Computers now produce cipher as tough as 6-inch armor
| Reston, Va.
''DzX&N8s,'' says the secret message. ''W0y Klc: Sdfh".'' Lapsing into a daydream, I wonder what it could possibly mean: Does McTavish know about the letters of credit, and the carpet dealer in Rabat? If so, then Diane is in danger. Why did the Land Rover have to break down? Cairo will be furious . . .
Larry Conner of Analytics Communications, breaking my reverie, points to the computer screen in front of us.
''This word here is my last name, actually,'' he says.
We are in a sunny conference room, not a cheap North African hotel. I am being shown Sherlock, a black box that scrambles computer data into dense cipher. It is to paper-and-pencil code what a nuclear submarine is to a dinghy.
''The only known attack is to guess the key,'' says Thomas Mitchell, an Analytics marketing manager. ''There are 72 quadrillion possible keys.''
Cryptography - the science of secret communication - is entering a new age.
Gone are the romantic cipher machines of World War II, with their mysterious mechanisms; in their place are powerful microchips. And soon spies and diplomats may not be ciphering's main practitioners. As computer data becomes more valuable, cryptography is moving into the private sector.
''With electronic technology, you can have a much higher degree of security than with ordinary paper files in cabinets,'' claimed the late Ithiel de Sola Pool, a communications expert at the Massachusetts Institute of Technology.
Take the Sherlock Information Security System. For $1,995, it drapes secrecy over information transmitted from one computer to another. Messages are unraveled with the aid of a ''key,'' a 56-digit number, all 0s and 1s, which reverses Sherlock's scrambling equations.
Other ciphering equipment on the open market range from The Encryptor, an accessory for home computers that costs a few hundred dollars, to the IBM 3848. For $58,670, the 3848 will encrypt just about anything.
''Say you've got one of our largest computers,'' says IBM spokesman Steve Carpenter, ''and you wanted everything in it to be in ciphered. The 3848 could do it.''
Of course, machines that make communications secret, as if by magic, have long fascinated ingenious inventors.
In the mid-1400s, the Italian architect Leon Alberti perfected a cipher disk that was state-of-the-art technology for 400 years. Thomas Jefferson invented a ''cypher wheel'' which looked like a rolling pin and served the United States government for a century and a half.
By World War II, governments were encrypting with machines that resembled a cross between a typewriter and a music box. The machines, with such exotic names as ''Purple'' and ''Enigma,'' used rotating electrified disks to scramble messages.
But with the rise of the digital computer, ENIGMA and its brothers were suddenly obsolete. Changing plain words into ciphertext is, at heart, a mathematical process; and computers do math so fast they produce cipher as tough as six-inch armor.
Computer technology, in fact, has reached the point where encryption equations now fit on a single microchip. The Data Encryption Standard (DES), a ciphering algorithm developed by the United States government, is available on chips made by Intel, Motorola, Texas Instruments, and many other makers.
These chips are the core of most private-sector encryption equipment. They do not produce impenetrable cipher, but just how much work it would take to uncover their secrets is a matter of some dispute.
A special state-of-the-art computer could crack open a DES-protected message in three days, according to a 1977 Stanford University study. The system's defenders claim such a computer is in fact wildly impractical, and that a more normal computer would need about 3,000 years to unravel a DES transmission.
In any case, DES provides enough protection for anyone short of a government, says Miles Smid, a mathematician with the US National Bureau of Standards.
''They make use of both substitution and transposition (scrambling) encryption,'' Mr. Smid says. ''By using both types, you get a very strong cipher.''
So far, commercial encryption is not exactly a hot trend. Analysts estimate that US sales of cipher devices hover between $200-$300 million a year.
But as computer networks proliferate and more companies become aware of the value of their electronically-stored data, demand is likely to see a healthy upswing, say communications experts.
''Everyone agrees that the market for cryptography will grow in the next 10 years. What is not clear is how much and how fast,'' a study by the Harvard Center for Information Policy concludes.
Banks will perhaps be the best customers for the ''cryptosystems.'' Their computers, after all, are electronic vaults that literally store money.
Already, most financial institutions have encryption in their automatic teller machines, to protect customers' access numbers. Electronic funds-transfer (EFT) systems, which shuttle some $500 billion between banks every day, aren't so well covered, since they're much more expensive to encrypt.
Howard Crumb, an assistant vice-president at the New York Federal Reserve, says only ''parts'' of banks' daily EFT transactions are in cipher.
''But I hear more and more talk about it,'' he says. ''I see it coming on strong in late 1984. The catalyst was publicity about the 'hackers' who were breaking into computer systems last summer.''
In the future, cryptology could also play a crucial role in protecting ''information products'' such as teletext and Home Box Office. The products would be broadcast in scrambled form; consumers would then purchase a key allowing them access to the data.
Many pay-TV channels already use such a system, points out Victor Walling of SRI International, a think tank in Menlo Park, Calif.
''The problem with a lot of these information products is that if you don't have a key to lock it up, you can't maintain rights to it,'' Mr. Walling says.
On the whole, however, Walling says there may not be a big private demand for cryptology, at least in the short run.
''Somebody will have to do a D. B. Cooper with data, before people will really pay attention,'' he says, referring to the legendary hijacker who parachuted from a Boeing 727 with $200,000.
Meanwhile, science marches on. University researchers are hard at work on a new type of cipher that may make it even easier for businesses to transmit secret messages: ''public key cryptology,'' or PKC.
Developed at Stanford and MIT, PKC uses two keys instead of one. The first can transform plain words into cipher, but can't decrypt the resulting message. The second, secret key is needed to unlock and read the transmission. Thus a subcontractor of a large oil company, by looking up the company's public key, could send it secret messages - but couldn't read the ciphered transmissions of a fellow subcontractor.
In addition, PKC allows users to add a unique digital ''signature'' to their transmissions. Eventually, business executives may legally be able to sign contracts by computer, say cryptologists, and exchange certified electronic mail.
Ronald Rivest of MIT, a PKC pioneer, says a computer chip featuring the new cipher will be ready by this fall. It will work more slowly than current encrypting chips, he admits. It thus may be most useful for such smaller applications as protecting information on certain credit cards.
Early versions of PKC have proved vulnerable to cryptologic attack. In 1982, a young Israeli mathematician, Adi Shamir, cracked a Stanford PKC system with relative ease.
But the PKC co-authored by Dr. Rivest, which uses more complicated calculations, has so far remained inviolate.