IN THE last year, a piece of public domain software has become the bane of
the FBI, the rallying cry for a new generation of anti-government radicals and
the focal point of an international debate about privacy on the information
superhighway.
Pretty Good Privacy allows two people anywhere in the world to exchange electronic mail messages by telephone or over the Internet in absolute and total privacy.
PGP accomplishes this feat of technological magic with a technique called public key encryption, the newest twist on the time-honored technique used by spies for protecting their messages from interception by the enemy. What's significant about PGP, say both its admirers and critics, is that the encryption it uses is so powerful that PGP-protected messages cannot be forcibly decrypted, or broken, by even the world's most sophisticated code breakers.
''The problem is that guaranteeing privacy to everybody will guarantee privacy to people who are going to misuse that technological sanctuary," said Stewart Baker, general counsel of the National Security Agency, addressing the fourth annual conference on Computers, Freedom and Privacy last week in Chicago.
The nation's intelligence and law enforcement establishments have mounted a crusade against unfettered encryption in general and PGP in particular, saying they pose a serious threat to intelligence gathering, court-ordered wiretaps and the execution of search warrants.
''With respect to PGP, the only use that has come to the attention of law enforcement agencies is a guy who used it so police couldn't tell which little boys he had seduced over the Internet," Baker said.
PGP users at the conference said such characterizations are grossly unfair. The overwhelming majority of people using PGP, they said, are law-abiding individuals who simply wish to protect their communications from the prying eyes of computer hackers and unscrupulous system administrators.
''If privacy is outlawed, only outlaws will have privacy," said Phil Zimmerman, the Colorado-based cryptography consultant who wrote the first version of PGP in March 1991.
That year, the U.S. Senate considered an amendment to the Anti-Crime Bill of 1991 that would have made it illegal to use encryption within the United States unless law enforcement agencies were provided with a copy of the keys. Although the proposal was ultimately withdrawn, it put the electronic underground on notice that widespread encryption might be outlawed by government before most people even realized what encryption was all about - or its value for protecting individual privacy. Zimmerman's solution was to write PGP and flood the country with high-quality cryptographic software.
Leveling the playing field
''Intelligence agencies have access to good cryptographic technology," Zimmerman wrote in the PGP manual. "So do the big arms and drug traffickers. So do defense contractors, oil companies and other corporate giants. But ordinary people and grass-roots political organizations mostly have not had access to affordable 'military grade' public-key cryptographic technology . . . until now."
While personal computer-based encryption programs have been available for years, Zimmerman's PGP was the first to bring public-key encryption - which is ideal for encrypting communications to a variety of people - to the masses.
Most cryptography programs available for personal computers use private-key cryptography. With private-key schemes, the same encrypting "key" is used to encrypt and to decrypt any given file.
This means you can't exchange encrypted e-mail with somebody unless you first exchange a cryptographic key.
Public-key cryptographic systems, first developed in the 1970s, use two keys. The first key is called the public key; it encrypts the message. But it takes a second key, called the private key, to decrypt the message and recover the original text.
The big advantage of public-key systems is that the public keys of many people can be gathered and published in electronic address books. Then, if you want to send somebody an encrypted message, all you have to do is look up her key and use it: No prior arrangement is necessary.
Launching the Clipper
One year ago, the National Institute of Standards and Technology, working in conjunction with the NSA, proposed a system for encrypting communications within the United States called the Clipper chip. Like PGP, Clipper uses public-key encryption so that any two Clipper chips can communicate with each other without fear of wiretappers. But Clipper also uses a system called key escrow to make it possible for law enforcement agencies - with authorization by a court of law - to wiretap an encrypted conversation.
Key escrow means the private key used by each Clipper chip is held in a central repository. The Clipper system actually splits the key into two parts, each stored with a different agency, to minimize the chance of an illegal wiretap. The agencies are supposed to give up their copies of the private key only when they are presented with a warrant for a wiretap.
This March, NIST published a notice in the Federal Register setting forth Clipper as a voluntary encryption standard for the federal government. By endorsing an encryption standard, the Clinton administration hopes that telephones, faxes and modems implementing a compatible encryption system will soon be widely available.
''The rationale behind the Clipper and key escrow is to lower the cost, to make encryption tools available to a large number of people while maintaining the ability of the government to do the 1,000 or so authorized wiretaps every year," said David Lytel, a policy analyst with the president's Office of Science and Technology Policy.
''If you don't think Clipper keeps your communications secure, don't use it," said Lytel. "And if you want to use your own encryption on top of it, go ahead."
Many people at the Computers, Freedom and Privacy conference said they would avoid Clipper and added that it was likely that drug dealers, organized crime and terrorists would do the same.
''The administration can't come up with examples of criminals bright enough to use encryption in the first place but dumb enough to do it with the government's chip," said Charles C. Marson, a San Francisco-based lawyer.
Nevertheless, many organizations might be interested in telecommunications systems based on Clipper, said the NSA's general counsel. For example, said Baker, a company might prefer that its employees use a system like Clipper, which provides security but can be wiretapped in extraordinary circumstances, so it can monitor its employees should the need arise.
The next generation
To use Clipper, however, these organizations will have to wait for manufacturers to build the expensive Clipper chips into the next generation of telephones.
In the meantime, PGP is a solid system that provides privacy today. PGP is free software, so if you have a friend who has it, you can simply make a copy. If you have access to the Internet, you can also get a copy from the computer SODA.BERKELEY.EDU using the Internet's File Transfer Protocol system.
Companies and individuals who feel more comfortable buying their programs can now get a version of PGP that works on DOS and several Unix systems from Viacrypt of Phoenix.
Most oppose Clipper plan
Buying the program entitles you to customer support - important for people new to cryptography.
Will the Clipper plan fly? No one knows. But a recent New York Times/CNN poll found 80 percent of the U.S. public opposed to the Clipper and key escrow when the proposal was explained to them, said Marc Rotenberg, director of the Computer Professionals for Social Responsibility's Washington office.
On the other hand, Zimmerman and others like him say unrestricted cryptography is already making a difference around the world.
As proof, he cites an electronic mail message that he received from Russia
in October on the day that President Boris Yeltsin was shelling the Russian
Parliament building. The e-mail said, in part: "Phil, I wish you to know: Let
it never be, but if dictatorship takes over Russia, your PGP is widespread
from Baltic to Far East now and will help democratic people if necessary.
Thanks."
IF YOU'RE INTERESTED
The public-domain version of Pretty Good Privacy is available on many bulletin board systems or can be obtained from the FTP site SODA.BERKELEY.EDU via the Internet. A commercial version is available from Viacrypt, 2104 W. Peoria Ave., Phoenix, Ariz. Phone: (602) 944-0773. Fax: (602) 943-2601.
PICTURE: Drawing