Sun's chief security officer Whitfield Diffie on the Hot Seat

The co-inventor of public-key encryption talks about encryption, spies as data miners and the end of computer security as we know it.

Whitfield Diffie, a co-inventor of public-key encryption, is chief security officer at Sun Microsystems and co-author with Susan Landau of Privacy on the Line: The Politics of Wiretapping and Encryption (The MIT Press, 2007).

Why has public-key encryption been so important? Cryptography is the most flexible way we know of protecting communications in channels that we don't control. As we move a lot of value into the Internet and have Internet commerce and begin buying and selling things, that is basically the only way of protecting either the transactions or - where the goods are intellectual property - the goods themselves.

Before public-key cryptography, in order to be able to use cryptography with somebody, you had to share a secret with them, which is kind of an intimate relationship for somebody you might never have met before. Public- key cryptography relaxed all of that and made it much easier to manage keys in a very diverse environment like Internet commerce, as opposed to the more traditional large but rather unified environments like the Department of Defense.

Why do you think that more e-mails aren't using encryption or digital signatures? I think it has to do with the difficulty of the key management. The key point is that cryptography has somehow not gotten itself tucked into the inner loop of development in these things. You really have to be a fan to be able to do it with your e-mail, and then you can really only do it with other people who are fans. So far, it's remained a niche market.

What's the difference between Internet communications and phone communications for cryptography and privacy? The key managerial virtue of cryptography is that it separates security from the medium of transmission of the message. Once the message has been encrypted, it doesn't matter how you send it - whether you send it by an optical fiber, which is already fairly secure, or you send it by digitizing it and putting it onto the Internet, or whether you send it by satellite.

Are either government or corporate policies on data retention and data mining having important effects on privacy or security? Yes. They're very good for our sales of storage.

Information is very much like oil and gold and a lot other things. Once we got what was there readily bubbling up on the surface, then we mined out the original resources and we developed better technology, and now we can work gold seams that are a tiny fraction of what would have been worked in the boom of the 1850s.

Intelligence and data flows are very much the same thing. If you look at World War II intelligence, it really is a matter of picking plums. The reason they concentrated on the cryptography of the time is that they were able to find, so to speak, the channels with the best information in them. Those channels had some kind of protection in them, and once [cryptographers] got through the protection, they had very good information handed to them on a plate.

If you look at circumstances facing real-world spies today, they have things available to them and other things they might want that aren't available to them. If they can do more processing on the things that are available to them, they may be able to get very good information they couldn't have gotten some time ago because they didn't have the techniques and the computing power. And so data mining is just going to become more and more a fact of life.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Joyce Carpenter

Computerworld
Show Comments

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Laura Johnston

MSI GS65 Stealth Thin

If you can afford the price tag, it is well worth the money. It out performs any other laptop I have tried for gaming, and the transportable design and incredible display also make it ideal for work.

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?