So you don't think you have anything to hide? Consider that your E-mail might be misdirected and read by a stranger. Consider the risk you take if you send sensitive proprietary information over the net and it gets intercepted or diverted. Consider what the marketing folks are already doing with all that information you are providing about your interests as you surf, chat, and exchange mail over the net.  Governments can (and probably do) automatically scan for certain keywords in E-mail, BB postings, and WWW activities, screening for potential targets for investigation.  How many innocent people will have to defend themselves needlessly?  Isn't enough of our lives already in marketing databases?

Personally,  I'm shocked by the wholesale give away of our private lives.  Few people understand how cheap and easy information gathering has become.  Mass marketers love it.  All those bits and pieces about you going in all directions.  Marketers gather, sell, and resell it by the gigabyte.  Mistakes and abuses can spin out of control as this information gets packaged and repackaged.  And the nightmare is just beginning.  Private citizens and companies must assert their right to privacy.  Information gatherers and our governments are not going to do it for us, as long as it remains not in their interest to do so.

Unlike the protected "expectation of privacy" people associate with telephone service and snail mail, everything you say and do on the Internet is in the public domain. That means that anyone with the right equipment can accumulate, electronically filter and file, then give or sell information about you to anyone. Eventually laws will be passed to give people a false sense of security, but the very nature of the Internet puts routing of traffic into the hands of thousands of unregulated computers, each a potential site for abuse.

What can be done? Fortunately, here in the United States, you have a right to privacy and the tools needed to secure it. In practical terms, you have the right to obtain and use encryption strong enough that even the US government can't crack it. That worries the government to no end, forcing them to push for standards that would give them copies of your keys (the keys to your privacy), and to rigorously enforce laws against the export of encryption technology.

A "key escrow" policy, if passed, would derail many already common forms of encryption, such as those used by web browsers to secure pages and protect credit card transactions.  Forcing centralized government escrow of encryption keys will also greatly complicate future developments.  In spite of protections offered, abuse or mishandling of private keys can be devastating.  Besides, the technology has been out of the bag for some time.  "Illegal" encryption could be easily generated and hidden within "approved' exchanges.  Do you think other countries are going to like handing over their citizens' and companies' keys to the U.S. government so our government can monitor all exchanges to and from the U.S.?  Do you think the U.S. government and its companies are going to like handing over their keys to foreign governments in return?

Export restrictions on encryption technology and products are a joke.  Good algorithms have been publicly available world wide for some time now.  This isn't WWII folks.  Computer and computer network security, satellite TV scrambling, bank ATM transactions, and countless other exchanges depend on these technologies.  U.S. and Canadian companies are already being handicapped by not being able to incorporate "strong" encryption in their products, while many of their overseas competitors are under no such restrictions.  Note that import of such products into the U.S. and Canada is legal, putting us at an unfair disadvantage.

Assuming good algorithms, the strength of encryption (difficulty of deciphering messages) is based on the length of the keys used.  The maximum key length for exportable algorithms is presently 40 bits. A french student using a typical cluster of workstations demonstrated that he could crack the 40 bit encryption used by the "normal" version of netscape in 3.5 hours. Three and a half hours isn't a bad half days work, if used to decrypt credit card or brokerage transactions. The present Data Encryption Standard (DES) used for ATM, bank transfers and some satellite TV scrambling is 56 bits long. The estimated maximum time to crack 56 bit DES is now only 7 hours (Byte 3/97). Government agencies like the NSA have much more powerful computers at their disposal and can casually crack such weakly encrypted messages.  This is why the export limit is set at 40 bits.  Unfortunately, the ratio between the fastest government computers, and that available to the average hacker is shrinking.  Key lengths short enough for the government to easily crack are no longer a deterrent to criminals wishing to crack messages for their own gain.

You might have noticed on boxes of many software products that the product is for use only in the United States or Canada, or that a specific version of software can not be exported. Chances are the product promises some sort of secure password protection, and uses DES or newer technologies. Many common packages offer password protection which is much more easily cracked than DES. Indeed, there are packages available for cracking password protected files for many common applications, for those that have forgotten their passwords. Think about that when you password protect the company books or personnel records. Are those files really secure?

Netscape and Internet Explorer now have built in encryption, helping people feel more secure about sending credit card numbers for purchases over the web. Don't ever send a credit card number over the net unless it is secured by encryption. It's too easy to intercept. With Netscape, look for the "broken" key in the lower left hand corner to become "whole" before submitting sensitive information. You should receive notification when you enter and leave secure mode, unless you have intentionally deselected that notification option.

The "normal" (i.e. international) versions of I.E. and Netscape Navigator are limited to 40 bits, to prevent violation of the export laws limiting export of strong encryption. Some on-line banks and brokers wisely find this inadequate. You can obtain a US/Canada only version of Netscape from their web server after filling out an on-line affidavit stating that you understand the law and will be held accountable if you export the program out of the US or Canada. After validating that your ISP node is in the US, you will be allowed to download a 128 bit version of the program.  The 128 bit version of Internet Explorer is available from Microsoft (in the US and Canada only).  Banks and brokers who are skittish of the strength of 40 bit version, check for, and more readily accept use of 128 bit security. The exchange of the 128 bit keys is as invisible to you, as was the 40 bit exchange used in the  "normal/international" version of the browser's encryption. How much better is 128 bit encryption? Assuming a more typical maximum time to break 40 bit encryption at 15 days, the maximum time to break 128 bit encryption scales to 12.7 tillion-billion years (Byte3/97). It's going to be awhile before computers get that much faster.

Most modern encryption programs use "public key" encryption, which means that everyone can have a copy of your public key, which they can use to encrypt messages to be sent to you. But without the associated private key (which you keep secure), they can't decrypt those messages. Likewise, you can encrypt messages with anyone's public key, but you can't use those keys to decrypt their messages (even the ones you sent). With the outdated single key systems, anyone with the key to encode messages to you, could also decode all messages, past, present, and future which used that key.

When you enter a secure web page with a secure browser, your computer and the server on the other end each generate a new random pair of keys. Your computer sends its new public key to the server, and the server sends its new public key to your computer. Each side uses its companion locally held private key to decrypt the message from the other side. Since the private keys never leave the associated computer, the exchanges between you and the server you're connected to are secure. All this happens automatically, with no special action from you, except to notice the key symbol and warning boxes that appear at the beginning and end of the session with that server. Keys are not reused, so each exchange with a new server is secured from information exchanged with previous servers.  Note that this does not happen on all pages, only specific "secure" pages.

There are some interesting offshoots to this technology. One is digital signatures. By using your private key that no one else has access to, you can send a unique pattern along with your message.  This pattern could have only been generated with your private key, in conjunction with the contents of body of the message signed. Anyone can use your public key to validate that the message could have only been signed with your private key, and that the body of the message signed could not have been altered since it was signed. Without access to your private key, no one can generate a false signature or alter the body of the signed message without everyone being able to detect the forgery using your public key. Digital signatures may soon allow legally binding documents to be signed and sent by E-mail.

In use, you'd receive or write a document and tell the software you're using that you wish to sign the document. The software would use your private key, resident on your computer only, to generate the signature block at the end of the message (which looks like several lines of random characters), or the software can put the signature information in a separate file. In most cases, your private key is encrypted on your computer, requiring a password known only by you for each use. This prevents anyone from being able to use your private key if they break in and copy the private key file from your computer.

Pretty Good Privacy (PGP), started by Phil Zimmerman, was a response to the fear that the government was about to severely restrict access to strong encryption without mandated "key escrow" technology (i.e. the government holds copies of your keys). PGP uses some of the strongest encryption technologies known, and was placed in the public domain along with the source code. PGP spread quickly, making passage of laws restricting such technology moot. By supplying the source code, Phil encouraged review by mathematicians and cryptographers world wide. This feedback was used to strengthen weaknesses and to allow users to see that the revised algorithms could withstand attack by the experts.

It also got Phil in a lot of trouble. He has been hauled before congress to be held accountable for violating the export laws, even though he wasn't the one who posted it on the Internet. Since then, he has appeared before congress several times as an expert witness in the debate on encryption laws. The present version of PGP supports key lengths up to 2048 bits, much longer than is believed to be crackable by even the fastest government computers, even if they worked together for decades in parallel. There is no known case of a PGP message being cracked when using the long key lengths, in spite of challenges and rewards offered.

Since PGP was initially written, patent disputes have been settled, and the government has bought off on PGP's distribution means. You can obtain a copy directly from the MIT server, after reading and agreeing to terms of the laws presented. The MIT computer checks to make sure that your Internet node is indeed in the US or Canada before allowing the download. The exchange is logged, but the only information they get is your IP address and access node. For most people, the IP address is randomly assigned when you log into a node, so all they will have is the location of the node you log into to. Source code, documentation, and digital signatures of the authors are provided to authenticate the software. The download is worth it, if only for the fascinating history, politics, and technology detailed in the documentation (which can be downloaded separately without restriction). From the government's perspective, PGP export is a violation of munitions laws, and hence PGP control is handled like gun control. Their discouragement is intentional. But remember, rights not exercised are often lost.

Freeware versions of PGP are still available from the original MIT site, or now directly from Network Associates (who bought PGP Inc a few years ago) for most platforms (PC, Mac, Unix, VMS...).  The freeware versions are for personal use only.  They also sell commercial versions and other products, subject to the same export restrictions.  The early versions of PGP used a command line interface, which tended to intimidate new users.  The newer versions use graphical user interfaces and wizards for complex tasks such as key creation and key registration, making use much easier for everybody.  PGP integrates seamlessly with Microsoft's Windows Explorer, clipboard, and several mail packages.  I doubt you'll find a better package anywhere, for any price.

Microsoft and Netscape began to realize the importance of merging E-mail with encryption technologies, and began to offer encryption in later versions of their integrated E-mail programs.  To sidestep the export issue, they use a 40 bit version of RSA encryption called Secure/MIME (MIME is the transport protocol for Internet E-mail).  Unlike PGP, S/MIME is not an open standard, and remains proprietary to RSA.  PGP countered by offering PGP/MIME as a "strong", open, alternative.  Both techniques allow seamless sending and reception of encrypted mail to and from compatible mail programs.  But neither is yet a true standard as of this date.

Most people are unaware that they already have S/MIME capability within their IE and Navigator programs.  Neither Microsoft nor Netscape give much of a clue about how to use it.  The argument against PGP is that S/MIME outnumbers PGP, but few people have bothered to learn to use S/MIME within IE or Navigator.  If you use IE or Netscape's mail program, give it a try.  But a better alternative, in my book, is to find and use a PGP plug-in that works with your mailer.  Or better yet, switch to a better mail program....

Eudora is arguably the best and most popular E-mail program available.  It comes in two versions, a very useful freeware version, and a more powerful commercial version.  With Microsoft and Netscape adding integrated encrypted E-mail  to their IE and Navigator programs, Eudora had to do something.  People had been writing programs to meld PGP with Eudora in the past, but the results were often clumsy, and they often didn't work with later versions of Eudora.

But later versions of Eudora began to support third party plug-ins.  PGP Inc., now a private company owned by Network associates, offered a product called PGPmail which plugged into Eudora and Netscape mail clients.  This worked pretty good, but was still not as tightly integrated as the mail package itself could be.

Then finally, it happened.  Eudora and PGP got together and the latest versions of Eudora, including the freeware version, can be downloaded with PGP fully integrated into Eudora.  You still have to fill out an on-line affidavit to download the versions with PGP (to confirm that you are in the US or Canada, and that you know the export limitations), but its well worth it.

The integrated package is highly recommended.  You don't have to use the encryption features when you don't want to, but with key management integrated into the address book and  PGP/MIME support, using encryption couldn't be easier.  You also get almost all of the features of the latest PGP package included with the Eudora program.  Not a bad deal for free!

Since the government lost the standardization battle for encryption of data based on key escrow (at least for now), they have tried repeatedly to set a universal standard for other information based communication via the "Clipper Chip". This chip would be embedded into secure phones, faxes, and other devices allowing inter operation between different vendor's equipment. The catch is that each Clipper Chip would have a unique code, and that the government would be able to hold or obtain the private key to any chip. Each message the chip produces sends a Law Enforcement Access Field (LEAF) in the message, giving the government the serial number needed to look up the key. They promise, of course, to only do so with a warrant, and that separate agencies would hold different parts of the keys so no one group could "browse" illegally. They are secretive about the algorithm used, so the public can not be assured that the algorithm is effective, and that it doesn't have any "back doors" in it.

Think about it.  Any agency could easily record messages or phone calls from thousands of individuals for years, then using a broad warrant based on some trumped up excuse and a lenient judge, electronically obtain the keys to these messages, then electronically filter and feast on the results. Sounds like a good fishing strategy. The government is still trying to require the telephone companies to put in, at their own expense, automatic taps so wiretaps could be easily be done anytime, anywhere, on anyone, right from a precinct or from Washington desktops. Warrants required, of course (except for Internet traffic, which is already public domain). It sure beats the old envelope steaming and alligator clip days!

The PGP team reacted by creating PGPfone. This application allows you to use your computer, sound card, microphone, and modem as a secure phone over the normal phone lines, point to point, or you can use the Internet itself, like the various unsecured Internet telephone packages available. Like PGP, this is also "guerrilla freeware" (to be distributed freely and aggressively). Though it takes at least some effort to decode, the other Internet phones programs are not encrypted (and they are often not FREE, like PGPfone).

We have come to expect that our names and address will be given out with every purchase to mass marketing firms. We now almost expect banks and credit card companies to know almost everything about our finances. We know how easily this information leaks out at times, but we are letting this happen by not raising a fuss.

You haven't seen anything yet!  In the "good old days", only large companies shuttled personal data back and forth using computers. Today, we do that ourselves through much less secure means. Cost and size used to limit how much information could be gathered. At less than 10 cents per megabyte of on-line storage, that isn't much of a problem now. You have a right to your privacy. If people routinely use encryption, privacy will become the norm, instead of the exception.  Give it a try.  PGP documentation reads like a spy novel, but this is no toy secret decoder ring.  Military grade privacy for the rest of us...

Eudora Light with PGP         - The Best E-mailer, the best encryption.  Together at last and FREE

MIT's PGP Download Page           -MIT Server. FREE Full Featured "Strong" Encryption of Files
PGP's Freeware Download Page   - PGP Incorporated's Freeware Products
PGP Inc.                                    -  Other encryption tools from PGP Inc..

PGPfone Page        - MIT Server. FREE Internet/Direct Dial Secure Phone using your PC and Modem.
Norton Secret Stuff - Freeware.  Create Encrypted Self-Extracting Files (40 Bit Encryption)

Back to Rick's Home Page

Last modified January 10, 1999 (minor updates). rick407@geocities.com