Securius Newsletter

May 29, 2001
Volume 2, Number 4
http://www.securius.com

Crypto Reading List, Part I
Crypto Reading List, Part 1

By Seth Ross

Summer is a great time to catch up on some light reading on a heavy topic, cryptography. The fresh air, blue skies, and warm weather provide the perfect setting for gaining some perspective on the patchwork of technology, people, and politics that defines information security. Roll out the beach blanket, open a cold one, and break open either of the two recommended texts below, one of which is grounded in the present, and one of which is concerned with the past. I'll start with present, as explained by _Crypto_ by Steven Levy, and segue into the past, as depicted in _Body of Secrets_ by James Bamford.

1. CRYPTO: HOW THE CODE REBELS BEAT THE GOVERNMENT -- SAVING PRIVACY IN THE DIGITAL AGE

Author: Steven Levy
Publisher: Viking
Pub. Date: January 4, 2001
Length: 356 pages
To buy on Amazon.com:
http://www.amazon.com/exec/obidos/ASIN/0670859508/pcguardian-20

Last month's newsletter (Vol. 2, #03) discussed how the war between the crypto community and the US federal government has wound down to détente and mutual accommodation:
http://www.securius.com/newsletter/archive/203.txt

Crypto is now everywhere, built into every major web browser and every major operating system from Windows 2000 to OpenBSD. In his book _Crypto_, Steven Levy has done an excellent job of telling the story of how a relatively small band of scientists, innovators, and activists brought encryption technology -- once an exclusively military tool -- to the masses.

Here you can meet Whitfield Diffie, the charismatic and eccentric co-discoverer of public key cryptography who came up with and then almost forgot one of the greatest discoveries in cryptographic history while walking to the kitchen to get a Coke. You'll meet Jim Bidzos, the flamboyant crypto pitchman for RSA Data Security who out-hardballed everyone from Microsoft to the National Security Agency (NSA), and Ray Ozzie, who fought for years to get government approval to include crypto in the earliest versions of Lotus Notes. You'll follow the triumphs and challenges that confronted David Chaum, the mathematician who invented untraceable anonymous cash while driving his VW van from Berkeley to Santa Barbara, and Philip Zimmerman, the sacrificial geek who invented Pretty Good Privacy.

While Levy takes the reader on a whirling biographical, historical, and technical tour of the crypto rebellion, he leaves key NSA actors in the shadows. You won't learn the names of the agents who slapped eerie SECRECY ORDERS on hapless crypto patent applications; find out who told Ray Ozzie that "we could stop your shipments of [Lotus] 1-2-3 tomorrow"; or discover the identity the obviously agitated gentleman who told Jim Bidzos, "If I see you in the parking lot, I'll run your ass over."

Levy's omissions are probably for the best. The "rebels" appear all the more heroic in the spotlight; the bad guys appear all the more threatening without names or faces. Besides, Levy is a great writer. _Hackers_, his first book, is a classic in the genre of computer books for general readers. He knows what he's doing and probably has more than a few great books left in him. Like the successful rebels Levy covers, Levy himself rides the thin line between tweaking authority and career suicide. In the end, everyone wins.

2. BODY OF SECRETS: ANATOMY OF THE ULTRA-SECRET NATIONAL SECURITY AGENCY FROM THE COLD WAR THROUGH THE DAWN OF A NEW CENTURY

Author: James Bamford
Publisher: Doubleday
Pub. Date: April 24, 2001
Length: 721 pages
To buy on Amazon.com:
http://www.amazon.com/exec/obidos/ASIN/0385499078/pcguardian-20

Very few books break news stories. _Body of Secrets_ is one of the few. This sweeping history of the National Security Agency (NSA) covers the period from World War II through the present. While _Crypto_ dwells on the shift from military cryptography to civilian cryptography, this text firmly anchors crypto in the realm of signals intelligence and military surveillance.

The most dramatic revelation in the book concerns the attack on the spy ship USS Liberty by Israeli warplanes during the 1967 Arab-Israeli war. According to Bamford, the attack was NOT an accident. Bamford cites the numerous difficulties faced by forward-placed spy ships and planes. While not referenced in the book, the recent downing of a US spy plane off the coast of China is only the latest example of a long series of high-risk misadventures.

Bamford's accounts of the Vietnam War form some of the most compelling material in the book. Despite overwhelming technical advantages, the US lost the "code war" with the Vietcong. US forces relied on unencrypted communication systems throughout the war. The Vietcong maintained an active eavesdropping capability that allowed their forces to evade destruction time and again. US air strikes were ineffectual against an enemy that mysteriously disappeared from target areas. Ground sweeps -- the ill-fated mission led by former US Senator John Kerrey comes to mind -- routinely encountered only the very old and the very young. Marines would storm deserted beaches.

Despite the availability of encrypted communication systems, US military commanders refused to mandate their use. They did not believe that the jungle-based Vietcong could make sense of their communications. Meanwhile, the Vietcong leader Ho Chi Minh personally addressed his force of code makers: "Cryptography must be secret, swift, and accurate. Cryptographers must be security conscious and of one mind."

Bamford himself appears to be of two minds in this book. On one hand, he's exposing -- as the subtitle suggests -- the "anatomy" of an ultra-secret organization (Bamford notes that NSA is sometimes expanded as No Such Agency). On the other hand, none of the book's disclosures really paint the agency in a bad light. Bamford glosses over the agency's domestic surveillance in the 1960s, which placed high-risk individuals like Jane Fonda and Martin Luther King Jr. on the agency's "watch list". While he mentions the Orwellian aspects of the worldwide surveillance system known as Echelon (I covered this back in Vol. 1, #07; see http://www.securius.com/newsletter/archive/107.txt), his coverage is thin and short on the kind of details that one can find on any one of a dozen conspiracy theory-oriented web sites. While Bamford confirms the existence of the agency's Men in Black, he only mentions a pair of details: they wear elaborate headsets; they wear black.

As a cross-over historical book that appeals to both the spy novel set and the paranoid fringe, _Body of Secrets_ is selling briskly. The book is heavily discounted on Amazon.com, but the truly paranoid will prefer to buy in a real bookstore with cash. As Cancer Man says on the X-Files, "There's always somebody watching, Mr. Mulder."



Subscribe to the Securius Newsletter
Please enter your email address:



Securius.com is a service of GuardianEdge Technologies.
Copyright © 2006 GuardianEdge. All rights reserved.
We will not share your personal information with third parties.
Nor will we contact you without your permission.