4 Guerilla Cryptographers

1 2 3 4 5 6 7 8

freeware version. The Net got legal PGP: in 1994, the download rate of PGP from just the single, export-controlled FTP site at MIT was 500 to 1,000 copies a day.[14] This opened the way for use of the software by businesses, who were never going to rely on a product whose legality was in doubt.

Zimmermann himself may be in the best position to exploit this new legality: three years of government investigation probably have made him the most trusted cryptographer on the Net. In March 1996, a month after the government investigation was dropped, Zimmermann formed PGP Inc. to further develop software and other privacy and networking products with Seybold Seminars founder Jonathan Seybold and Dan Lynch, founder of Interop and chairman of CyberCash. In July 1996, PGP Inc. bought Viacrypt and its parent company, and in November it followed up by acquiring the leading company for privacy on the World-Wide Web, North Carolina-based Privnet.[15]

Once the patent issues were resolved, support for the idea that PGP should be distributed as widely as possible among the Net community was phenomenal. Spreading PGP, even in defiance of the government regulations, was seen as a way of ensuring that encryption would have to remain legal. The more people have and use PGP, the argument went, the more difficult it will be for the government to outlaw it. This argument gained greater urgency after the 1994 passage of the Digital Telephony Act, which requires telecommunications providers to design their equipment to assure the government a backdoor for access. Besides, the pervasive culture of the Net combines a kind of permanent rebelliousness with a slightly malicious enjoyment of successfully defying authority. Making the government look silly felt good to a lot of people, especially because those who came to adulthood in the era of Viet Nam and Watergate felt they had right and prudence on their side. Today's government may be friendly; tomorrow's may not be.

One enterprising British Net user encoded the entire RSA algorithm into four lines of code in a programming language known as PERL, with a one-line "user manual" listing in order all the software switches[16] you could use to configure the program when you ran it. This was small enough to fit into the generally accepted size limits for .sigs,[17] and the author encouraged others to copy the lines and distribute them further. Since you can never tell exactly what route a Usenet posting will take, at one point this algorithm was probably being illegally exported from the United States tens of thousands of times a day.

That wasn't all. The short version got printed and bar-coded on a T-shirt, which a few daring souls wore through customs on their way out of the country, and even onto small labels you could stick to the side of your laptop (or anywhere else). One of these was passed to me at the 1995 Computers, Freedom, and Privacy Conference by a lawyer; on the top it read, "This label is a munition," with a warning that handing the label to foreigners constituted export under the ITAR. People who believed that the program's continued availability was a vital plank in defending our traditional national freedoms handed out disks by the dozens at conferences, parties, and other gatherings.

The importance of the PGP story in terms of governing the Net isn't limited to the encryption facilities it gives Netizens, although those have already proven important in circumstances where keeping data confidential is important, such as dissident groups in repressive regimes. Equally important is the fact that powerful national and intellectual property laws were overridden by the Net community when that community felt strongly enough that it was important to do so. The patent questions kept newsgroups like alt.security.pgp buzzing and buzzing with violent arguments between people who argued that PGP violated RSA's patent, was illegal, and shouldn't be used by any responsible human and cypherpunks who said that to keep cryptography legal everyone should use it. But they didn't stop a large


Copyright © 1997-99 NYU Press. All rights reserved.
Reproduction in whole or in part in any form or medium without written permission of New York University Press is prohibited.

Be sure to visit the NYU Press Bookstore

[Design by NiceMedia]