Public Key Cryptography
While you’ve likely never heard of Diffie and Hellman, you’ve more than likely encountered the field they helped pioneer. Their seminal paper, first published in 1976, introduced key concepts behind the secure exchange of cryptographic keys over public channels, establishing some of the first public-key protocols and laying the foundations for digital cryptography we are increasingly familiar with.
Prior to the Diffie-Hellman key exchange method, secure encrypted communications between two parties required a physical exchange of keys, using a secure physical channel e.g. a paper key list, using a courier service. The problem, as you may already see, is in the paper and the courier, both easily compromised security vectors. The Diffie-Hellman exchange method allows for two parties with no prior knowledge of one another to jointly establish a shared secret key, while using an unsecured public channel. The shared secret key can then be used to encrypt subsequent communications using a symmetric key cipher.
The far reaching innovation is now used to secure a vast number of Internet services, and you’ve likely used the Diffie-Hellman key exchange without even knowing. Unfortunately, modern commentators believe this method for key exchange may not be strong enough to resist interception by extremely well-funded attackers, something we are seeing increasingly as global cybercrime (and espionage) increases.
In The News
This award comes at a spotlight moment for encryption. The FBI has publicly requested technology behemoths Apple create a backdoor into their iOS mobile operating system, found across the myriad iPhones and iPads of the world. Their focus is on a single device belonging to a now deceased man, who murdered 14 individuals in a terrorist attack at the Inland Regional Centre, San Bernardino, USA, on the 2nd December 2015. The FBI believe his phone could contain vital information pertaining to the attack, including details of any potential accomplices, or links with other terrorist organisations.
However, Apple have refused to cooperate with the FBI, reasoning that once the backdoor is created, the FBI and numerous other law enforcement agencies around the world will continually exploit the vulnerability, and despite their [the FBI] protests, it would never be “single use” as claimed. Other opponents to the FBI plan also correctly assert that once the vulnerability or backdoor is created, potential attackers would absolutely exploit the same vulnerability, claiming the FBI is naïve to believe otherwise.
Support for Apple
Long known as privacy and security advocates, it comes as no surprise both Diffie and Hellman have stated their opposition to the move. Constant evolution in the digital era has left many governments scrambling to stay abreast not only of the technology, but how their citizens access and utilise the technologies available to them. Before their research encryption was largely in the exclusive remit of government and military facilities. As Hellman states:
"The problem isn't so much with this first request, it's the precedent that it would set and the avalanche of requests that would follow."
Given the exposure of global surveillance programs by Edward Snowden in 2013, one wonders where the line will finally be drawn, and just how far our security services will push personal privacy issues, or if there are other forces at play here. Or as one US Senator put it: “I would be deeply disappointed if it turns out the government is found to be exploiting a national tragedy to pursue a change in the law.”
Image courtesy of Stuart Miles / freedigitalphotos.net.