Crypto Reading List, Part I
By Seth Ross
Summer is a great time to catch up on some light reading on a heavy
topic, cryptography. The fresh air, blue skies, and warm weather
provide the perfect setting for gaining some perspective on the
patchwork of technology, people, and politics that defines information
security. Roll out the beach blanket, open a cold one, and break
open either of the two recommended texts below, one of which is
grounded in the present, and one of which is concerned with the
past. I'll start with present, as explained by _Crypto_ by Steven
Levy, and segue into the past, as depicted in _Body of Secrets_
by James Bamford.
1. CRYPTO: HOW THE CODE REBELS BEAT THE GOVERNMENT -- SAVING
PRIVACY IN THE DIGITAL AGE
Author: Steven Levy
Pub. Date: January 4, 2001
Length: 356 pages
To buy on Amazon.com:
Last month's newsletter (Vol. 2, #03) discussed how the war between
the crypto community and the US federal government has wound down
to détente and mutual accommodation:
Crypto is now everywhere, built into every major web browser and
every major operating system from Windows 2000 to OpenBSD. In his
book _Crypto_, Steven Levy has done an excellent job of telling
the story of how a relatively small band of scientists, innovators,
and activists brought encryption technology -- once an exclusively
military tool -- to the masses.
Here you can meet Whitfield Diffie, the charismatic and eccentric
co-discoverer of public key cryptography who came up with and then
almost forgot one of the greatest discoveries in cryptographic history
while walking to the kitchen to get a Coke. You'll meet Jim Bidzos,
the flamboyant crypto pitchman for RSA Data Security who out-hardballed
everyone from Microsoft to the National Security Agency (NSA), and
Ray Ozzie, who fought for years to get government approval to include
crypto in the earliest versions of Lotus Notes. You'll follow the
triumphs and challenges that confronted David Chaum, the mathematician
who invented untraceable anonymous cash while driving his VW van
from Berkeley to Santa Barbara, and Philip Zimmerman, the sacrificial
geek who invented Pretty Good Privacy.
While Levy takes the reader on a whirling biographical, historical,
and technical tour of the crypto rebellion, he leaves key NSA actors
in the shadows. You won't learn the names of the agents who slapped
eerie SECRECY ORDERS on hapless crypto patent applications; find
out who told Ray Ozzie that "we could stop your shipments of [Lotus]
1-2-3 tomorrow"; or discover the identity the obviously agitated
gentleman who told Jim Bidzos, "If I see you in the parking lot,
I'll run your ass over."
Levy's omissions are probably for the best. The "rebels" appear
all the more heroic in the spotlight; the bad guys appear all the
more threatening without names or faces. Besides, Levy is a great
writer. _Hackers_, his first book, is a classic in the genre of
computer books for general readers. He knows what he's doing and
probably has more than a few great books left in him. Like the successful
rebels Levy covers, Levy himself rides the thin line between tweaking
authority and career suicide. In the end, everyone wins.
2. BODY OF SECRETS: ANATOMY OF THE ULTRA-SECRET NATIONAL
SECURITY AGENCY FROM THE COLD WAR THROUGH THE DAWN OF A NEW CENTURY
Author: James Bamford
Pub. Date: April 24, 2001
Length: 721 pages
To buy on Amazon.com:
Very few books break news stories. _Body of Secrets_ is one of
the few. This sweeping history of the National Security Agency (NSA)
covers the period from World War II through the present. While _Crypto_
dwells on the shift from military cryptography to civilian cryptography,
this text firmly anchors crypto in the realm of signals intelligence
and military surveillance.
The most dramatic revelation in the book concerns the attack on
the spy ship USS Liberty by Israeli warplanes during the 1967 Arab-Israeli
war. According to Bamford, the attack was NOT an accident. Bamford
cites the numerous difficulties faced by forward-placed spy ships
and planes. While not referenced in the book, the recent downing
of a US spy plane off the coast of China is only the latest example
of a long series of high-risk misadventures.
Bamford's accounts of the Vietnam War form some of the most compelling
material in the book. Despite overwhelming technical advantages,
the US lost the "code war" with the Vietcong. US forces relied on
unencrypted communication systems throughout the war. The Vietcong
maintained an active eavesdropping capability that allowed their
forces to evade destruction time and again. US air strikes were
ineffectual against an enemy that mysteriously disappeared from
target areas. Ground sweeps -- the ill-fated mission led by former
US Senator John Kerrey comes to mind -- routinely encountered only
the very old and the very young. Marines would storm deserted beaches.
Despite the availability of encrypted communication systems, US
military commanders refused to mandate their use. They did not believe
that the jungle-based Vietcong could make sense of their communications.
Meanwhile, the Vietcong leader Ho Chi Minh personally addressed
his force of code makers: "Cryptography must be secret, swift, and
accurate. Cryptographers must be security conscious and of one mind."
Bamford himself appears to be of two minds in this book. On one
hand, he's exposing -- as the subtitle suggests -- the "anatomy"
of an ultra-secret organization (Bamford notes that NSA is sometimes
expanded as No Such Agency). On the other hand, none of the book's
disclosures really paint the agency in a bad light. Bamford glosses
over the agency's domestic surveillance in the 1960s, which placed
high-risk individuals like Jane Fonda and Martin Luther King Jr.
on the agency's "watch list". While he mentions the Orwellian aspects
of the worldwide surveillance system known as Echelon (I covered
this back in Vol. 1, #07; see http://www.securius.com/newsletter/archive/107.txt),
his coverage is thin and short on the kind of details that one can
find on any one of a dozen conspiracy theory-oriented web sites.
While Bamford confirms the existence of the agency's Men in Black,
he only mentions a pair of details: they wear elaborate headsets;
they wear black.
As a cross-over historical book that appeals to both the spy novel
set and the paranoid fringe, _Body of Secrets_ is selling briskly.
The book is heavily discounted on Amazon.com, but the truly paranoid
will prefer to buy in a real bookstore with cash. As Cancer Man
says on the X-Files, "There's always somebody watching, Mr. Mulder."