Nov 97 Viewpoint
Volume Number: 13
Issue Number: 11
Column Tag: Viewpoint
by Eric Gundrum
Why All This Crypto Stuff?
You can't have digital commerce unless you can be certain that your digital data is
unadulterated. That's where cryptography comes in. Most people think of cryptography
simply as a means to hide data, but actually it is much more useful than that. Through
cryptography, we can assure (within reasonable expectations) that a block of data has
not been changed by any intermediate party.
Imagine that you are a software publisher, and you want to use the Internet to
distribute an update to your software. You could post the update to a few key software
distribution sites and let it propagate. Within a day or two everyone would have access
to it, but how can you be certain that it was your version of the update that was
distributed? What's to stop some malicious person from releasing his own version of
your updater and embedding his newly created virus? (Many readers may recall a
similar situation with the recent release of a bogus StuffIt Deluxe 4.5 package as a
trojan horse.) This problem can easily be prevented through the proper use of
cryptography; in this case, digital signatures.
Another use of cryptography is access certificates. Imagine selling your software over
the 'Net: your potential customer begins by examining a trial version of your software.
The customer decides to purchase the software and sends you payment through some
digital means. (Payment could be digital cash, digital checks, credit card information
through an SSL connection, or some other means.) Once you have settled the payment
with a bank (to be sure it is not fraudulent), you send an authentication code to the
customer so they can turn the trial version of the software into the fully paid version.
What is that authentication code? Many software companies struggle for countless
hours trying to develop a serial number that can't be easily guessed or changed, and
contains enough information to be traceable back to the customer in case they give it
out for their friends to use. Another limitation of this mechanism is that you, the
publisher, must maintain a database to map all the serial numbers to customers. This
becomes even more complicated when you have single customers purchasing more than
one copy of the product, or add site licenses, multiple versions, or other products.
Access certificates eliminate most of the limitations of serial numbers. An access
certificate is a document which contains all the information the software publisher
uses to control access to the software. This can include the purchaser's name and
contact information and various license restrictions such as how many copies can be
used simultaneously or when this use of the software expires. Cryptography is used to
digitally sign the access certificate; the software being accessed can check this
signature to verify the document has not been altered. The software can read the
certificate to determine what restrictions to impose on the use of the software. If the
information in the certificate is stored as clear text, then the customer also can see
what restrictions are on the license. This certificate serves much the same purpose as
a serial number; however, users are much less likely to distribute a certificate to
friends when they see that their name and address is included in that certificate.
There are many uses of cryptography besides hiding data. The certificates mentioned
above can be extended to limit access to services as well as software. No need for users
and groups databases. No need to remember all those different passwords we each have
on all the different systems we access. This could make our digital lives so much
easier.
What's Holding Us Back?
We have most of the technology we need to make broad use of cryptography, but the
technology is not deployed. The United States Government is actively trying to restrict
access to the technology. They prevent software which uses the technology from being
exported from the U.S. They also are coercing other governments to impose
restrictions on the use of cryptography in those societies. The resulting fear,
uncertainty, and doubt make U.S.-based businesses reluctant to develop products that
use cryptographic technology, even when those products use only digital signatures,
and therefore could easily get an export license.
Some companies, such as Microsoft, PGP and Sun, are actively working to have these
export restrictions removed. Unfortunately Apple, as a member of the Key Recovery
Alliance, is supporting the anti-cryptography stance of the U.S. Government. PGP
http://www.pgp.com/ is the original strong cryptographic technology for the masses,
available throughout the world on many platforms. They have done more to relieve the
U.S. export restrictions than any other company. Recently, they released a number of
new Macintosh products making cryptography easy for anyone to use. They are
working on a developer's kit so we developers can add cryptographic services to our
applications. Microsoft is building developer-accessible cryptography into a variety
of products, including a future version of Windows. Sun has developed a cryptography
module (JCE, http://www.javasoft.com/security/) for Java 1.1, but it is not
available for the Mac.
Apple's position is quite sad, especially considering that Apple holds patents to some of
the strongest cryptographic technology invented and some of the least restrictive
licenses to other cryptographic technology. Hopefully, Apple will soon recognize the
market opportunities they could develop by making these technologies available to
developers as part of the OS. Fortunately there are some Macintosh-friendly software
publishers picking up some of the slack, including PGP. Consensus Development
http://www.consensus.com/ is another company that has had cryptographic technology
available for years. Currently, they have a multi-platform SSL3 library, as well as
other technologies in development. If you are interested in learning more about
cryptography on the Mac, be sure to check out Vinnie Moscaritolo's crypto pages at
http://www.vmeng.com/mc/.