Electronic Frontiers Georgia


The EFG Cryptography Working Group


What is Cryptography?

As we move into the information age, technologies such as miniaturized electronics and high-speed data networking are having profoundly positive effects on our ability to communicate. However, technology is a double edged sword. An increased ability to communicate means an increased risk that our communications will be spied upon. Cameras and microphones can be hidden in eye glasses and wrist watches. Internet traffic can be tapped passively at key sites; literally hundreds of thousands of network communications can be automatically scanned for key words, identified, and logged. The information age is often been called the surveillance age. Information espionage is a very real and constant threat in the online world. There is one technology that strikes a balance; one technology that allows people to communicate without fear. That technology is cryptography. Cryptography will be the life-blood of the new information economy, as it is the only viable means through which information can be protected.

Cryptography means writing in code. Modern crypto-systems employ complex mathematical algorithms which encode data so securely that all the computers in the world couldn't crack them in a million years. These algorithms allow people to store data on their computers and transfer it across networks without fear that it will be intercepted and read. Crypto-systems are used to protect large electronic fund transfers, credit card transactions, proprietary data, government secrets, and private coorespondance; even love letters. The same cryptography algorithms have other uses as well. Secure cryptographic digital signatures create a system of repudibility for email and electronic documents, and other crypto algorithms have the reverse effect, granting online pamphleteers and whistle-blowers much needed anonymity.

Despite its many benefits, cryptography is quickly becoming one of the most controversial issues in the realm of online policy. Governments fear the privacy and anonymity that cryptography grants citizens, and possibly criminals. The Clinton Administration has asked that all those who use cryptography to escrow their keys with the government, so that documents can be read with proper court authorization, and they have banned the export of powerful crypto-systems. These actions have brought resistance from privacy advocates who claim that the government does not have the right to pry so intrusively, and businesses who cannot sell secure network technologies to foreign countries without weaknesses to allow for U.S. spying.

Given the immediate importance of this issue, Electronic Frontiers Georgia has formed a Cryptography working group. We hope to educate our state government and citizens about these issues so that informed debate can take place, and a solution can be reached.


Where can I find information on crypto policy issues?

FAQs:

Organizations:

Archives:

Papers:


Where can I find cryptographic tools?


Where can I learn more about how cryptography works?

Cryptography is a very interesting topic from a scientific perspective as well as from a policy perspective. One good way to find information on cryptography is to check your local library. Most encyclopedia's have some basic information, and there are many books on basic codes and ciphers and the history of crypto. A few minutes of research can provide you with hours of interesting intellectual exploration.

Most new students of crypto choose for themselves an impossible goal. Many plan on coming up with a new, unbreakable crypto algorithm. Sorry to bust your bubble, but it isn't going to happen. Cryptography is such an evolved science at this point that in order to push the envelope you need a PhD in math and years of research under your belt. However, the mathematicians are only concerned with the science, not the applications. Computer users have been coming up with numerous new applications for crypto that are changing the face of computer security. Anonymous remailers are a good example. People with computer and networking experience are definately needed to put these powerful tools to use. Crypto will be an essential part of the networking infrastructure of tommorow.

There is no reason to start off trying to understand complex military strength algorithms like PGP. Simple substitution ciphers can teach you the basics of how crypto algorithms work, and how they can be cracked. For instance; a common crypto algorithm is the ceaser cypher. Take a block of text and increment each character by four letters. The text is now encrypted. You can send the text to a friend, and at first glance it looks like gibberish. However, "e" is the most common letter in the english language. If an attacker took a look at your encrypted text and counted the frequency of the letters, he would immediately see that "i" is the most common letter in the text. If he assumes that "i" is "e" he can see that the text was incremented by four characters. He can now decypher your love letter and read it. In high school I wrote a program that does this kind of analysis. Run it on a large text file and you can see the character frequencies of english text.

An excellent resource for learning about crypto is Applied Cryptography by Bruce Schneier. It contains an extensive converage of various algorithms and how they work. It should be on the shelf of everyone who has an interest in crypto. Furthermore, once you start learning about crypto, the Cypherpunks and Coderpunks mailing lists are good places to learn more and to discuss the implications of this technology.

Here are some more resources for your exploration:

FAQs:



If you have any questions of comments please email us.
Return to EFGA Home Page