HomeIntroducing CybercultureBook ReviewsCourses in CybercultureEvents and ConferencesFeatured LinksAbout RCCS

View All Books

Crypto: How the Code Rebels Beat the Government -- Saving Privacy in the Digital Age

Author: Steven Levy
Publisher: New York: Viking Press, 2001
Review Published: February 2002

 REVIEW 1: Iain Lang
 REVIEW 2: Lokman Tsui

Steven Levy's Crypto unfolds the history of cryptography during the past three decades through the eyes of those who pioneered the field. Nowadays cryptography is an accepted study and public property, yet not so long ago, it was still considered a dark art that needed to be kept under wraps and considered as an exclusive property of the government.

Levy, writer of Hackers and numerous cryptography-related articles, follows a chronological line in Crypto. He starts out in the early seventies, describing how pioneer Whit Diffie became interested in cryptography and eventually developed the theory of public key infrastructure (PKI). The author discloses how the US government pushed the Data Encryption Standard (DES) forward to become the default encryption protocol, and tells how three bright minds from MIT managed to practically implement Diffie's PKI theory. The author also depicts the fiasco of the Clinton administration in promoting the Clipper chip as a futile attempt to maintain control. Finally, he explains how the Internet proved to be the final piece of the puzzle in accelerating cryptography to become public property. Crypto ends with the statement that around 1999 "it was endgame for the government," signaling the end of the US government's attempt to maintain total control over cryptography (302).

Unfortunately, cryptography, touted as the panacea that will safeguard online privacy, has yet to become the widespread common technology for the everyday user that it was once envisioned to become. The conclusion of Crypto, therefore, might be overly optimistic given recent developments. Pretty Good Privacy (PGP) serves as a good example. Levy quotes a Latvian saying that "PGP is widespread from Baltic to Far East" (289). He, furthermore, uses a nice anecdote of how a female lap dancer in a strip club recognized Phil Zimmerman, the inventor of PGP, to illustrate how popular PGP already has become. Unfortunately, a study conducted by Whitten and Tyger from Carnegie Mellon University suggests that PGP as a matter of fact has failed to reach the general audience due to problems with usability [1]. For most people, PGP is just too complicated to use for practical purposes. More telling perhaps is Network Associates' recent decision to stop selling PGP due to a lack of market demand. Another significant event is the discontinuation of the anonymity service offered by Zero Knowledge Systems, once considered the most promising privacy start-up that offered Internet users encrypted e-mail and anonymous web-browsing. Similarly, Safeweb, which offered a service similar to that of Zero Knowledge Systems, discontinued its service as of November 20, 2001 [2].

Ubiquitous surveillance has arisen, even though the attempts of the US government to control cryptography have been compared to "regulating the tides and the weather" (264-5). Lawrence Lessig, author of Code and Other Laws of Cyberspace, best illustrates this contrast. Lessig states in this groundbreaking work that cryptography is "the most important technological breakthrough in the last one thousand years," yet at the same time he points out that the libertarian concept promoted by many Internet users is at risk (Lessig, 35). Although Crypto states that "the fight is over," the US government has not relinquished control over cryptography yet. It is rather attempting to strengthen its grip through a myriad of ways. The 9-11 incident, which awakened a sense of insecurity, augments the trend of rising ubiquitous surveillance. The proposal for a national ID card and the approval of the anti-terrorism bill, which grants the US government rights of surveillance previously unheard of, are just two examples of this development. The FBI, furthermore, recently confirmed the existence of the Magic Lantern project, a program designed as a virus that spreads itself over the Internet, logs all keystrokes entered, rendering cryptography useless as a way to protect privacy [3]. Even before 9-11, the government initiated two projects: one is called Carnivore, which functions as an e-mail wiretap, and the other goes by the name of Echelon, which is a global network of surveillance sites [4]. The government is also trying to garner the public's consent for its surveillance activities by pointing out that it is cryptography -- specifically, programs like PGP -- that enable terrorists to go undetected. The lesson best served by this book is that we should not take our civil liberties for granted and that we should value what civil liberties we have. As Benjamin Franklin once said: "those that would sacrifice essential liberty for temporary security deserve neither liberty nor security." I would like to add that it is not 'endgame' yet.

Different books have appeared on the topic of cryptography. Some deal with the mathematical aspects, while others focus on the political implications of cryptography. Crypto, however, provides us with a unique view on the topic of cryptography. Drawing on interviews conducted with people who have been and those who still remain crucial for the field of cryptography, Crypto provides an invaluable and direct insight into the evolution of cryptography. Writing in a vivid style, Levy is able to explain the technology without getting too deep into the nitty-gritty technical and mathematical details.

In conclusion, Crypto gives the reader an excellent hindsight to the coming-of-age of cryptography through the eyes of those who witnessed its maturity progress first hand. It is an invaluable source of information for all those interested in cryptography and the paramount role cryptography plays in protecting our privacy in the digital age. The bottom line: a compelling story about an increasingly important subject.

Steven Levy's previous publications include Hackers, Insanely Great, Artificial Life and The Unicorn's Secret. Furthermore, he has written a large assortment of cryptography-related articles for magazines such as Wired, The New York Times and Newsweek. He is the senior editor and the chief technology writer for Newsweek.

1. Alma Whitten and J.D. Tygar, "Why Johnny Can't Encrypt: A Usability Evalution of PGP 5.0." Proceedings of the 9th USENIX Security Symposium, August 1999.

2. Joanna Glasner, "A Pretty Good Privacy Sale," Wired (October 12, 2001); Declan McCullagh, "Leading Anonymity System to End," Wired (October 5, 2001); and "Unsafe at Any Speed," Wired (November 20, 2001).

3. Elinor Mills Abreu, "FBI Confirms 'Magic Lantern' Project Exists," Yahoo (December 12, 2001).

4. For more information on Echelon, see Zdnet UK News Special, Echelon (June 2000).

Lokman Tsui:
Lokman Tsui holds a Masters degree in Sinology (China Studies) from the University of Leiden, The Netherlands. His research interests include the social-political implications of the Internet in Asia, including privacy, surveillance, and censorship issues. His MA thesis discussed the Internet control of the Chinese government. Currently, he is in Taiwan following a la carte courses for one year at the National Taiwan University. He plans to pursue a Ph.D in Media / Internet studies.  <mail@lokman.nu>

©1996-2007 RCCS         ONLINE SINCE: 1996         SITE LAST UPDATED: 12.10.2009