The New York Times, May 7, 1997, p. D5. I.B.M. Researchers Develop A New Encryption Formula By Laurence Zuckerman I.B.M. plans to announce today that two of its researchers have come up with a new computer encryption formula that they say is nearly impossible to crack. The International Business Machines Corporation said that the breakthrough was still a long way from being employed outside the lab and that it did nothing to resolve the running dispute between the computer industry and the Federal Government over whether law enforcement agencies should be given access to encrypted communications. But it could ultimately help reduce the vulnerability of so-called public-key encryption, which is the favored security method used to safeguard commerce and privacy on the Internet. "They've made a big advance," said Joan Feigenbaum, a researcher at AT&T Labs in Murray Hill, N.J., who is familiar with the work of the two computer scientists who developed the system, Miklos Ajtai and Cynthia Dwork of I.B.M.'s Almaden Research Center in San Jose, Calif. "Scientifically, this is a big step in the right direction." But Bruce Schneier, a computer security consultant in Minneapolis and author of a standard textbook on cryptography, dismissed the news. "Theoretically it is important, but as a security breakthrough there is nothing new," he said. In public-key encryption, the sender of an electronic communication uses software that automatically scrambles the information by incorporating a publicly known numerical key. Decoding the scrambled transmission requires a private key, a number supposedly known only by the recipient. The security of the system depends, among other things, on how difficult it is for an electronic eavesdropper to crack the code using a powerful computer. If some of the codes that are generated by the system are difficult to break but others are easy, the system is inherently weak. I.B.M. said that its new system was the first to generate hundreds of codes at random, each of which is as difficult to crack as the hardest instance of the underlying mathematical problem. The system is based on a problem that has defied solution by mathematicians for 150 years, I.B.M. said. Mr. Schneier said that the cryptographic formulas now in use were already robust enough. The biggest challenge, he said, is creating security systems in the real world that are not vulnerable to hackers. "Cryptography is a lot more than math" he said. [End]