[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Article from March Scientific American
- To: [email protected] (Cypherpunks Mailing List)
- Subject: Article from March Scientific American
- From: [email protected] (Nate Sammons)
- Date: Wed, 16 Feb 1994 17:48:03 -0800 (PST)
From Scientific American, March 1994, pages 90 - 101.
This is not the whole article, just the part pertaining to up
(reprinted withut permission) please excuse any spelling errors!
-------- cut here --------
Parker = Donn B. Parker, SRI International
Denning = Dorothy E. Denning, Georgetown University
Ware = Willis Ware, Rand
Ranum = ??
Farber = David J. Farber, University of Pennsylvania
Spafford = Eugene H. Spafford, Purdue University
If passwords should traverse the Internet only in encrypted form, what
about other sensitive information? Standardization efforts for
"privacy-enhanced" e-mail have been under way for more than five years,
but widespread adoption lies well in the future. "The interoperability
problem is nasty," Ware says, unless everyone has software that can
handle encrypted messages, it is of little use to anyone.
Encryption could provide not only privacy but authentication as well:
messages encoded using so-called public-key ciphers can uniquely identify
both recipient and sender. But encryption software in general remains at
the center of a storm of political and legal controversy. THe U.S.
government bars easy export of powerful encoding software even though the
same codes are freely available overseas.
Within the U.S., patent rights to public-key encryption are jealously
guarded by RSA Data Security, a private firm that licensed the patents
from their inventors. Although software enploying public-key algorithms
has been widely published, most people outside the U.S. government cannot
osse it without risking an infringement suit.
To complicate matters even further, the government has proposed a
different encryption standard, one whose algorithm is secret and whose
keys would be held in encrow by law-enforcement agencies. Although many
civil libertarians and computer scientists oppose the measure, some
industry figures have come out in favor of it. "You can't have absolute
privacy," Parker says. "A democracy just can't operate that way."
The question is not whether cyberspace will be subjected to legislation
but rather "how and when law and order will be imposed," Parker says. He
predicts that the current state of affairs will get much worse before the
government steps in "to assure privacy and to protect the rights people
do have."
Others do not have Parker's confidence in government intervention. Ranum
forsees an internet made up mostly of private enclaves behind firewalls
that he and his colleagues have built. "There are those who say that
fire walls are evil, that they're balkanizing the Internet," he notes,
"but brotherly love fall on it's face when millions of dollars are
involved."
Denning counts herself among the optimists. She lends her support to
local security measures, but "I don't lose any sleep over security," she
says. Farber, also cautiously optimistic, sees two possible directions
for the Internet in the next few years: rapid expansion of existing
services, or fundamental reengineering to provide a secure base for the
future. He leaves no doubt as to which course he favors. Spafford is
likeminded but gloomier. "It's a catch 22," he remarks. "Everyone wants
to operate with what exists, but the existing standards are rotten.
They're not what want to build on."
Even if computer scientists do redesign the Internet, he points out,
putting new standards in place may be impossible because of the enormous
investment in old hardware and software. So much of the Internet rests
on voluntary cooperation, he observes, that making sweeping changes is
almost impossible.
Then again, Ware counters, perhaps piecemeal evolution may be the only
possibility. No single organization understands the idea of a national
information infrastructure well enough to be put in charge, he contends:
"There's no place to go and say `Here's the money, work out all the
problems.' There aren't even three places, and I'm not sure there should
be."
In the meantime, the network grows, and people and businesses entrust to
-------- cut here --------
-nate
--
+---------
| Nate Sammons <[email protected]> PGP Key and fingerprint via finger.
| Kill The Clipper. Question Authority. Encrypt everything in sight.
+---------