government interest in more conventional forms of
cryptography, catapulting cryptography to the position of best understood and most satisfactory part of
Today, public-key cryptography has given birth to a
second generation of systems, replacing the modular
arithmetic of the first generation with arithmetic on
elliptic curves. The U.S. Data Encryption Standard of
the 1970s, an algorithm of moderate strength, has
been replaced with the Advanced Encryption Standard, which may be the most secure and carefully studied algorithm in the world. Technical developments
have been accompanied by a change of heart at the
National Security Agency, which has
embraced the public developments by adopting a “Suite B” of public algorithms as satisfactory for all levels of classified traffic.
Cryptography is now the soundest aspect of
information security, and modern security
systems are rarely penetrated by confronting
the cryptography directly.
Computer security has not fared as well.
Progress developing high-assurance systems,
though substantial, has not been as great as
expected or required. Implementation of features in most commercial computing has
taken precedence over security, and the state
of Internet security is widely lamented. Real
progress awaits major improvements in both
construction and evaluation of computer
In contrast to cryptography’s solid technical status
and the fact that the Secure Sockets Layer is the most
widely deployed cryptographic mechanism of all time,
SSL effectiveness is limited. The weak computer-secu-rity foundation on which cryptography must be
implemented has made it problematic to scale the key
management system to Internet size.
Coupled with this is a serious human-factors failure
of all security systems. The Internet is a medium in
which users want to talk to both people and machines
they trust, as well as to those they don’t trust. Unfortunately, the means to recognize those who are trustworthy (and, say, accept upgrades to programs from
them) is not available. As a result, cryptography has
failed to protect us from a network in which a quarter
of the computers have been captured by bot networks
and half the email is spam.
What will happen over the next half century? Two
great challenges loom:
True computer, communications, and network
security are seen by police and intelligence agencies as
an obstacle to the prevention of terrorism. Although
attempts to block the use of good cryptography sub-
sided at the end of the 1990s, a program of building-in ubiquitous wiretapping is being carried out at a
pace that does not inspire confidence that the interception facilities will be secure against capture and
misused by parties unknown.
More fundamental is the growth of Web services.
Today, even the most security-conscious companies
cannot avoid trusting their engineering and marketing directions to Google and its trade-secret techniques. The query stream reveals all of our interests,
and only Google’s good practices and reputation guarantee they are not put at the service of competitors.
Much sooner than the next half century, Web services
BRITISH CRYPTOLOGISTS USED AN
ELECTROMECHANICAL DEVICE CALLED THE BOMBE,
DESIGNED BY ALAN TURING AND REBUILT HERE FOR
THE BLETCHLEY PARK MUSEUM, TO HELP BREAK
CODE SIGNALS FROM THE GERMAN ENIGMA
MACHINE DURING WORLD WAR II.
will have destroyed locality in computing.
No significant corporate computation will take
place on any one organization’s machines. Programs
will look at various yellow pages and advertisements
and choose the most cost-effective providers for their
most intensive computations. Image rendering, heat
flow, marketing campaign modeling, and a host of
services not yet imagined will be provided by myriad
companies offering proprietary solutions.
When this happens, what we call secure computation today—you did it on your own computer and
protected it adequately—may be gone forever. c
WHITFIELD DIFFIE ( email@example.com) is the chief security
officer, a vice president, and a Sun Fellow of Sun Microsystems,
Mountain, View, CA.