I am going to be teaching a seminar on computer law next quarter. One area the casebooks seem to entirely ignore is encryption--the area where technology is currently supporting privacy and weakening state power. I would appreciate either references to or on line copies of useful material. The three main things I need are a clear explanation of the technology (public key cryptography in particular),

I assume that you just want an explanation of what the technology does, not how exactly it works, i.e. I am not going to include the formulas and algorithms, just a description of what it does and how it can be used. Here's a summary of a couple of the most relevant technologies: PUBLIC KEY CRYPTOGRAPHY -- each person generates two keys, one is called teh public key the other is private. These two are related in that what is encrypted with one can only be decrypted with the other. It is impossible (computationally infeasible) to derive one knowing the other. The most popular public key cryptography algorithm is RSA, which is based on the ease of multiplying large primes, and the difficulty of factoring the product. How it is used: you publish the public key, while keeping the private key to yourself. Anyone can send a secret message to you by encrypting it with your public key. You are the only one that can decrypt the message, since only you have the private key. You can reply by encrypting your message with their public key, and they can decrypt it with their private key. DIGITAL SIGNATURES -- techniques that are used to verify that a message claiming to be from you was actually written by you. To do that, you compute a "message digest", which is similar to a "checksum" in that it can be used to check that the message has not been altered. Then you encrypt the "digest" with your private key and attach to the message. Currently the most popular "digest" algorithm is MD5. To verify a signature: the person verifying computes the same checksum, then decrypts the checksum attached to the message. If the two match, the message must have been signed by you, since no-one else has your private key, and could not have generated the signature. DIFFEY-HELLMANN KEY EXCHANGE -- a protocol by which two communicating parties can arrive at a secret piece of information that can not be known to a passive eavesdropper (as in a wiretap), and can not be recovered from analysis of recorded communication. This secret piece of information is usually used as the key for a conventional cryptography algorithm such as DES or IDEA to encrypt following communication. SENDER UNTRACEABILITY -- use of a protocol by which one of a group of commnicating entities can send a public message, while it is impossible to trace the message to the sender. This can be used to send messages anonymously or pseudonymously and untraceably. One of the protocols that makes this possible is David Chaum's dc-net protocol, in which every participant sends some data, and when all the data are combined, the anonymous message emerges. Another is the mix-net, or "remailer" approach. In this case, you send your message to a re-mailer, with encrypted instructions on where to send it. By sending your message through a chain of such remailers, untraceability is achieved. RECEIVER UNTRACEABILITY -- a method by which you can retrieve a message sent to you, without anyone having any way of knowing that you received the message, or indeed if you received any message at all. How it works: anyone wanting to leave a message to you encrypts it with your public key, and posts it on a "bulletin board". You download all the messages from the bulletin board periodically, and see if you can decrypt any using your private key. DIGITAL CASH -- one entity creates some amount of digital "tokens", which may then be transfered to other people, who can transfer them between each other, and when they are returned to their creator, he can not trace the transactions that have occured, only the total balance of a person at the end of the set of transactions.

a clear explanation of how it can be used and why it matters,

Each of these technologies by itself can not accomplish much. But if all these are put together, any person can send messages to any other person, without anyone but the two of them knowing that a message was sent, or what it said. As for why it matters, I include here Timothy C. May's Crypto Anarchist Manifesto: The Crypto Anarchist Manifesto Timothy C. May tcmay@netcom.com A specter is haunting the modern world, the specter of crypto anarchy. Computer technology is on the verge of providing the ability for individuals and groups to communicate and interact with each other in a totally anonymous manner. Two persons may exchange messages, conduct business, and negotiate electronic contracts without ever knowing the True Name, or legal identity, of the other. Interactions over networks will be untraceable, via extensive re- routing of encrypted packets and tamper-proof boxes which implement cryptographic protocols with nearly perfect assurance against any tampering. Reputations will be of central importance, far more important in dealings than even the credit ratings of today. These developments will alter completely the nature of government regulation, the ability to tax and control economic interactions, the ability to keep information secret, and will even alter the nature of trust and reputation. The technology for this revolution--and it surely will be both a social and economic revolution--has existed in theory for the past decade. The methods are based upon public-key encryption, zero-knowledge interactive proof systems, and various software protocols for interaction, authentication, and verification. The focus has until now been on academic conferences in Europe and the U.S., conferences monitored closely by the National Security Agency. But only recently have computer networks and personal computers attained sufficient speed to make the ideas practically realizable. And the next ten years will bring enough additional speed to make the ideas economically feasible and essentially unstoppable. High-speed networks, ISDN, tamper-proof boxes, smart cards, satellites, Ku-band transmitters, multi-MIPS personal computers, and encryption chips now under development will be some of the enabling technologies. The State will of course try to slow or halt the spread of this technology, citing national security concerns, use of the technology by drug dealers and tax evaders, and fears of societal disintegration. Many of these concerns will be valid; crypto anarchy will allow national secrets to be trade freely and will allow illicit and stolen materials to be traded. An anonymous computerized market will even make possible abhorrent markets for assassinations and extortion. Various criminal and foreign elements will be active users of CryptoNet. But this will not halt the spread of crypto anarchy. Just as the technology of printing altered and reduced the power of medieval guilds and the social power structure, so too will cryptologic methods fundamentally alter the nature of corporations and of government interference in economic transactions. Combined with emerging information markets, crypto anarchy will create a liquid market for any and all material which can be put into words and pictures. And just as a seemingly minor invention like barbed wire made possible the fencing-off of vast ranches and farms, thus altering forever the concepts of land and property rights in the frontier West, so too will the seemingly minor discovery out of an arcane branch of mathematics come to be the wire clippers which dismantle the barbed wire around intellectual property. Arise, you have nothing to lose but your barbed wire fences! -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | PGP Public Key: by arrangement.

and a brief summary of the present legal/political situation--in particular, attempts and suggestions that have been made to control the technology.

The FBI has proposed a "Digital Telephony" bill, which would require all providers of any kind of communications service to build in a wiretap capability for the government. Department of State is restricting the export of any crypto software, claiming that it is a weapon, and therefore falls under ITAR (International Traffic in Arms Regulations) rules. Public Key Partners (PKP) holds the control of patents that cover RSA, and possibly the very idea of public key cryptography. Someone (I can't provide a reference) has proposed that anyone that uses encryption should be required to register their key with the Justice Department, so that the text could be decrypted if a search warrant is issued. These are all the attempts to control this technology that come to my mind right now. The Electronic Frontier Foundation (EFF) can probably provide more information (e-mail to eff@eff.org).

David Friedman DDFr@Midway.UChicago.Edu DDFr@AOL.Com

-- Yanek Martinson mthvax.cs.miami.edu!safe0!yanek uunet!medexam!yanek this address preferred -->> yanek@novavax.nova.edu <<-- this address preferred Phone (305) 765-6300 daytime FAX: (305) 765-6708 1321 N 65 Way/Hollywood (305) 963-1931 evenings (305) 981-9812 Florida, 33024-5819