MODERATOR: Well. Getting back to censorship. I'm not quite sure what Phil Zimmermann is going to talk about, but I have a feeling that unlike some computer experts that I've talked to who think that the wide dissemination of encryption software like Phil Zimmermann's Pretty Good Privacy make the Digital Telephony Act no big deal because all the government will get is static when they tap in on these new phones, I have a feeling that he is a little bit more suspicious of the possibility of restrictive government action. So perhaps we can now find out what we might loosely call "the censorship crunch" (ph) and what is going to happen in it. Phil Zimmermann. ZIMMERMANN: How many people here know what PGP is? Okay. How many people don't? Okay. Looks like we've got about half and half maybe. Well, I'm not here to talk about PGP mostly but rather government policies, but I'll just talk about it a little bit. Cryptography is the art of making secret writing. It's been around for a long time. The problem is if I want to send you a message I use a key to scramble that message up and then you have to use the same key to unscramble it. The problem is how do I tell you what the key is? Do I tell you over the telephone what the key is to unscramble the message? If I do that then it can be inter- cepted, and so that's the problem with cryptography. In fact that has been the problem with cryptography since the days of Julius Caesar. But in the late 1970's some mathematicians at Stanford and M.I.T. devised another kind of cryptography that solves that problem of key distribution. It's called Public Key Cryptography, and the way it works is that there are really two keys. One encrypts, the other decrypts. As a matter of fact the two keys have a kind of yin-yang relationship so that either one will decrypt what the other one encrypts. This means that if you generate a pair of these keys, everybody generates a unique pair of keys for themselves, the keys have this mathematical relationship like this. They're kind of like Siamese twins. And you separate them at birth and you broadcast one of them to the world and put it on all your business cards and in your telephone book and, you keep the other one secret. Then if anyone wants to send you a message they encrypt it with the key that you published. That's your public key. But you're the only person in the world that can decrypt that message with the corresponding secret key. This solves the problem of key distribution. You don't need secure channels to distribute keys beforehand. With the old way that cryptography used to work before Public Key Cryptography came along, you needed a secure channel for the prior distribution of keys. Well, if you had a secure channel for the prior distribu- tion of keys then why do you need to use any cryptography at all? You know, I remember my Mom used to tell me when I was a kid that if you sprinkle salt on a bird's tail you can catch the bird. And for years I wondered about that. You know, maybe there's something about salt and birds. But I finally figured out why you can catch a bird if you can sprinkle salt on its tail. So if you could get a secure channel to distribute keys, then you've got the communica- tion problem solved. But maybe you could just send your message through that secure channel. Well, with Public Key Cryptography you don't need any secure channels. So if you combine that with the technologies of the Information Age, modems, personal computers, fax machines, etc., then you have a really good synergistic combination of tech- nologies that makes it possible for the first time for cryptography to affect millions of people in their everyday lives. In the old days before Public Key Cryptography you would have to do this prior distribution of keys. Governments didn't mind doing this, because they could put a guy on a plane to Moscow with a satchel handcuffed to his wrist carrying keys to the Embassy there. They don't mind paying the salary of somebody and buying them an airline ticket to do that. But if you're going to talk to your cousin in Colorado you're not going to do it by sending a courier carrying keys. So cryptography never had a chance to affect the lives of millions of people until Public Key Cryptography was invented and personal computers and the Information Age came along. Well, how many people here don't know what the Clipper Chip is, or haven't heard of it? Or just don't know what it is? Okay. I see almost everybody does. I'll just say a couple of words, but I'll abbreviate my remarks about the Clipper Chip. The Clipper Chip is an encryption device that the government is making for us that they hope we'll put in all of our telephones. It encrypts our telephone conversations so we can talk to other tele- phones that also have the Clipper Chip. The trick though is that at the time of manufacture the government puts the keys for encryp- tion and decryption in these chips, and they keep a copy of these keys for wiretap purposes. You know, I haven't talked to an audience where it wasn't immediately obvious to everybody that there's a problem with that as far as -- you know, I was talking on the phone the other day with the General Counsel of the NSA. I'm going to be debating him next week in Los Angeles and so we were talking about what we were going to do in the debate. And I made the remark that there is a difference in attitude between people on the inside and people on the outside. What I was talking about of course was inside the government, and in particular the law enforcement and the intel- ligence agencies. He said something like, that I was assuming a lot to think that it was just people on the inside who were for the Clipper Chip, and, you know, I just -- I don't remember running into too many people on the outside that felt differently. The government is trying to at first not pass legislation to make us use the Clipper Chip but rather to use government spend- ing power to make an awful lot of Clipper Chips deployed. They're using government spending power both to buy Clipper Phones that have the Clipper Chip in it and then they're going to use govern- ment spending power to require government contractors to buy Clipper Phones if they want to talk to the government. Well, this kind of gets the production lines going and brings the cost down. It makes it cheap enough so that it can be used more and more by the general population, the related chips to the Clipper Chip. It's not just the Clipper Chip. There's a whole series of chips the government's making. Capstone (ph) is another chip. They have this little card, a PCMCIA card. It's something that slips into your personal computer, into your notebook computer, that they're calling the Tessera Card, and the Tessera Card has got something similar to the Clipper Chip in it and it can do digital signatures, and they want you to file your taxes with it electron- ically. You know, it's funny. They call it the Tessera Card. Now I looked up "tessera" in the dictionary. I've got one of those giant, thick dictionaries. And tessera is a name that ancient Rome had for these little cards that were kind of like that, the size and shape of a Tessera Card, kind of a tile. And it was an identity card. And slaves were required to carry it, and if you didn't they could chop your head off or something awful like that. And I thought what a brilliant stroke of naming, you know? Who thought of that? I was talking to Clint Brooks, the Assistant to the Director of the NSA, in Los Angeles a couple of months back. We were on a panel together to argue this point. And he said that he was the one who named the Clipper Chip, and he was thinking that for these things, for example the Clipper Chip may not have been the best choice of names for it because people think of clipper as clipping the wings of democracy. Of course cryptographers like to rearrange letters and things because we like to do that, so we kind of just moved a couple of letters around and called it the Cripple Chip. So anyway what they're trying to do is to use government spending power to change the facts on the ground. Not by legis- lation, but by changing the facts on the ground. We don't have any laws requiring us to use 120 volt AC power, but we do. When was the last time you saw a 48 volt vacuum cleaner? It's the tyranny of the installed base. That's why, you know, all computers are Windows or MS-DOS computers or Macintoshes. It's something that, if it's out there and it's -- deployment wins, in other words. Well, the government is not the only ones that can change the facts on the ground. I can change the facts on the ground. I've already done that to some extent. And I'm going to do it some more. You know if we wake up one morning with 100 million Clipper Phones installed it's going to be too late to worry about changing government policy. It doesn't matter who we elect President. We could have somebody elected President that says, "Elect me and I promise to get rid of all these Clipper Phones." It won't do any good at all. The installed base and the technology infrastructure is more powerful than a government, is more powerful than government policy. There is no way we could change, you know, our power standards. There is no way that a government can decide that we're not going to use PC's anymore or something like that. So that's what they hope to do with Clipper. Well right now PGP, Pretty Good Privacy, a program that I wrote that does E-mail encryption using Public Key Cryptography and using other algorithms that were chosen from the academic literature, the most powerful algorithms, the ones that had been the best peer reviewed, not my own home grown invented algorithms, because those had not been through the kind of peer review it takes to stand up to major governments. PGP uses the best algorithms in the academic literature. PGP has become the most widely used program in the world for E-mail encryption, bar none. Nothing else comes even close. It's used all over the world. It's used in Burma by political opposition groups in Burma, freedom fighters in Burma. Burma has an absolutely wretched government. They torture and kill thousands of people. They have a Nobel Peace Prize Laureate in custody in Burma. They're being trained to use PGP in Burma in jungle training camps on portable computers. They take this knowledge to other jungle training camps and teach them too. I talked to somebody who's connected with those groups and they tell me that it's raised morale quite a bit because before PGP came along captured documents would lead directly to the arrest and torture and execution of entire families. I talked with a guy who was a human rights worker in Central America. This was at the offices of the American Association for the Advancement of Science in Washington. They have a human rights group there. And he told me that he was documenting atrocities, death squads, and he encrypts his files with PGP. But if the government found his files they would go and kill all his witnesses, probably not very fast either. PGP is saving lives there. I gave him a few pointers on good disk hygiene, how to keep his stuff clean, not just -- using PGP alone isn't enough. Well, my next project is a secure voice project. I just a couple of nights ago spent about a half an hour talking to one of my lawyers over it. I haven't put the encryption in yet. It does it all without encryption. But you talk into your personal com- puter with a SoundBlaster board that compresses your voice, digi- tizes, compresses and encrypts your voice, sends it out through a modem, and at the other end it reverses those steps. So we have this in test now, and I hope to release this through M.I.T. M.I.T. is the current official publisher of PGP. They have what is known as an FTP (ph) site. That's something on the InterNet. It means that anybody can get a file from their computer by just reaching in and grabbing it. But their FTP site is structured in such a way that people outside the United States can't do that. They won't let people in from outside the United States. And not only that, even if you're inside the United States it makes you answer a questionnaire saying that you are an American, that you're not going to export this and promise not to export it, and if you answer yes to the right questions it will let you get PGP. It didn't take very long before PGP showed up in Europe after that, probably the same day. Information wants to be free. Apparently that applies to free software more than anything else. PGP was published in June of 1991 initially. It spread like dandelion seeds blowing in the wind. It didn't take very long for it to spread to Europe. Now M.I.T. with their lawyers and their prestige is standing there publishing PGP in a way identical to the encryption methods that they have used for publishing other encryption software without any previous harassment by the federal government on their doing it improperly, so they haven't gotten any complaints about the way they're publishing PGP either. All future versions of PGP for the foreseeable future are going to be pub- lished that way, so I hope that that will protect it. You [Corn-Revere] mentioned the Carr (ph) case. There is a book by Bruce Schneider called Applied Cryptography, and it has encryption algorithms in it. I liked it. I like the book, the preface of the book. It's good. He says, "There are two kinds of cryptography in this world: the kind that can prevent your kid sister from reading your messages and the kind that can prevent major governments from reading your messages. This book is about the latter." You know, I wanted to steal that line for my book because he stole many lines from my book in his book without an attribution. But that's okay because information wants to be free and I like to be quoted even if he doesn't credit. So I might call up Bruce and ask him if I could put that in my preface for that book. A guy named Phil Carr took Bruce Schneider's book and applied for an export license. Actually he applied for a commodities jurisdiction grant by the State Department that the book can be -- that this item can be exported. It was immediately granted, because it was a book. He then applied for a CJ, commo- dities jurisdiction, to export a floppy disk containing the same source code in the book, exactly byte for byte the same source code, and they said no. He has appealed it. They said no again. Members of my own legal defense team are helping in his appeal. This is a multifront war. You know, it's funny. The number of lawyer jokes that I've told has gone down in the last year. I'm starting to run into lawyers that are actually men of conscience. It's great. I'm about to publish the source code for PGP in a book through M.I.T. Press. Books may be exported. I'm going to put it in an OCR font. We're going to apply for a commodities jurisdic- tion. We're probably going to get it, we presume. If they don't it's going to be the first time that it was ever declined for a book and I think the press would probably make much of that. They probably know that, and they'll probably take that into their calculations when they decide whether to grant this jurisdiction. If they do that then I'll also publish the secure voice project I'm working on in a book through M.I.T. press and see what happens with that. The government is -- you know, I found this interesting, the point about the different media affecting what the government tries to say, what we have free speech in. When telephones were first invented there was an attitude in the government that you could wiretap these things without a court order because they didn't go into your house to do it. It was not a violation of the Fourth Amendment of unreasonable search and seizure because they could just go down the block and attach their alligator clips to the copper and that would be all that's needed. So it took fifty years of litigation to come up with the idea, or rather to establish the idea that you need a court order to do a wiretap. Well, we're facing the same thing again on the InterNet. When the Founding Fathers made the Constitution they didn't think it was necessary to say that we had a right to a private conversa- tion, because there was no technology at the time that made it hard to have a private conversation. If you want to just go talk behind the barn with somebody you can say whatever you want and you don't have to worry. You don't have to codify it in the Constitution that you're allowed to do that. But now most of our conversations are over copper or glass fiber. Most of the people I talk to I've never seen the face. Maybe I will when they have those AT&T things. Have you ever had a $10,000 phone bill? I know I don't plan on installing a videophone in my house, because most of my East Coast clients think that I wear a suit all the time. They don't know how I work. I ought to be able to whisper in your ear even if your ear is 1,000 miles away. And the government says I can't do that, and that's what this whole thing is about, removing all of our communication from vibrating air molecules to photons. As more and more of our traffic switches to electronic media it becomes more and more lucrative to tap into it. You can't read all the paper mail. The government can't read it all. They can read one per- son's paper mail if they target somebody, but they can't read it all. It's too much work to read everyone's paper mail. But they can read everyone's E-mail. A single government computer could scan every single piece of E-mail in the country, all of it, every day, constantly. Now I'm not saying they do that, but the technology exists that they could. And it could scan for subversive key words and it could look for political troublemakers. It could look for, you know, the next anti-Vietnam War protesters or the next civil rights protesters or the next environmental protesters, whatever the issue of the day is. Some unpopular war or something like that could come up again, and they'll be able to find people who are talking about it. What could Joe McCarthy have done with these kinds of tools? What about traffic analysis? What about all these E-mail headers that say who it's from, who it's to, what the subject is and so on? I think this means that we should try to encrypt all of our E-mail, because that's the only way to put it back the way it was with paper mail. In fact it puts it beyond that. This is not a black and white issue, because there are some downsides to this. There's never been a time in our history where it's been possible to place information beyond the reach of the collective efforts of society, but with modern cryptography you can. You know, if you put information in a bank vault you can always get it out with dynamite or welding torches or something like that. I remember in Butch Cassidy and the Sundance Kid, you know, the dynamite, where it's raining money, you know? Used enough dynamite there, Butch? You can always get that information when it's physically protected. But it's now possible for the first time in history to place information beyond the reach of the collective efforts of society. The Gross National Product is not enough to get it out. It takes less energy to make a round trip to the nearest solar system than it does to compute the prime factors of some large composite number. I'm going to read you a quote that I got from a guy in Latvia. I always read this quote, so to those of you who've heard me speak before I apologize for the repetition. I got this, it was sent to me by E-mail, on the day that Boris Yeltsin was shelling his Parliament building in October of '93. It says, "Phil, I wish you to know. Let it never be, but if dictatorship takes over Russia your PGP is widespread from Baltic to Far East now and will help democratic people if necessary. Thanks." That's the best mail I've ever gotten on PGP. I want to read you a quote that Louis Fried (ph), FBI Director Louis Fried, said recently at a conference on global cryptography, on September 26th. Steven Levy (ph) put a question to him about what would happen if Clipper doesn't catch on, doesn't get wide acceptance. What would the FBI do in response to that. Would they outlaw other kinds of cryptography? Here's a transcript of this: At first they didn't understand this question. "You mean if the software that we write doesn't work?" He said, "No. If all you get is encrypted forms and you can't decipher them." "The terms of encryption being a voluntary standard?" Steven Levy said, "Yes." The answer from Louis Fried, FBI Director, was, "Oh, yeah, definitely. If five years from now we solve the access problem but what we're hearing is all encrypted, I'll probably if I'm still here be talking about that in a very different way. The objective is the same. The objective is for us to get those conversations, whether they're by an alligator clipped on ones and zeros [it's kind of garbled, I think] ... whoever they are, whatever they are, I need them." It was obvious to everyone there who got a little bit clearer view of it than the transcriber of the transcript here that what he was talking about is that he would seek legislative relief, in other words outlaw other kinds of cryptography. This is the first time an Administration official has said something along these lines. Just a couple of weeks back the FBI Wiretap Bill passed requiring phone companies to build all their equipment wiretap ready. The analogy to this is requiring new home builders to put video cameras wired to a police station, with a promise to only turn them on with a court order. The assumption is that as we build a new technology infrastructure we have to guarantee to the police, to the government, that they will have access to our private communications. This is a dangerous precedent. The FBI Wiretap Bill passed without too much trouble, largely in part because of the efforts of the Electronic Frontier Foundation I'm disappointed to say. John Curry Barlow (ph) made the remark that he could have changed the vote of one of the Senators, and he told him to go ahead and vote for it because it was in the EFF's view the best deal they could get. I think that we could have stopped it. Last year it was introduced and it didn't get a single sponsor. This year it had money in it for the phone companies to pay for the infrastructure changes. The phone companies stopped opposing it for that reason. We can't let some future legislation come down that will slip by us that outlaws other kinds of cryptography. Cryptography is our one guarantor of privacy on the Information Superhighway, the Infoban. I was talking to a Swedish reporter recently and I used the word "Infoban," and he said, "Oh, I wish you wouldn't use that word. It sounds too German. So I understand the new word is I-way. I saw that in Wired. It's a little too hip for me. We have to stop this. There's only one chance to fill with this technology niche. You see, your voice is going to be digitized at your telephone not down at the office, so there's going to be a computer in your phone. And once it's digitized it's practically free to encrypt it. It will be encrypted. The question is will it be encrypted with technology that we control or technology the government controls. If we build a technology infrastructure that some future government might inherit, a future government that could be a bad government -- you know, sometimes economies change. Germany in the 1930's, Russia in the 1990's, we don't know where our economy will be twenty years from now, thirty years from now. A government could emerge with fascist tendencies. If they inherit a technology infrastructure that allows them to monitor every movement of their political opposition, every transaction, every conversation and every communication, every bit of travel, then they'll be able to hold onto power. It could very well be the last government we ever elect. I think if you're trying to analyze technology policy you should ask yourselves what kinds of technologies would strengthen the hand of a police state, and then don't deploy those technolo- gies. This is a matter of good civic hygiene. So that's about all I have to say. I guess we can have our question and answer period. * * *