“Crypto” discussion – Cybersecurity Canon 2017
Book Review by Canon Committee Member, Jon Oltsik: Crypto: How the Code Rebels Beat the Government – Saving Privacy in the Digital Age (2001) by Steven Levy
The essayist and philosopher George Santayana is often attributed with the quote, “Those who cannot remember the past are condemned to repeat it.” Unfortunately, this is exactly what the United States is doing right now with regard to the ongoing debate between national security (surveillance) and data privacy – a political hot potato exemplified by the recent, highly visible confrontation between Apple and the Department of Justice.
As Santayana would easily understand, this debate is nothing new. In the 1990s, a sundry group of visionaries, idealists and technologists took these issues head-on by tapping into esoteric mathematical formulas and developing new cryptographic methods for protecting the confidentiality and integrity of digital identities and data. These innovations led to commercial and grass-roots constituencies dedicated to spreading cryptographic technology to the masses as well as a disparate group (led by the U.S. government) focused on containing and controlling cryptography.
Steven Levy’s wonderful book Crypto: How the Code Rebels Beat the Government – Saving Privacy in the Digital Age chronicles these opposing forces during the 1990s, an era of rapid growth in personal computing and network connectivity. Crypto’s strength comes from its comprehensiveness. It covers a number of seminal data privacy events including the development and commercialization of PKI, early progress with digital currency, and even the now infamous U.S. government’s Clipper Chip, an effort to establish monopolistic control of international cryptography. Beyond innovations and events alone, however, Levy also provides rich, detailed stories of an assortment of idiosyncratic characters like Jim Bidzos, Whitfield Diffie, and Phil Zimmermann who drove the development, commercialization and proliferation of cryptography to the mass market.
In retrospect, the 1990s seem like a prehistoric information technology era, but Levy’s thoughtful description of the issues, innovations and deliberations around data privacy make Crypto a timeless and worthwhile read for cybersecurity professionals circa 2016. Besides, Crypto personifies data privacy by following the trials and tribulations of assorted individuals who gave us the technologies and policies (for better and worse) that we live with today. This elevates Crypto from a historical review to an entertaining read. Based upon these qualities, Crypto deserves a permanent home in the Cybersecurity Canon.
Read the review here:
via Palo Alto Networks