encryption software within its definition of munitions, along with missiles, mortars and machine guns. Therefore PGP could not be exported without a licence from the State Department. In other words, Zimmermann was accused of being an arms dealer because he had exported PGP via the Internet. Over the next three years Zimmermann became the subject of a grand-jury investigation and was pursued by government officials.
The investigation into Phil Zimmermann and PGP ignited a debate about the positive and negative effects of encryption in the Information Age. The spread of PGP encouraged cryptographers, politicians, civil libertarians and law enforcers to think about the implications of widespread encryption. There were those, like Zimmermann, who believed that the widespread use of secure encryption would be a boon to society, providing individuals with privacy for their digital communications. Ranged against them were those who believed that encryption was a threat to society, because criminals and terrorists would be able to communicate in secret, safe from police wiretaps.
Law enforcers argue that effective wiretapping is necessary in order to maintain law and order, and that encryption should be restricted so that they can continue with their interceptions. The police have already encountered criminals using strong encryption to protect themselves. A German legal expert said that “hot businesses such as the arms and drug trades are no longer done by phone, but are being settled in encrypted form on the worldwide data networks.” A White House official indicated a similarly worrying trend in America, claiming that “organized crime members are some of the most advanced users of computer systems and of strong encryption.” For instance, the Cali cartel arranges its drug deals via encrypted communications. Law enforcers fear that the Internet coupled with cryptography will help criminals to communicate and coordinate their efforts.
In addition to encrypting communications, criminals and terrorists are also encrypting their plans and records, hindering the recovery of evidence. The Aum Shinrikyo sect, responsible for the gas attacks on the Tokyo subway in 1995, were found to have encrypted some of their documents using RSA. Ramsey Yousef, one of the terrorists involved in the 1993 World Trade Centre bombing, kept plans for future terrorist acts encrypted on his laptop. Besides international terrorist organizations, run-of-the-mill criminals also benefit from encryption. An illegal gambling syndicate in America, for example, encrypted its accounts for four years. A study by Dorothy Denning and William Baugh commissioned in 1997 by the National Strategy Information Centre’s U.S. Working Group on Organized Crime estimated that there were five hundred criminal cases worldwide involving encryption and predicted that this number would roughly double each year.
In addition to domestic policing, there are also issues of national security. Americas National Security Agency is responsible for gathering intelligence on the nations enemies by deciphering their communications. The NSA operates a worldwide network of listening stations, in cooperation with Britain, Australia, Canada and New Zealand, who all gather and share information. The network includes sites such as the Menwith Hill Signals Intelligence Base in Yorkshire, the world’s largest spy station. Part of Menwith Hill’s work involves the Echelon system, which is capable of scanning emails, faxes, telexes and telephone calls, searching for particular words. Echelon operates according to a dictionary of suspicious words, such as Hezbollah, assassin and Pentagon, and the system is smart enough to recognize these words in real time. Echelon can earmark questionable messages for further examination, enabling it to monitor messages from particular political groups or terrorist organizations. However, Echelon would effectively be useless if all messages were strongly encrypted. Each of the nations participating in Echelon would lose valuable intelligence on political plotting and terrorist attacks.
On the other side of the debate are the civil libertarians, including groups such as the Centre for Democracy and Technology and the Electronic Frontier Foundation. The pro-encryption case is based on the belief that privacy is a fundamental human right, as recognized by Article 12 of the Universal Declaration of Human Rights: “No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks.”
Civil libertarians argue that the widespread use of encryption is essential for guaranteeing the right to privacy. Otherwise, they fear, the advent of advanced monitoring technology will herald a new era of wiretapping and the abuses that inevitably follow. In the past, governments around the world have frequently used their power in order to conduct wiretaps on innocent citizens.
One of the best-known cases of continuous unjustified wiretapping concerns Martin Luther King Jr., whose telephone conversations were monitored for several years. For example, in 1963 the FBI obtained information on King via a wiretap and fed it to Senator James Eastland in order to help him in debates on a civil-rights bill. More generally, the FBI gathered details about Kings personal life, which were used to discredit him. Recordings of King telling bawdy stories were sent to his wife and played in front of President Johnson. Then, following Kings receipt of the Nobel prize, embarrassing details about Kings life were passed to any organization that was considering conferring an honour upon him.
Possibly the greatest infringement of everybody’s privacy is the international Echelon programme. Echelon does not have to justify its interceptions, and it does not focus on particular individuals. Instead, it indiscriminately harvests information, using receivers that detect the telecommunications that bounce off satellites. If Alice sends a harmless transatlantic message to Bob, then it will certainly be intercepted by Echelon, and if the message happens to contain a few words that appear in the Echelon dictionary, then it would be earmarked for further examination, alongside messages from extreme political groups and terrorist gangs. Whereas law enforcers argue that encryption should be banned because it would make Echelon ineffective, the civil libertarians argue that encryption is necessary exactly because it would make Echelon ineffective.
Ron Rivest, one of the inventors of RSA, thinks that restricting cryptography would be foolhardy:
It is poor policy to clamp down indiscriminately on a technology just because some criminals might be able to use it to their advantage. For example, any U.S. citizen can freely buy a pair of gloves, even though a burglar might use them to ransack a house without leaving fingerprints. Cryptography is a data-protection technology, just as gloves are a hand-protection technology. Cryptography protects data from hackers, corporate spies, and con artists, whereas gloves protect hands from cuts, scrapes, heat, cold, and infection. The former can frustrate FBI wire-tapping, and the latter can thwart FBI fingerprint analysis. Cryptography and gloves are both dirt-cheap and widely available. In fact, you can download good cryptographic software from the Internet for less than the price of a good pair of gloves.
Possibly the greatest allies of the civil libertarian cause are the big corporations. Internet commerce is still in its infancy, but sales are growing rapidly, with retailers of books, music CDs and computer software leading the way, and supermarkets, travel companies and other businesses following in their wake. Just a few years from now, Internet commerce could dominate the marketplace, but only if businesses can address the issues of security and trust. A business must be able to guarantee the privacy and security of financial transactions, and the only way to do this is to employ strong encryption.
At the moment, a purchase on the Internet can be secured by public-key cryptography. Alice visits a company’s Web site and selects an item. She fills in an order form that asks her for her name, address and credit card details. Alice then uses the company’s public key to encrypt the order form. The encrypted order form is transmitted to the company, which is the only entity able to decrypt it, because only it has the private key necessary for decryption. All of this is done automatically by Alice’s Web browser (e.g., Netscape or Explorer) in conjunction with the company’s computer.
Businesses also desire strong encryption for another reason. Corporations store vast amounts of information on computer databases, including product descriptions, customer details and business accounts. Naturally, corporations want to protect this information from hackers who might infiltrate the computer and steal the information. This protection can be achieved by encrypting stored information, so that even if somebody hacks into the database he cannot read it.
To summarize the situation, it is clear that the debate has been dominated by two camps: civil libertarians and businesses are in favour of strong encryption, while law enforcers are in favour of severe restrictions. More recently, though, there has been a third option that might offer a compromise. Over the last decade, cryptographers and policy makers have been investigating the pros and cons of a scheme known as key escrow. The term escrow usually relates to an arrangement in which someone gives a sum of money to a third party, who can then deliver the money to a second party under certain circumstances. For example, a tenant may lodge a deposit with a lawyer, who can then deliver it to a landlord in the event of damage to the property. In terms of cryptography, escrow means that Alice will give a copy of her private key to an escrow agent, an independent, reliable middleman, who is empowered to deliver the private key to the police if ever there is sufficient evidence to suggest that Alice is involved in crime.
The most famous trial of cryptographic key escrow was the American Escrowed Encryption Standard, adopted in 1994. The aim was to encourage the adoption of two encryption systems, called clipper and capstone, to be used for telephone communication and computer communication, respectively. To use clipper encryption, Alice would buy a phone with a preinstalled chip that would hold her secret private-key information. At the very moment she bought the clipper phone, a copy of the private key in the chip would be split into two halves, and each half would be sent to two separate federal authorities for storage. The U.S. government argued that Alice would have access to secure encryption, and her privacy would be broken only if law enforcers could persuade both federal authorities that there was a case for obtaining her escrowed private key.
The U.S. government employed clipper and capstone for its own communications, and made it obligatory for companies involved in government business to adopt the American Escrowed Encryption Standard. Other businesses and individuals were free to use other forms of encryption, but the government hoped that clipper and capstone would gradually become the nations favourite form of encryption. However, the policy did not work. The idea of key escrow won few supporters outside government. Civil libertarians did not like the idea of federal authorities having possession of everybody’s keys – they made an analogy to real keys and asked how people would feel if the government had the keys to all our houses. Cryptographic experts pointed out that just one crooked employee could undermine the whole system by selling escrowed keys to the highest bidder. And businesses were worried about confidentiality. For example, a European business in the United States might fear that its messages were being intercepted by American trade officials in an attempt to obtain secrets that might give American rivals a competitive edge.
Although the U.S. government has backtracked on its key escrow proposals, many suspect that it will attempt to reintroduce an alternative form of key escrow at some time in the future. Having witnessed the failure of optional escrow, governments might even consider compulsory escrow. Meanwhile, the pro-encryption lobby continues to argue against key escrow. Kenneth Neil Cukier, a technology journalist, has written: “The people involved in the crypto debate are all intelligent, honorable and pro-escrow, but they never possess more than two of these qualities at once.”
There are various other options that governments could choose to implement in order to try to balance the concerns of civil libertarians, business and law enforcement. It is far from clear which will be the preferred option, because at present cryptographic policy is in a state of flux. By the time you read this there will have been several more twists and turns in the debate on cryptographic policy.
Nobody can predict with certainty the shape of cryptographic policy ten years from now. Personally, I suspect that in the near future the pro-encryption lobby will initially win the argument, mainly because no country will want to have encryption laws that prohibit e-commerce. If this policy does turn out to be a mistake, then the consequences will not necessarily lead to long-term disaster, because it will always be possible to reverse the laws. If law enforcers could show that wiretaps could prevent terrorist atrocities, then governments would rapidly gain sympathy for a policy of key escrow. All users of strong encryption would be forced to deposit their keys with a key escrow agent, and thereafter anybody who sent an encrypted message with a nonescrowed key would be breaking the law. If the penalty for nonescrowed encryption were sufficiently severe, law enforcers could regain control. Later, if governments were to abuse the trust associated with a system of key escrow, the public would call for a return to cryptographic freedom, and the pendulum would swing back. In short, there is no reason why we cannot change our policy to suit the political, economic and social climate. The deciding factor will be whom the public fears more – criminals or the government.
THE FUTURE OF CRYPTOGRAPHY
In 1996, after three years of investigation, the U.S. Attorney General’s office dropped its case against Zimmermann. The authorities realized that it was too late – PGP had escaped on to the Internet, and prosecuting Zimmermann would achieve nothing. There was the additional problem that Zimmermann was being supported by major institutions, such as the Massachusetts Institute of Technology Press, which had published PGP in a six-hundred-page book. The book was being distributed around the world, so prosecuting Zimmermann would have meant prosecuting the MIT Press. The authorities were also reluctant to pursue a prosecution because there was a chance that Zimmermann would not be convicted. A trial might achieve nothing more than an embarrassing constitutional debate about the right to privacy, thereby stirring up yet more public sympathy in favour of widespread encryption.
At last, PGP was a legitimate product and Zimmermann was a free man. The investigation had turned him into a cryptographic crusader, and every marketing manager in the world must have envied the notoriety and free publicity that the case gave to PGP. At the end of 1997, Zimmermann sold PGP to Network Associates, and he became one of their senior partners. Although PGP is now sold to businesses, it is still freely available to individuals who do not intend to use it for any commercial purpose. In other words, individuals who merely wish to exercise their right to privacy can still download PGP from the Internet without paying for it.
If you would like to obtain a copy of PGP, there are many sites on the Internet that offer it, and you should find them fairly easily. Probably the most reliable source is at www.pgpi.com/, the International PGP Home Page, from which you can download the American and international versions of PGP. At this point, I would like to absolve myself of any responsibility – if you do choose to install PGP, it is up to you to check that your computer is capable of running it, that the software is not infected with a virus, and so on. Also, you should check that you are in a country that permits the use of strong encryption.
The invention of public-key cryptography and the political debate that surrounds the use of strong cryptography bring us up to the present day, and it is clear that the cryptographers are winning the information war. According to Phil Zimmermann, we live in a golden age of cryptography: “It is now possible to make ciphers in modern cryptography that are really, really out of reach of all known forms of cryptanalysis. And I think it’s going to stay that way.” Zimmermann’s view is supported by William Crowell, deputy director of the NSA: “If all the personal computers in the world – approximately 260 million computers – were to be put to work on a single PGP-encrypted message, it would take on average an estimated twelve million times the age of the universe to break a single message.”
Previous experience, however, tells us that every so-called unbreakable cipher has, sooner or later, succumbed to cryptanalysis. The Vigenère cipher was called le chiffre indéchiffrable, but Babbage broke it; Enigma was considered invulnerable until the Poles revealed its weaknesses. So, are cryptanalysts on the verge of another breakthrough, or is Zimmermann right? Predicting future developments in any technology is always a precarious task, but with ciphers it is particularly risky. Not only do we have to guess which discoveries lie in the future, but we also have to guess which discoveries lie in the present. The tale of James Ellis and GCHQ warns us that there may already be remarkable breakthroughs hidden behind the veil of government secrecy.
But even if RSA is cracked, there is hope for secure encryption already. In 1984, Charles Bennett, a research fellow at IBM’s Thomas J. Watson Laboratories in New York, developed the idea of quantum cryptography, an encryption system that is absolutely unbreakable. Quantum cryptography is based on quantum physics, a theory that explains how the universe operates at the most fundamental level. Bennett’s idea is based on an aspect of quantum physics known as Heisenberg’s uncertainty principle, which states that it is impossible to measure something with perfect accuracy because the act of measurement alters the object being measured.
For example, in order to measure the length of my hand, I must be able to see it, and therefore I must have a source of light, whether it is the sun or a lightbulb. The waves of light stream on to my hand and are then reflected towards my eye, but there are two problems. First, the wavelength of the light limits the accuracy of any length measurement. Additionally, the impact of light waves on my hand will actually change it, just like sea waves lapping against a cliff. As in the case of sea waves, the effect of the light waves is minuscule and is imperceptible at an everyday level. So an engineer trying to measure a bolt to a high degree of precision is limited by the quality of the measuring apparatus long before he runs into the limitations resulting from the uncertainty principle. At the microscopic level, however, the uncertainty principle is a serious problem. At the scale of protons and electrons, inaccuracies in measurement can become comparable to the size of objects being measured. The impact of light can significantly alter the tiny particles being observed.
Bennett came up with the idea of sending messages using fundamental particles, so tiny that if Eve tried to intercept or measure them, then she would mismeasure and alter them. In short, it becomes impossible for Eve to accurately intercept a communication, and even if she attempts to do this, her impact on the communication will become apparent to Alice and Bob, who will know that she is listening and will halt their correspondence.
You might wonder about the following problem: if Alice sends Bob a quantum cyrptographic communication, and Eve cannot read it because of the uncertainty principle, then how can Bob read it? Isn’t he also stymied by the uncertainty principle? The solution is that Bob needs to send a cryptic message back to Alice to confirm what he has received. Because Alice knows what she originally sent to Bob, this second message can be used to remove any ambiguity between Alice and Bob, while still leaving Eve in the dark. At the end of this double exchange, Alice and Bob are in a position to enjoy absolutely secure communication.
Figure 52 Charles Bennett.
The whole idea of quantum cryptography sounds preposterous, but in 1988 Bennett successfully demonstrated secure communication between two computers across a distance of twelve inches. Long-distance messages are problematic, because the message is being conveyed by individual particles, which are more likely to be corrupted the further they have to travel. So, ever since Bennett’s experiment, the challenge has been to build a quantum cryptographic system that operates over useful distances. In 1995, researchers at the University of Geneva in Switzerland succeeded in implementing quantum cryptography from Geneva to the town of Nyon, a distance of a little over fourteen miles.
Security experts are now wondering how long it will be before quantum cryptography becomes a practical technology. At the moment there is no advantage in having quantum cryptography, because the RSA cipher already gives us access to effectively unbreakable encryption. However, if a codebreaker found a flaw in RSA, then quantum cryptography would become a necessity. So the race is on. The Swiss experiment has already demonstrated that it would be feasible to build a system that permits secure communication between financial institutions within a single city. Indeed, it is currently possible to build a quantum cryptography link between the White House and the Pentagon. Perhaps there already is one.
Quantum cryptography would mark the end of the battle between codemakers and codebreakers, the codemakers emerging victorious, because quantum cryptography is a truly unbreakable system of encryption. This may seem a rather exaggerated assertion, particularly in the light of previous similar claims. At different times over the last two thousand years cryptographers have believed that the monoalphabetic cipher, the polyalphabetic cipher and machine ciphers such as Enigma were all unbreakable. In each of these cases the cryptographers were eventually proved wrong because their claims were based merely on the fact that the complexity of the ciphers outstripped the ingenuity and technology of cryptanalysts at one point in history. With hindsight, we can see that the cryptanalysts would inevitably figure out a way of breaking each cipher, or developing technology that would break it for them.
However, the claim that quantum cryptography is secure is qualitatively different from all previous claims. Quantum cryptography is not just effectively unbreakable, it is absolutely unbreakable. Quantum theory, the most successful theory in the history of physics, means that it is impossible for Eve to intercept accurately any communication between Alice and Bob. Eve cannot even attempt to intercept anything without Alice and Bob being warned of her eavesdropping. Indeed, if a message protected by quantum cryptography were ever to be deciphered, it would mean that quantum theory is flawed, which would have devastating implications for physicists – they would be forced to reconsider their understanding of how the universe operates at the most fundamental level.
If quantum cryptography systems can be engineered to operate over long distances, the evolution of ciphers will stop. The quest for privacy will have come to an end. The technology will be available to guarantee secure communications for governments, the military, businesses and the public. The only question remaining would be whether or not governments would allow us to use the technology.