Yes, The NSA Has Always Hated Encryption
from the like-kryptonite-to-spies dept
With the latest reports of the feds (both the NSA and the FBI) trying to get tech companies to cough up master encryption keys, Matt Novak of the awesome PaleoFuture blog (now a part of Gizmodo) notes that the NSA has a long history of hating civilians who use encription. While many of us lived through the crypto wars of the 90s, in which PGP was branded a weapon, and it was supposedly illegal to export it, Novak goes even further back to when the NSA flipped out about some of the early research on civilian cryptography in the 1970s:
As Jay Stowsky at UC-Berkeley notes in his 2003 paper “Secrets or Shields to Share?” the intelligence community fought tooth and nail against the private development of cryptography for computers. When the NSA got wind of the research developments at IBM, Stanford and MIT in the 1970s they scrambled to block publication of their early studies. When that didn’t work, the NSA sought to work with the civilian research community to develop the encryption. As Stowsky writes, “the agency struck a deal with IBM to develop a data encryption standard (DES) for commercial applications in return for full pre-publication review and right to regulate the length, and therefore the strength of the crypto algorithm.”
Naturally, in the Watergate era, many researchers assumed that if the U.S. government was helping to develop the locks that they would surely give themselves the keys, effectively negating the purpose of the encryption. Unlike IBM, the researchers at Stanford and MIT didn’t go along with the standard and developed their own encryption algorithms. Their findings were published (again, against the wishes of the NSA) in the late 1970s after courts found that researchers have the right to publish on the topic of cryptography even if it makes the government uncomfortable. According to Stowsky, the NSA retaliated by trying to block further research funding that Stanford and MIT were receiving through the National Science Foundation.
Of course, imagine an internet without the kind of encryption we have today. While it still doesn’t go nearly far enough it is one of the few things that really can significantly protect some aspects of privacy. Not only that, but it’s really been key to many of the things that we now take for granted online, including e-commerce and online money transactions. Of course, if the NSA had had its way, we might not have that today — or at least it wouldn’t be nearly as trustworthy, meaning there would be a lot less of it.
Think about that every time the NSA or FBI wants master keys, backdoors or weaker encryption. They hype up the FUD about how they need this to stop extraordinarily low probability events like terrorist attacks, but allowing that technology creates tremendous innovations and benefits. When we do a basic cost-benefit analysis, the NSA is going to lose, but they’ll try to scare the crap out of people so they don’t even get a chance to realize what they’re giving up.