overview
views
bodies
encryption
authentication
texts
spam
vandals
|
encryption
Encryption of information, whether
by government or by business and individuals, is a key technology for
preserving security online and accordingly the centre of debate about
policy, legislation and specific technical standards or mechanisms.
government policy
In the US argument continues about government restrictions on the
domestic use and export of 'strong' cryptography, uniting the
libertarian left and right with software/hardware manufacturers.
Examples of that alliance are the Americans for Computer Privacy (ACP) - a commercial lobby group - and the
Global Internet Liberty Campaign (GILC).
The Washington-based Electronic Privacy
Information Centre (EPIC) has recently released its comprehensive annual
global survey
of cryptography policy. Locally, Electronic Frontiers Australia has
published the suppressed 1996 Commonwealth government Walsh
Report on encryption policy.
The Certification Authority for the German Research Network has an
outstanding 8 page list
of Public Key Infrastructure links, along with pointers to SSL, SET,
MIME and other security tools. In Australia the Government Public Key
Authority (GPKA),
established in 1999, deals with government aspects of PKA.
For a
succinct introduction to PKA we recommend the 1999 article
by Jessica Polito on A Primer on Public-Key Cryptography.
In 1996 the US National Research
Council produced an excellent report
on Cryptography's Role in Securing the Information Society.
For a global perspective on government
approaches we recommend the 1997 OECD Cryptography Policy
Guidelines & Background Report (CPG).
The Limits of Trust: Cryptography, Governments &
Electronic Commerce (Hague, Kluwer 98) by Stewart
Baker & Paul Hurst offers a contentious assessment of
issues and approaches. Bert-Jaap Koops offers more
temperate views in ICT Law & Internationalisation:
A Survey of Government Views (Hague, Kluwer 00),
complementing his The Crypto Controversy: A Key
Conflict in the Information Society (Hague, Kluwer 98).
reading
David Kahn's The Code Breakers
(London, Weidenfeld & Nicolson 67, rev ed 90) remains a valuable introduction to the nature and history
of cryptography and cryptology.
It's significantly better than the
more recent The Code Book (New York, Doubleday 99) by Simon
Singh.
For those seeking more detailed information about the
mechanics of encryption we recommend Bruce Schneier's Applied
Cryptography: Protocols, Algorithms and Source Code in C (New York,
Wiley 95). Schneier's new Secrets & Lies: Digital Security In A
Networked World (New York, Wiley 00) offers a more panoramic but
equally insightful view of network security: issues, mechanisms, risk
assessment.
It's particularly valuable because of its holistic approach,
avoiding reliance on isolated technological fixes such as PGP.
Schneier and David Banisar co-edited The Electronic
Privacy Papers (New York, Wiley 97), a unique compilation of
key US government and private sector documents about encryption, privacy
policy, law enforcement and other matters.
Cryptographic
abundance and pervasive computing
(CAPC)
is a provocative paper by AT&T scientist Andrew Odlyzko, one of the more perceptive writers about online information
pricing.
Information about encryption standards and the policy debate will
be added shortly.
Michael Froomkin's paper
It Came From Planet Clipper: The Battle Over
Cryptographic Key 'Escrow' and paper
on The Metaphor Is the Key: Cryptography, The Clipper
Chip & the Constitution are stimulating, although
we regard Dorothy Denning and Schneier as more
convincing.
encryption and privacy
Pointers to encryption as a tool for privacy are supplied in our Privacy
guide.
next
page (authentication)
|
