Sun's chief security officer Whitfield Diffie on the Hot Seat

The co-inventor of public-key encryption talks about encryption, spies as data miners and the end of computer security as we know it.

Whitfield Diffie, a co-inventor of public-key encryption, is chief security officer at Sun Microsystems and co-author with Susan Landau of Privacy on the Line: The Politics of Wiretapping and Encryption (The MIT Press, 2007).

Why has public-key encryption been so important? Cryptography is the most flexible way we know of protecting communications in channels that we don't control. As we move a lot of value into the Internet and have Internet commerce and begin buying and selling things, that is basically the only way of protecting either the transactions or - where the goods are intellectual property - the goods themselves.

Before public-key cryptography, in order to be able to use cryptography with somebody, you had to share a secret with them, which is kind of an intimate relationship for somebody you might never have met before. Public- key cryptography relaxed all of that and made it much easier to manage keys in a very diverse environment like Internet commerce, as opposed to the more traditional large but rather unified environments like the Department of Defense.

Why do you think that more e-mails aren't using encryption or digital signatures? I think it has to do with the difficulty of the key management. The key point is that cryptography has somehow not gotten itself tucked into the inner loop of development in these things. You really have to be a fan to be able to do it with your e-mail, and then you can really only do it with other people who are fans. So far, it's remained a niche market.

What's the difference between Internet communications and phone communications for cryptography and privacy? The key managerial virtue of cryptography is that it separates security from the medium of transmission of the message. Once the message has been encrypted, it doesn't matter how you send it - whether you send it by an optical fiber, which is already fairly secure, or you send it by digitizing it and putting it onto the Internet, or whether you send it by satellite.

Are either government or corporate policies on data retention and data mining having important effects on privacy or security? Yes. They're very good for our sales of storage.

Information is very much like oil and gold and a lot other things. Once we got what was there readily bubbling up on the surface, then we mined out the original resources and we developed better technology, and now we can work gold seams that are a tiny fraction of what would have been worked in the boom of the 1850s.

Intelligence and data flows are very much the same thing. If you look at World War II intelligence, it really is a matter of picking plums. The reason they concentrated on the cryptography of the time is that they were able to find, so to speak, the channels with the best information in them. Those channels had some kind of protection in them, and once [cryptographers] got through the protection, they had very good information handed to them on a plate.

If you look at circumstances facing real-world spies today, they have things available to them and other things they might want that aren't available to them. If they can do more processing on the things that are available to them, they may be able to get very good information they couldn't have gotten some time ago because they didn't have the techniques and the computing power. And so data mining is just going to become more and more a fact of life.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Joyce Carpenter

Computerworld
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?