In the time it's taken politicians to throw up a road block, an MIT professor has invented a new encryption technology

Click to follow
The Independent Culture
Politics and technology are becoming increasingly intertwined. Which is to be expected: technology has created great wealth in some places, and money is the most potent of political lures.

Sniffing money, politicians have a way of showing up and proposing a tax, a law, an embargo, a moratorium, an investigation, a witch hunt or an all-out ban - or otherwise blocking, entangling, obfuscating or getting in the way. The reason is simple: if some process is creating wealth and jobs and raising living standards without them, politicians worry, rightly, that we will begin to wonder why we need them.

Conversely, if a pol can make enough trouble, at some point it just gets easier to play along. Once upon a time in America, there was another class of citizen who practised a similar approach. In certain, often humble neighbourhoods, these folks would come along selling "insurance" - insurance that your windows didn't get smashed, or your arm broken, or your head cracked. Folks didn't like it very much but were pragmatic enough to pay up, at least if they owned any windows, arms or heads.

Giving in means ceding power. And power and money are to politicians as matter and energy were to Albert Einstein: two sides of the same coin.

So it is with our political leaders, and their methods date from at least the epoch immediately following the casting out from the Garden of Eden. Recently, however, many of these same leaders find themselves struggling to keep up with the pace of technological change.

Technology moves so fast that opportunities flash past too quickly for this set to get their hooks in. It even comes to pass that once they've got their arms around something, a twist in the technology leaves them with empty hands. Just such a situation may currently be in the making.

America's political leadership has drawn a bead on strong encryption. They absolutely refuse to let citizens keep their private affairs private, using the pretty flimsy pretence that they're doing this to keep encryption out of the hands of criminals. Most not-particularly-sharp 10-year-olds can tell you that, by definition, making something illegal keeps it out of the hands of the law-abiding, not the criminal, element.

Even though his advisers admit that this policy is a failure, President Clinton continues to support the notion that all encryption schemes must have a "back door" key that the government can get their hands on whenever they want to check up on us.

The Feds have indicated that they will never mess with authentication keys - digital signatures that individuals and corporations can use to prove, among other things, that they are really who they say they are when conducting transactions.

So it was amusing this week to come across a new scheme for securing messages - by Ronald Rivest, an MIT professor - that does not depend on secret keys or encryption. Rivest (he's the "R" in "RSA encryption") proposes a system called "chaffing and winnowing". Chaffing, Rivest explains, is the reverse of winnowing, which means "to separate or eliminate the poor or useless parts".

Chaffing and winnowing work like this: an author, say, Alice, composes a message to Bob, and breaks it into convenient blocks of text. She precedes each plain-text block with a sequence number, and ends it with an authentication code computed from the text, plus her own authentication key.

At some point, a bunch of dummy blocks (or blocks of messages from other users) are randomly mixed in with Alice's. Alice can do this, or she can let somebody downstream do it - say, her Internet service provider. ISPs already send all their traffic as intermingled blocks called packets.

Bob just has to look for a complete sequence of blocks with the correct authentication code, jettison the extras, the chaff, and he's got the whole message. In practice, Alice and Bob's software would do all of this invisibly. Alice's would break up the message, add the sequence number and calculate the authentication keys, while Bob's would reject any message block that didn't match the sender's key and reassemble the full text.

It should be noted that this scheme, so far, is very much like what happens to any message sent electronically over a network. Messages are routinely broken up into packets with a sequence number and a check-sum or other code that allows the receiver to know if the packet was transmitted correctly. A law against this scheme would essentially be a law against messaging on networks with current techniques.

If the blocks were sized or otherwise handled cleverly, and enough chaff were mixed in, the odds of someone recovering the right blocks without knowing the authentication key could be made extremely slim - as slim as they are in the case of strong encryption. There are a number of twists that can be added - none of which depend on encryption or secret keys - which can make this system very, very secure.

This legerdemain makes escrowed recovery keys useless - remember, the message itself is in plain text - and depends instead on authentication keys that the US government has pledged it will never touch.

In short, in the time it has taken a few hundred politicians to throw up a road block, a professor has just invented a new technology. As Rivest puts it: "The policy debate about regulating technology ends up being obsoleted by technological innovations."

Maybe Rivest's greatest contribution will be to winnow the citizenry from politician's chaff.