Cryptography`s Past, Present, and Future Role in Society

Transcription

Cryptography`s Past, Present, and Future Role in Society
Cryptography’s
Past, Present,
and Future
Role in Society
Franck Lin
12/16/2010
i
Contents
Executive Summary....................................................................................................................................... 1
Introduction .................................................................................................................................................. 2
Part One: Technological Background ............................................................................................................ 3
Symmetric Key Encryption ........................................................................................................................ 3
Examples of Symmetric Key .................................................................................................................. 4
Asymmetric (Public) Key Encryption ......................................................................................................... 7
One-way functions ................................................................................................................................ 8
RSA ........................................................................................................................................................ 8
Digital Signatures and Hashing ............................................................................................................. 9
Limitations of Public Key Cryptography .............................................................................................. 10
Quantum Key Distribution ...................................................................................................................... 11
Theory ................................................................................................................................................. 11
Cipher Details ...................................................................................................................................... 11
Feasibility ............................................................................................................................................ 12
Conclusion of Technical Overview .......................................................................................................... 12
Part Two: The Digital Age and Cryptography .............................................................................................. 13
Overview of Privacy Laws ....................................................................................................................... 13
Judicial Precedent ............................................................................................................................... 13
The 4th Amendment and Cryptography .................................................................................................. 14
Government and Cryptography .............................................................................................................. 15
Key Disclosure ..................................................................................................................................... 15
Key Escrow .......................................................................................................................................... 15
Cryptography as a Military Asset ........................................................................................................ 16
Export Restrictions ...................................................................................................................... 16
Digital Millennium Copyright Act ........................................................................................................ 17
Society’s Quantum Leap ......................................................................................................................... 18
Conclusion ................................................................................................................................................... 20
Works Cited ................................................................................................................................................. 21
Appendix ....................................................................................................................................................... A
RSA (Asymmetric/Public Key Cipher) ........................................................................................................ A
B92 (Quantum Key Distribution using Polarized Light)............................................................................. B
1
Executive Summary
The Individual and Authority (defined as civil government, military, and corporations) have always had a
complex relationship with cryptography. Craving digital privacy, individuals highly value the
effectiveness and transparency of the algorithms protecting personal and financial secrets. On the other
hand, governments want to intercept criminal communication, the military wants to maintain a proven
military asset, and corporations, especially those that sell media, want to safeguard their multibilliondollar markets. These later desires often run counter to the privacy-rights of the individuals.
After establishing basic technical literacy, I will argue that the future advent on quantum cryptology,
based on the fantastic yet proven field of quantum mechanics, represents a revolution in our
information society. I will show that the past 50 years of digital cryptography has been characterized by
a constant “tug-of-war” between the individual and authority. Quantum cryptology will end this
decade-long struggle and also define who will finally win what cryptographic rights. However, the result
of quantum cryptography is largely dependent on what precedents we establish in this generation.
Lastly, I will attempt to make educated predictions on how our individual privacy rights will be affected
by this technology.
2
Introduction
In the course of human history, there is a collection of technological innovations that have
revolutionized society. The printing press is an often-cited example of the great impact one humble
person’s invention can have on ruling dynasties, world religions, and personal life. Quantum encryption
could rival Guttenberg’s printing press in its impact.
On October 24, 1861, the Governor of Utah sent the first transatlantic telegraph:
“Utah has not seceded but is firm for the Constitution and the laws of our once happy country”
Two days later, the Pony Express ceased existence and digital communication in the United States took
off. Since then, the right to communicate privately has been synonymous with the right to
cryptography.
The first half of this report is a technical overview of cryptography, including current progress on
quantum cryptography. This technical knowledge is a necessary prerequisite for understanding the
second half of this report, which covers cryptography’s complex and sometimes controversial role in
society.
Figure 1: A map of submarine fiber optic cables. The map shows both the importance and
vulnerability of digital communication.
3
Part One: Technological Background
There are two basic types of encryption commonly used today, symmetric key and asymmetric key
encryption. Although the two methods are very different in theory and application, similar terminology
is used to describe the processes: [2]
Plaintext:
Ciphertext:
Bit:
The data or message to be sent, in a clear form anyone can read.
The data in encrypted form.
Binary digit, the basic unit of information stored by a computer. Any letter or number
can be encoded as a string of 8 bits.
Algorithm:
The method used to encrypt and decrypt data, also called a “Cipher.”
Key:
A crucial parameter in the algorithm.
Hash:
A fingerprint for a digital file.
Alice and Bob: Alice is trying to send Bob a message over an insecure channel. Eve wants to eavesdrop.
Attack:
A method that can decrypt the message for an interceptor.
Shannon’s Maxim:
The enemy knows the system! A secure algorithm must assume the enemy
knows everything about the system except the key.
The goal of this section is to provide a brief overview of how ciphers work and the history of
cryptography. The scope includes everything from World War I and excludes the field of classical
cryptography.
Symmetric Key Encryption
Symmetric key encryption is the older and better-known technique. At its most primitive, the algorithm
could be “shift each letter alphabetically” and the key could be “+2.” Therefore, the Alice will simply
shift each letter by 2 spaces to convert plaintext to ciphertext, and Bob will simply shift back 2 spaces to
decrypt the message.
For example:
Plaintext:
MARK IS A SPY
Alice shifts each letter +2: OCTM KU C URA
Bob shifts each letter -2:
MARK IS A SPY
There are three characteristics of this simple exercise that also hold true for even the most complex
symmetric key algorithms:
4



Alice and Bob use the same key to both encrypt and decrypt
The method is useless if they key is not kept privately between Alice and Bob, which is why
this method is sometimes referred to as private key encryption.
Alice must first securely notify Bob of her key
The last characteristic is the method’s greatest limitation. The key, which must be sent in plaintext, can
be intercepted. Overcoming or exploiting this weakness is a reoccurring theme in this report and also a
focus of cryptographic research.
Examples of Symmetric Key
I present four examples to illustrate symmetric key cryptography:




Enigma:
One-time Pad:
Stream Cipher:
Block Cipher:
Historical yet fascinating example.
Unbreakable but hard to implement.
Vulnerable yet still foolishly used.
The current industry standard in security.
Enigma
Such a simple algorithm such as “shift letters” can easily
be attacked by either pure guessing or frequency
analysis. An early example of a complex symmetric key
algorithm is the Enigma machine, used by the German
military in WWII. [2][4] The electro-mechanical
machine consisted of a keyboard and rotary blocks that
scrambled the data. Every time a letter was pressed,
electrical current would flow through the rotary blocks
and power a small light bulb which corresponded to a
letter in ciphertext. Additionally, one or more rotary
blocks would shift after pressing a letter. Therefore,
pressing “A” twice would always yield different results.
In this method, the key consisted of a timetable of the
selection, order, and initial position of the rotary blocks,
which was printed on water-soluble paper so that a
captured intelligence officer could literally eat his key.
Figure 2: Enigma Machine with 3 rotors.
White letters are plaintext, yellow are
ciphertext.
5
Allied powers were able to break the code mostly due
to operator mistakes, which gave Polish and British
cryptanalysts insight in how the Enigma machine
worked. With creative mathematical theory,
cryptanalysts decreased the number of possible keys by
orders of magnitude. For example, knowing that the
rotary block would always shift when a letter was
pressed ruled out some possible keys. Additionally,
phrases such as “Heil Hitler” were very common and
eliminated several possible keys. British Intelligence
built a mechanical “bomb” to quickly cycle through the
Figure 3: British "bomba"
which quickly cycles through
possible rotor arrangements.
remaining possibilities.
One-time Pad
For an unbreakable code, assuming Alice can safely provide Bob with the private key, the “one-time
pad” method can be used. [4]
For example:
Alice randomly generates a string of numbers to be used as the key: 1042
Alice encrypts “Mark” by shifting each letter by a number in the key, using each number
only once for each letter: NAVM
Bob decrypts the ciphertext using the same string “1042”: Mark
Both Alice and Bob throw away the key “1042,” never to be used again.
This method requires a large amount of key material and very secure delivery of the key. Additionally,
truly random numbers are very hard to generate.
6
Stream Ciphers
A stream cipher attempts to imitate a one-time pad.
Since it is impractical to have a key that is at least the
same size as the plaintext, stream ciphers take a smaller
128 bit key and use a complex feedback method to
generate the pseudo-key one would use for a one-time
pad. [4] It is referred to as a pseudo-key because it is
not truly random, as it should be. Therefore, stream
ciphers are insecure. WEP, used to encrypt wireless
Figure 4: A5/1 Cipher. The three short keys are
recombined to make a pseudorandom stream of
key material.
internet networks, SSL, used to encrypt packets of data
sent over the internet, and A5/1, used to encrypt voice
over cell phones, have all been respectively replaced by
WPA2, TSL, and KATSUMI, which are block ciphers.
Unfortunately, WEP is still commonly used since most people do not know that WEP can be successfully
attacked in less than a minute by a child who knows how to run a google search. In fact in 2005, 4 years
after a published paper proved WEP could be attacked in less than a minute, hackers stole credit card
information from T.J. Maxx stores. The hacker himself was sentenced to 20 years in prison but T.J. Maxx
was also sued by a bankers association.
Block Ciphers
Block ciphers represent a major advancement in cryptography and have few vulnerabilities. Most block
ciphers rely on substitution-permutation rounds. In each round, data is broken up into 8-bit sections,
substituted according to a key, recombined, and then rearranged according to a key. Imagine separating
a book into individual pages, taking a page of text, and substituting and rearranging the words. A
particular algorithm may have 12 to 15 rounds. Data Encryption Standard (DES) was once considered
secure and used for most financial transactions but a contest hosted by the authors of RSA (an
asymmetric key cipher to be described later) awarded 10,000 dollars to anyone who could successfully
attack DES. [4] The Electronic Freedom Frontier (a prominent group in the second half of this report)
used 250,000 dollars of custom chips to claim the prize.
7
With the proven weakness of DES, the National Institute
for Standards and Technology hosted a contest to find a
replacement block cipher. A program called Rijndael
won the contest and was renamed Advanced
Encryption Standard (AES). [4] This cipher also uses
Figure 5: The "ShiftRows" step in one round of the
AES cipher. This step is governed by the key.
multiple substitutions and rearrangements to scramble
the data. However, with different formats for
encryption and decryption and more complex
operations, there is currently no known feasible attack
for AES.
Asymmetric (Public) Key Encryption
As mentioned before, the greatest weakness in
symmetric key encryption is that its integrity depends
on selectively sharing its private keys. Of course, it is
not possible to send a private key over its own
encryption. A radically different encryption scheme is
required, called asymmetric key encryption. In
asymmetric key encryption, the key and algorithm for
encryption and decryption are different from each
other. The key for encryption is made public but the
Figure 6: Asymmetric scheme, where there are two distinct
algorithms and two distinct keys.
key for decryption is only known by Bob, the receiver.
As a very general example:
1. Bob lets the world know what his public key is.
2. Alice uses Bob’s public key to encrypt a message and sends ciphertext to Bob.
3. Bob uses his private key to decrypt the message.
4. Eve cannot use Bob’s public key to decrypt the message because the method is one-way.
The security of the cipher from an attack by Eve is dependent on the existence of one-way functions.
8
One-way functions
Simple examples of one-way functions include logarithms and mods.
For example
Log(x)=y
Given y, x is easy to find. It is simply 10y. However, given x, finding y will usually require a calculator or a
table. When y is a 218 bit key, handheld calculators will not suffice but computers can successfully
attack this cipher.
As a stronger example:
x Mod(3)=y
Given x, y is very easy to find. One simply divides x by 3 and outputs the numerator. Therefore, f(4)=1.
However, f-1 is much harder to find, because f-1(1) could be 1,4,7,10, etc…
More complex one-way functions, used in present-day ciphers, are prime-factorization and the ellipticcurve. Since prime-factorization is used in the most well-known asymmetric key cipher, that math
problem will be described in greater detail.
RSA
In 1873, British economist William Jevons rhetorically asked:
“Can the reader say what two numbers multiplied together will produce the number
8616460799? I think it unlikely that anyone but myself will ever know.” [4]
Almost 100 years before the advent of Internet, Jevons realized that factoring the product of two prime
numbers (factoring a semi-prime) was a one-way function.
In RSA, invented by military cryptographers but named after its MIT reinventers, the public key includes
the semi-prime number. An example of the RSA cipher in action is included in Appendix A.
As a clever marketing scheme, RSA Laboratories released several semi-primes and offered cash rewards
to anyone who could factor them. The longest semi-prime factored was RSA-200, with 200 digits, which
9
required 7 years of brute force calculations. When computers advance and attacks become faster, RSA
Laboratories simply recommends longer keys. [2]
Digital Signatures and Hashing
There are two other important uses for
one-way signatures: signatures and
hashing. If Bob is worried that Eve is
pretending to be Alice and sending false
information, Bob can ask Alice to sign
and hash her documents. Using a
different public-private key pair, Alice
can use the private key for encryption
and the public key for decryption. If an
established authority, usually a wellknown company, states what public key
is attributed to Alice, only the real Alice
could encode her name and hash into
Figure 7: How asymmetric key cryptography can be used to sign documents
with hash values.
the document. A hash is a long string of
characters that is a product of a
cascading, one-way function. All of the
text in the document will be used to
generate the hash, so even making
minute changes to the text will
completely change the hash. Hash
functions are available for free, such as
MD5. [4]
In this example, there are two attackers, Eve and Dan:
1. Alice wants to tell Bob to pay Eve 10 dollars.
2. Alice writes out such instructions and signs the document “Alice 38FJ3MZD9,” with the signature
encrypted by her own private key. The alpha-numeric string is the hash. She then encrypts the
entire document, signature included, with Bob’s RSA public key.
10
3. Eve intercepts the document but is unable to crack Bob’s private key. So, she deletes the
original and forges another set of instructions telling Bob to pay her 1000 dollars.
4. However, Eve cannot sign the document “Alice” because Eve does not have Alice’s private key.
5. Dan is a better cryptanalyst and breaks Bob’s private key. He sees Alice’s signature line as
unreadable ciphertext.
6. Dan changes “10” to “1000.” However, this slight change will change the MD5 hash to
something like “193KFE3ZP”
In both examples, Bob will be able to easily realize that someone is trying to feed him false information.
Either Alice’s signature will be missing or the hashes will not match up. This fairly simple procedure is
performed every time anyone visits a website or sends an email. The ability to establish a trustworthy
online identity is critical to every function of the internet.
Limitations of Public Key Cryptography
RSA is limited by its larger computational requirements. Additionally, keys must be longer to provide
the same level of security. Therefore, the most popular security protocols used to secure online data
rely on a hybrid-cipher. Asymmetric encryption is used to send symmetric keys and establish identity,
while symmetric encryption is used to transmit the bulk of the information. An early and still valid
example of this is Phillip Zimmermann’s Pretty Good Privacy (PGP) cipher. [2][4]Additionally,
Zimmermann used his cipher to champion individual cryptographic rights, as explained in the second
half of the paper.
11
Quantum Key Distribution
Since 1970, before the advent of asymmetric
cryptology, physicist and cryptologists alike have
demonstrated the potential to use the laws of quantum
physics in cryptography. Stephen Wiesner
demonstrated in 1970 that information could be
encoded by the polarity of light. Based on Wiesner’s
work, in 1980, Giles Brassard and Charles Bennett
proposed the BB84 cipher. In 1991, Arthur Ekert
developed an alternative cipher using entanglement
theory. In 1992, Bennett published a modified cipher
named B92 that simplified the previous BB84 cipher by
using only 2 of 4 possible polarization states. [2][3]
Figure 8: Heisenberg Uncertainty. By observing
an object, one changes its position and
momentum. Therefore, eavesdroppers will
leave a trace.
Theory
In 1900, Max Planck found that a cooling piece of hot iron released little packets of energy, instead of a
continuous stream. Therefore, he showed that energy is discrete, and each packet is called a quanta.
Since then, our knowledge of the nature of the universe radically changed:

Young found that light was a wave.

Einstein found that light was a particle.

De Broglie found that everything was both a wave and a particle.

Heisenberg found that it is impossible to determine exactly both the momentum and position of
an electron. One basic explanation of Heisenberg uncertainty is that observing the electron will
require a photon to bounce off of it, randomly changing its momentum and position.

Einstein, Podolsky, and Rosen found that particles within a single system are entangled to each
other. Observing one electron of a pair will fix the state of the other electron instantaneously
(faster than light).
Cipher Details
A detailed description of the B92 cipher can be found in Appendix A. There are several characteristics
common to most worked out quantum ciphers:
12




Due to the complexity, the main goal is to communicate a random, private, and symmetric key,
not transmit data.
The one-time pad cipher is used once the key is generated.
The key is created first, then the security of the key is verified through quantum mechanics, and
then ciphertext is sent. Therefore, there is no possibility of Eve observing actual ciphertext.
Instrumental mistakes are the most serious source of error. For example, if two photons are
sent instead of one, this may allow Eve a chance to observe without being detected.
Feasibility
Quantum key distribution is currently experimentally possible and should be commercially feasible
within a decade. The University of Cambridge and Toshiba have achieved transmission rates of 1 Mbit/s
over 20 km of fiber and 10kbit/s over 100 km of fiber. The longest distance over which quantum key
distribution has succeeded is 148.7 km, achieved in 2007 by Los Alamos National Laboratory. Over free
space (no fiber), European collaborators achieved a distance of 144 km, under very clear atmospheric
conditions. There are currently 3 specialized networks that can distribute keys over quantum encryption,
one in the Northeast, one in Vienna, and one in Tokyo. [3]
Conclusion of Technical Overview
All algorithms mentioned in this paper, except for the quantum cipher and the one-time pad, are
breakable. If nothing else, an algorithm can be broken by a brute force attack, cycling through every
possible key. Therefore, the goal of present-day cryptography is to create algorithms that require a
time, data, or processing requirement beyond the capability of attackers. For example, A5/1, the cipher
used to encrypt cell phone conversations, was successfully attacked in 2000 but required 300 GB of data
processing. In reality, A5/1 was not made obsolete until 2006, when the same group demonstrated it
could attack the cipher in real-time. [2]
There following points are takeaways from this section:

Peer-review is essential in ensuring that ciphers have no vulnerabilities, as shown in DES’s
replacement.

There is a constant chase between encryption and attacks, necessitated by advances in math
theory and computing power.

The public often lacks even basic technical literacy in cryptography, as shown in the continued
use of WEP.

Using math and physics, one can prove that the one-time pad with quantum key distribution can
be secure. However, implementation may introduce vulnerabilities.
13
Part Two: The Digital Age and Cryptography
Digital privacy in the 21st century is more important than ever. The wealth of personal and financial
information that is communicated over cell phones, email, and file transfers could, in the wrong hands,
ruin anyone and any corporation. Increasingly, the right to privacy is dependent on the right to
cryptography. Recent legislative and judicial actions show that, for both good and selfish intentions, the
United States is not willing to allow digital privacy.
Overview of Privacy Laws
The right of the people to be secure in their persons, houses, papers, and effects, against
unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon
probable cause, supported by Oath or affirmation, and particularly describing the place to be
searched, and the persons or things to be seized.
th
- 4 Amendment of the Constitution of the United States
The Constitution only vaguely defines what privacy rights are protected. Furthermore, the authors of
the 4th Amendment could not have foreseen the technological advances that have changed the
definitions of “*…+ papers, and effects” and “unreasonable.” Recent court decisions shed light on the
present relationship between Constitution and privacy.
Judicial Precedent
First, what constitutes a “reasonable expectation of privacy”? The Judicial Branch interprets the 4th
amendment to stress “rights-based expectation” over “probability-based expectation.” For example,
Justice Rehnquist explains: [5]
A burglar plying his trade in a summer cabin during the off season may have a thoroughly
justified subjective expectation of privacy, but it is not one which the law recognizes as
“legitimate.” *…+ his expectation is not “one that society is prepared to recognize as
‘reasonable.’”
However, a weakness in this application of the 4th Amendment is that judges have to predict what
society considers a reasonable expectation of privacy. Rulings from different levels of the judicial system
will often disagree and even at the Supreme Court level, contradictions exist. For example, in Florida v.
Riley, the Supreme Court ruled that police do not need a warrant to observe an individual’s property
from public airspace using a helicopter. In Kyllo v. United States, the Supreme Court, without
14
overturning the Riley decision, ruled that police did need a warrant to observe an individual’s property
from public property using thermal imaging. [5] Another example of the haphazard line the Judiciary
draws between “reasonable” and “unreasonable” is the Open Field Doctrine. Under this U.S. legal
doctrine, fields surrounding a house do not fall under the protection of the 4th Amendment. However,
curtilage, the area of land immediately surrounding a home, is protected by the 4th Amendment. [5]
The 4th Amendment and Cryptography
Orin Kerr, a professor of law at George Washington University and a leading scholar in computer crime
law, cites three court cases that are indirectly relevant to cryptography. [5]

In United States v Scott, a circuit court ruled that shredded tax documents could be
reconstructed and admitted as evidence.

In United States v. Longoria, a circuit court ruled that excerpts from a Spanish conversation
could be translated and admitted as evidence even if the criminals switched to Spanish for the
express purpose of hiding their criminal activities.

In Commonwealth v. Copenhefer, the Pennsylvania Supreme Court ruled that deleted files from
a hard drive could be recovered and admitted as evidence.
In these three case examples, Kerr is showing that cryptography cannot create a reasonable expectation
of privacy. Since the act of encrypting is analogous to shredding a document, speaking a foreign
language, and deleting the file directory of a file, it logically follows that society does not view
encryption as a reasonable source of privacy.
However, I disagree. Hopefully, with acquired technical literacy
of the theory and implementation of cryptography, society will
view the safe and key as a more accurate analogy. An individual
is allowed to purchase a safe even though it may be used to
store legitimate yet sensitive material or illegal material. Either
way, once the individual locks the safe, he has established a
reasonable expectation of privacy and a specific warrant would
be needed to force the safe open. Using similar reasoning,
individuals should be allowed to purchase ciphers and once data
is encrypted, 4th Amendment rights apply.
Figure 9: Acceptance of the "lock and key"
analogy would result in strong protections
for encrypted data.
15
Government and Cryptography
The authority, defined previously as the government and corporations, enjoy the security of strong
ciphers yet often do not want individuals also to use strong ciphers. Through legislative and judicial
measures, the government has tried to limit the individual’s access to cryptography, even infringing on
free speech, trial, and privacy rights.
Key Disclosure
Key disclosure laws require, under certain conditions, that individuals surrender cryptographic keys to
law enforcement. In the United States, no law technically exists but key disclosure is established under
case law through the 2007 United States v. Boucher. [1]
In US v. Boucher, a border agent saw child pornography on Boucher’s laptop and arrested Boucher.
When the laptop was turned on again, investigators found that one of the laptop drives was encrypted
with PGP, the freely available hybrid cipher discussed earlier. The grand jury subpoenaed Boucher to
provide the key. Boucher objected, citing his 5th Amendment rights, protection from self-incrimination.
After appeal, a federal district court ruling forced Boucher to provide his key. In this specific case, the
judge strangely cited the fact that the border agent already saw the contents of Boucher’s laptop as
justification that the encrypted drive “adds little or nothing to the sum total.” [1] Most likely, the
controversial subject of key disclosure will surface again and may reach the Supreme Court.
Key Escrow
As a preemptive measure to preclude key disclosure, many law
enforcement agencies advocate for key escrow. In key escrow,
the government is given a “back-door” to a cipher, to be used
when appropriate, such as in a court order. [7] In 1993, before
AES- Rijndael replaced the obsolete DES, the US Government
promoted the Clipper chip which contained a symmetric key
cipher called Skipjack. Skipjack was classified as “SECRET” so
that cryptography experts could not evaluate the strength of
the cipher. The Electronic Frontier Foundation (EFF), the same
foundation that proved the obsoleteness of DES, referred to the
scheme as “key surrender, citing concerns that Skipjack had
Figure 10: Anti-Escrow cartoon.
16
unexamined flaws and the escrow key would be abused.
The government’s ambition for complete access to individuals encrypted files was not limited to just
Clipper. Bill Clinton, approving the Clipper chip in 1993, wrote:
I do not intend to prevent the private sector from developing, or the government from
approving, other microcircuits or algorithms that are equally effective in assuring both privacy
and a secure key-escrow system. [7]
The EFF, individuals concerned with privacy, and even several law-makers vociferously opposed key
escrow. Despite offering incentives to manufacturers, Clipper was never embraced. Simply put, if thenSenator John Ashcroft, pioneer of the USA PATRIOT Act, thinks the government overstepped its
boundaries with key escrow, then key escrow is obviously a step towards a police-state.
Cryptography as a Military Asset
Cryptography has its roots in the military and will always be an important military asset. Along with the
Enigma cipher, Allied cryptanalysts also successfully attacked the Lorenz cipher, used among German
High Command, and JN-25, used by the Japanese Imperial Navy.
In the present-day, beyond the obvious need to keep military orders secret, government-sponsored
cyber-war means cryptography is a national security concern. Stuxnet, an elaborate computer worm
discovered in 2010, overrode speed controls in Iranian centrifuges and set back their nuclear program.
The evidence points towards the Israeli government, who have confirmed that “cyberwarfare is now
among the pillars of its defense doctrine*…+.” The 2010, the Pentagon set up the Cyber Command to
defend its computer networks from foreign attack. It is a recent response to a war that the US seems to
be losing, as there are several confirmed successful attacks on high-value military networks. [1]
17
Export Restrictions
Until 1992, cryptography was on the US Munitions
List. [6][2] Exporting cryptography was a felony
Figure 11: RSA source code.
Before 1992, it was a serious
felony to take this shirt
outside the country.
equivalent to giving an enemy country a physical
AIM-9 Sidewinder heat-seeking missile. Proponents
of unfettered study of cryptography responded by
making cipher tee-shirts and tattoos.
In 1993, Zimmermann, the author of PGP, was under investigation for exporting munitions without a
license, which carried substantial jail-time. In an attempt to invoke more directly his 1st amendment
rights, Zimmerman had published his entire source code in a 907 page book. Anyone could buy the
book, export the book himself, and scan the pages using text-recognition software. Fortunately for
Zimmermann, the federal investigation ended. Furthermore, in 1996, Junger v. Daley established that
Junger, a professor of computer law, could accept non-US citizen students and any software source code
enjoyed 1st Amendment protection. [1]
Even now, with export controls weakened by court rulings and widely available PGP encryption, the US
government is still trying to control dissemination. Non-military cryptography exports (hardware,
software, and even consulting services) need an export license from the Department of Commerce. [1]
Digital Millennium Copyright Act
The DMCA issue, in my opinion, represents a greater threat to digital rights than key disclosure law, key
escrow, and export controls. DMCA, signed by President Bill Clinton, criminalizes production and
dissemination of technology, devices, or services intended to circumvent digital rights management
(DRM), which is software that limits copying and playback. [1] Furthermore, the act of circumventing
DRM is illegal even if the material is not under copyright. For example, using a program to copy a
purchased DVD is illegal, even though making back-ups of purchased media is legal under Fair Use laws.
Among the DMCA, Librarian of Congress “Fair Use” exceptions, and vague 1st Amendment protections,
the boundary between illegal and legal is unclear. Since large media corporations can easily issue
Takedown Notices, most individuals will not risk litigation. [1]
18
DCMA and Cryptography
DMCA has stifled worldwide cryptography research, since any cryptography could be used to circumvent
DRM. I only include a few examples since a full list would be exhaustive.
The most visible example of this conflict is Dmitry Sklyarov’s one-month imprisonment in 2001. Sklyarov
was a Russian PhD student and employee of ElcomSoft, who wrote software that could process DRMprotected eBooks. This act is legal in both the US and Russia but, under DMCA, it is illegal to disseminate
the knowledge. After giving a talk at DEF CON, Sklyarov was arrested by FBI agents. After agreeing to
testify against his employers, he was freed. [1]
In fact, DEF CON, an annual gathering of computer security experts and amateur hackers, has often been
marred by incidents. In 2005, Cisco used legal threats to stop security expert Mike Lynn from presenting
on serious security flaws in Cisco networking equipment. Even though Cisco had already repaired the
flaws (without informing its clients of the original vulnerability) and Lynn removed most of the technical
details, Cisco threatened legal actions. Mike Lynn’s employer threatened to fire Lynn if he gave his
presentation. In response, Lynn resigned from his position an hour before the presentation, gave the
presentation, and asked the audience for employment opportunities. A few months later, he was hired
by another computer security company. [1]
Society’s Quantum Leap
Society, both individuals and authorities, are still struggling to adapt to cryptographic innovations from
fifteen years ago. What impact does the advent of quantum computing and quantum key distribution
have on the laws governing cryptology? Quantum key distribution will almost certainly be restricted,
since it would be a security and military concern. Decades after quantum key distribution is realized,
perhaps quantum cryptography will be used for the encryption of all data, even trivial data such as
movies and music.
The existence of either a quantum-enabled one-time pad or an all-quantum cipher is a game-changer in
many of today’s legal conflicts.

The government will either violate 1st Amendment (free speech) and 4th Amendment (privacy)
rights or accept that criminals, terrorists, and enemy nations will be able to communicate
securely. Advocates for the first option will be able to paint a convincing picture of a future
19
filled with crime and terrorist attacks. If military researchers are first to find a way to feasibly
implement quantum-secure networks, the academic field of cryptography could be endangered.

A “reasonable expectation of privacy” will be much easier to demonstrate to a judge. However,
with the main vulnerability of quantum cryptography being key disclosure subpoenas and key
escrow schemes, those two issues will become major conflict topics.

DRM will be not be able to be circumvented. As a result, current Fair Use rights will disappear.
How can Sony let a school teacher copy a film for educational purposes when doing so requires
a quantum-encrypted key.
20
Conclusion
In an age of explosive growth of digital data storage and communication, cryptography plays in integral
role in our society. It is a challenge to respect the serious concerns of national security and copyright
protection while also safeguarding individual liberties. The main purpose of this report is to disseminate
basic cryptographic knowledge and discuss the implications of such knowledge on our society.
Furthermore, this report also confirms the feasibility and strength of quantum cryptography,
highlighting an almost certain legal battle and information technology revolution.
This report has accomplished its purpose. In conclusion, I list several recommendations for authorities
and individuals to ensure that the right to privacy is not infringed upon.
1. Export controls should be switched from “prohibited until specified” to “allowed until specified.”
The decision should be made more rationally, assessing if formal export controls would actually
stop ciphers from reaching the wrong hands.
2. Businesses should respond faster to increases in computing power. It was not until 2010 when
Visa and Mastercard prohibited merchants from using WEP, the vulnerable stream cipher.
3. Federal and State judges should be fairly briefed by both sides of the debate. Orin Kerr has
considerable sway so the Electronic Freedom Frontier should be given an equal opportunity to
brief the judges.
4. Authority should acknowledge the importance of peer review in cryptography. A published
paper detailing a flaw in a cipher strengthens the cipher, because hackers, now often
government-sponsored, may already know that vulnerability.
21
Works Cited
1. Committee to Study National Cryptography Policy. (1996). Cryptography's Role in Securing the
Information Society. (K. Dam , & H. Lin, Eds.) Washington D.C.: National Academy Press.
2. Davis, J., Htet, A., Hoshi, Y., Liu, C., Jia, Y., Mack, P., et al. (2008, February). Broken Ciphers and
Lost Secrets. Retrieved December 1, 2010, from http://www.lightupflorida.com:
http://www.lightupflorida.com/groupproject/home/Broken%20Ciphers%20and%20Lost%20Secr
ets.pdf
3. Ekert, A. (2005, November). Quantum Information Processing and Communication. Quantum
Cryptography, 101-110.
4. Hellman, M. E., & Diffie, W. (1979). Privacy and Authentication: An Introduction to
Cryptography. Proceedings of the IEEE, (pp. 397-427).
5. Kerr, O. S. (2001). The Fourth Amendment in Cyberspace: Can Encryption Create a "Reasonable
Expectation of Privacy?". Connecticut Law Review, 503-533.
6. Lawton, G. (2001). Is Technology Meeting the Privacy Challenge. Computer, 16-18.
7. Singhal, A. (1996). The Piracy of Prvacy? A Fourth Amendment Analysis of Key Escrow
Cryptography. Stanford Law and Policy Review, 189-210.
Most figures were found in Wikimedia Commons and are categorized as fair use.
Exceptions are:
Figure 1
http://image.guardian.co.uk/sys-images/Technology/Pix/pictures/2008/02/01/SeaCableHi.jpg
Figure 9
http://www.natlawreview.com/article/cryptographic-lock-baffles-fbi
Figure 10
http://www.digicrime.com/escrow/
A
Appendix
Detailed descriptions of ciphers.
RSA (Asymmetric/Public Key Cipher)
[4]
Note:
The mathematical concepts of totients and modulos are not covered in detail in this report.
ST is short for “such that.”
1. Choose two distinct prime numbers.
p = 61 and q = 53
2. Compute n=p·q.
n=3233
3. Compute the totients of product. For primes, the totient is maximal and equals the prime minus
one.
ϕ(pq) = ϕ(61·53) = (61-1)·(5301) = 3120
4. Choose any number e>1 ST e is coprime to 3120.
e = 17
5. Compute d ST d·e ≡ 1 (mod ϕ(p·q))
d = 2753 (since 17 · 2753 = 46801 and 46801 mod 3120 = 1)
Public Key: (n,e) or (3233, 17)
Encryption function is
Private Key: (n,d) or (2753)
Decryption function is
Example:
Plaintext: m = 65
Ciphertext: c = 6517 mod 3233 = 2790
Decrypted ciphertext: m = 27902753 mod 3233 = 65
B
B92 (Quantum Key Distribution using Polarized Light)
[3]
Given an optical cable, 2 polarizers, a light detector, a photon source, and an alternate (unsecure)
method of communication:
Rectilinear basis: 0 is up-down. 1 is left-right.
Diagonal basis: 0 is bottom-left to upper-right. 1 is
upper-left to bottom-right.
Using a polarizer and light source, Alice randomly
chooses which bit to send (0 or 1) and which basis
to use to send the bit. She sends the photon,
records the basis, bit, and time.
Either Bob can measure rectilinearly or diagonally,
which he chooses at random. If he measures a
photon with the wrong basis, the photon is shifted
into the measuring basis, but the result is random.
Alice publicly broadcasts the basis in which each
photon was sent and Bob broadcasts the basis in
which each photon was measured. Trials
measured with the wrong base (about half) are
discarded and the rest of the bits are used a
symmetric key.
The beauty of the method is that Eve, the eavesdropper, cannot choose Alice’s basis correctly every
single time. Hence, she cannot eavesdrop without changing the basis of Alice’s photon and erasing data.
Erased data is measured by Bob as wrong bits, which can be discovered when Alice and Bob publicly
exchange samples of their key.
Once the key is established, data transmission using AES or other block-ciphers can proceed.