Customer Reviews

Crypto: How the Code Rebels Beat the Government--Saving Privacy in the Digital Age

5 star:		(27)
4 star:		(13)
3 star:		(4)
2 star:		(0)
1 star:		(3)

 

 

Levy is one of my favorite essayists. He finds a compelling story, researches it exhaustively, and then shares his excitement. The history of Internet cryptography is a perfect subject for Levy, who delights in recounting stories about technoradicals with new ideas who see them through to fruition.

Encryption truly is one of the most critical technologies necessary for a smoothly functioning virtual world, and is very much the case that the U.S. Federal Government successfully delayed the general availability of strong encryption for at least a decade. (Future economists may point back to the last two decades of the 20th century and show how this failed government policy was responsible for the loss of U.S. dominance in the high-tech market.)

It would have been easy to take the politically correct road and portray the Feds as being evil conspirators, bent on maintaining their own power and pride at the expense of the entire world. Levy chooses a more balanced approach, depicting the NSA in nearly heroic terms. He is especially sympathetic towards Clint Brooks (a name I did not know), an NSA lifer who developed the key escrow concept as a compromise that would allow widespread public utilization of strong encryption while still allowing law enforcement (and of course, intelligence agencies), the ability to intercept communications under controlled circumstances. If both the NSA and their philosophical opponents are heroes with noble goals, a tragic ending is inevitable, which adds an element of pathos to this triumph of democracy.

As a former software vendor, I've been totally frustrated by both the crypto export laws and by the NSA attitude of "If you only knew what we knew, you wouldn't even ask that question." That argument turned out to be just as specious now as everyone thought it was at the time, but the marvelous aspect of this book is that Levy is able to make a cynic like me accept that the people within the Puzzle Palace have legitimate motivations. (He is much harsher on the FBI, and creates an especially unflattering portrayal of Louie Freeh). It's a well-balanced approach to a very contentious subject, which adds considerably to the author's credibility.

Personalities loom large in a history like this one, and Levy is a master at drawing them out of their personal shells and detailing aspects of their private lives to explain their motivations and feelings. Whitfield Diffie is the old master who had the vision to conceive of a new model for encryption that would meet the unprecedented needs of a network society. Ron Rivest was the energy behind the development of the most significant public key algorithm, created by an unlikely trio of inventors. Jim Bidzos was a young playboy who found the commercialization of the RSA technology to be the challenge he needed in his hitherto shallow life of world travel, hot cars and fast women. Like Diffie, Phil Zimmerman marches to a drummer that only he can hear, yet this amateur programmer succeeded in popularizing strong encryption long before RSA and its millions in venture cap money did. Given his ten years of personal research and interviews of the people he chronicles, Levy's will probably be the definitive written account on many of these quirky visionaries.

The book is a quick read, but a good one. Technically, it is very accurate, with one unfortunate mistake on page 178 where it reads "Then he uses the hash function to recreate Alice's message from the digest..." Hash functions are 1-way functions, and cannot be reversed. If it read instead, "Then he uses the hash function to recreate Alice's message digest..." it would be more accurate. In order to verify a digital signature, the encrypted hash value provided by the sender is decrypted by their public key, which is then compared to another hash value generated by the verifying party (see p. 38 of "Applied Cryptography, 2nd Edition" by Bruce Schneier). Other than this confusion over how digital signatures are verified, the book does an excellent job of presenting the concepts of public key encryption to a non-technical reader. Besides being an enjoyable tale of business and technology history, this book could also be considered an executive-level introduction to the need for encryption on the Internet and the ways in which modern implementations provide it.

If you want to know what is happening when that little lock icon at the bottom of your web browser closes, you'll find a conceptual answer in this book. You'll not only learn the sequence of events that led to the development of SSL, but you'll also read the history of the first successful attempt to crack SSL security, and its significance to you as a customer of sites like Amazon. "Crypto" should appeal not only to those who are interested in the history of technology, but anyone wanting to understand more about the history and personal and commercial use of encryption on the Internet. Anyone involved in an e-commerce project or with an interest in information security would find this an interesting and accessible book. It is not a technology book per se, but I think most technically-oriented people will enjoy reading about how people like them had the drive and vision to change the world-especially when the odds were so heavily stacked against them.

This is a compelling and important story that needs to be told and understood. Levy is neither the first to undertake this telling, and undoubtedly won't be the last, but I'm convinced that this will become a classic of technology history-even more so than his earlier books. His thoroughness, extensive research, and evenhanded approach will make this book an important source for future researchers.

Steve Levy presents an accurate picture of the events surrounding todays crypto debate in his book "Crypto." Unfortunately, he does it with the same narrative style he uses for his magazine articles. The result is that the events are correct, but the story unfolds more like a textbook, not a novel.

Overall, it is an interesting (if dry) read, and, at times will add words (a la Neal Stephenson in Cryptonomicon) to your vocabulary. If you are interested in the history of todays debates on cryptography, I recommend it. If you want to know more about cyphers and other code making/breaking, I would recommend something like Simon Singh's "The Code Book."

This book is an entertaining account of many of the people and episodes involved in making cryptography and cryptanalysis a respectable and important topic of work for scientists and engineers not affiliated with any government agency. The incidents recounted that I happen to know about personally are well and accurately described here. But there are a couple of gaps.

First, some of the key players "on the outside" are not mentioned; this may well be because most of those who aren't mentioned by now are "insiders." But this results in some of this book being a bit misleading. For example, serious work on cryptanalysis by outsiders, including one piece of work that Admiral Inman, when head of NSA, described as "the most brilliant piece of civilian cryptanalysis since World War II", was already going on by the late 1970s; this had serious national security implications, and helps to explain why NSA was so ambivalent about "outsiders" engaging in *any* crypto research. Overall, although NSA goofed badly several times, I think they managed to keep a more balanced view on the issue than I might have expected. The fact that Levy doesn't mention some of the key "outsider" work suggests to me that he may not have talked with (or at least didn't gain the confidence of) such people as Cipher Deavours and David Kahn, who could have given him perspective on the "outsider" work that he doesn't discuss.

Secondly, I infer that he was unable to get any of the NSA side of the story from NSA itself. This is a pity. It's presumably not Levy's fault; NSA only talks to people it decides to talk to, and then says only what it decides needs to be said. I assume that Levy tried to get information from NSA and failed; I don't know. But if NSA stonewalled Levy, it's because he didn't make the right contacts to get in touch with somebody who would have been willing to talk with him about NSA's viewpoint on various issues Levy discusses that are not sensitive in NSA's view. That extra information would have helped make Levy's book clearer and more complete. In spite of this, Levy is quite fair to NSA, which speaks well of his thoughtfulness and balance.

So, overall I regard this as a good book, well worth reading, provided one keeps in mind that it's not the complete story.

This easy-to-ready short history by writer Steven Levy, who has written numerous articles for Wired, is a very well-researched volume on the human side of public-key cryptography.

Levy has interviewed all of the major players: Diffie, Adleman, Chaum, Zimmerman, and others; he's done nearly a decade of research on the subject, and monitored the sci.crypt.* newsgroups. Clearly, this is an authoritative account of the short 30-year history of public key.

The main theme of the book is how the NSA tried to stifle new developments by the researchers, placing secrecy orders and classifying their patents and papers. Throughout the book, as Levy draws out the characters, it's the crypto community vs. the government, until ultimately the cypherpunks win out.

This book doesn't contain a single diagram; no photos, and no equations at all. So if you're looking for a technical introduction to crypto, look elsewhere; this is purely an informally-written account on the people behind the scenes.

Five stars, for what it is; sure, Levy writes with magazine-style prose, but this fits the high-level view he takes on the subject. Most importantly, this volume was exhaustively researched and has the collaboration of all of the key players, which lends Levy's account great credibility.

Riveting true stories that are well researched. Levy weaves an intriguing account of cryptography's "eccentric patriots" and their dedication to the craft. It is primarily a story of people and the government politics that tried to ensnare them, not a treatise on ciphers and hashing algorithms. Explanations of cryptography are lucid, even if math wasn't your best subject.

It's an excellent addition to American historical literature that we've sorely lacked after 50 years of Cold War stifled journalists from reporting details about anything that might threaten national security.

Non-fiction literature buffs and researchers will appreciate the copious endnotes, glossary, and index. While it also includes an extensive bibliography, Levy conducted many interviews to write this original work.

Cryptography has become one of the most important technologies in a secure digital world. It makes possible digital signatures, protection of confidential information, protection against tampering--or at least provides notification that tampering has occurred--and secure authentication of users. In an age when the simplest security breeches of highly visible dot-coms makes the front page of the popular press, cryptography and related technologies are making their ways into almost all of the software products we use daily.

But it's easy to forget that only recently did cryptography become available for non-government users. Reaching this point was a long and hard battle with what used to be the most secret of government organizations, the National Security Agency (NSA). Bit by bit, researchers outside the agency made fundamental discoveries that eroded NSA's ability to control cryptography. Until finally the government was forced to come to terms with the digital age where the secrets could make their way around the globe in seconds.

This is the story that Steven Levy tells. Although the book tends to portray researchers outside the NSA as skillful and lucky heroes, and those inside the NSA as pompous but brilliant ideologues, it's a compelling story. The book is roughly chronological, starting with Whit Diffie's independent discovery of public key cryptography, one of the major breakthroughs that made the field feasible, the story of RSA, the ill-fated Clipper chip, and concessions the NSA was forced into against overwhelming pressure.

The author outlines the development of a people's cryptography and its collision with the U.S. government. The book is about privacy in the information age and about the people who saw many years ago that the Internet's greatest virtue was its greatest drawback: free access to information that leads to a loss of privacy.

From a developer's standpoint, the story is interesting because it explains many of the features of cryptography as we know it today, making it easier to put them to efficient use. For example, what was the big deal with keys longer than 40-bits that the government restricted them from export? And just how much safer are 128-bit keys? Sure, we all have heard the number of hours or millennia today's computers take to break such keys, but why those specific numbers?

As with most complex controversies, both the government and the outsiders make compelling arguments for their case. Cryptography has long been the province of governments, and wars have been won and lost on the success of keeping secrets secret. But in a demographic society, individual privacy is almost sacrosanct, even though it is not explicitly guaranteed in any of the documents on which the U.S. is founded. Crypto tells the story of how these conflicting interests have been sorted out to the current state of affairs.

I'm a computer engineering professional, and am currently reading everything I can on data security, encryption, securing messages between two points, etc. I am in the middle of reading 2 technical books on security protocols, and deployment of these protocols and procedures in an e-commerce environment. I got Mr. Levy's book, because I hoped it would help me understand the soft side of these technologies, the intention of them, and not just how to install them. I've read Hackers and Artificial Life, and enjoyed both these books. But, I found Crypto to be too involved in the personalities of the original inventors. Maybe that's the point of the book. But, I was hoping to get a solid understanding of what goes on in Cryptography and Security, as well as being introduced to the inventors. I was hoping for something like Gilder's 'Telecosm', which explains the technology as well as the people behind it. Crypto doesn't attempt to explain the technology, and that's where I'm left wanting.

If you liked Hackers, you'll love Crypto. It's written in the same spirit, celebrating cryptographers in the same way Levy celebrated hackers, and along the way makes a really strong case for private freedoms over government intervention. It's a great story, very newsworthy, and Levy really knows his stuff. And if you haven't read Hackers, try that one, too. You won't be disappointed!

According to the flyleaf, David Kahn (who wrote "The
Codebreakers") said of this book that "Steven Levy has written
cryptography's 'The Soul of a New Machine'". There may be some
truth to that, but mostly it implies a level of prose that is not
in evidence in this book. Steven Levy is no Tracy Kidder, aside
from an occasional tendency to let his prose override his
writing. What Levy is, however, is a pretty good technology
journalist, and the book is at its best when it trades on that
background. Indeed, Levy used a great deal of research in this
book which doesn't appear to have been used for his earlier
magazine articles. While the book is not footnoted, there is an
extensive "notes" section at the end. There is also a
bibiliography, and an index.

One thing that Levy fails to do is make his "characters" come
across as fascinating individuals. This is not for lack of
trying -- clearly he finds them fascinating himself. However,
his prose fails him, particularly when trying to raise what a
journalist would call "human interest."

The strength of the book is not in its revelations of fact
either. The events described are already well-known to anybody
with an interest in the subject (in a number of cases,
particularly for events over the last decade, this is due to
Levy's own journalism in "Wired" and elsewhere). Aside from
filling in the history for those previously unaware of it, Levy's
interviewing skills turn up new evidence of the answers to one of
the most frequently repeated questions in the history of open
cryptography: "what were they thinking?"

For me, that is both the most important and the most interesting
question that Levy needed to face, and he takes it head-on. In
particular, he adds considerable scope (although little depth) to
describing the history of the Clipper chip. What were the NSA
(and the politicians) thinking? Well, as Levy describes it, the
key was the conflict between the FBI and the NSA, and the
illogical government approach was largely driven by the resulting
schizophrenia. Conspiracy nuts won't like that conclusion, but
it makes more sense than believing that the government really
expected it could put the crypto genie back into its bottle.

For those who don't appreciate the importance of crypto in the
Internet-connected age, this book is the best education in that
area. There is room for a better one to replace it, but it

doesn't exist now, and likely won't be written.

... is Stephen Levy.

I am not myself a CypherPunk (a term self-chosen by the community, not a perjorative assigned to them by outsiders), but I am a member of the DC-CypherPunks mailing list. Many people on this list are real CypherPunks. We've even got a couple of real-world cryptographers, a world-respected net.journalist (Declan McCullough), and an acknowledged net.author (Dave Banisar).

We had a party to celebrate the expiration of the Diffie-Hellman patent, and we were honored to have Whit Diffie himself attending. While I wasn't there thirty years ago, I have personally met some of the people who were, and who have been in the trenches during the ensuing battle.

Every single person on the list who has expressed an opinion on the subject says that Stephen Levy is the only author they trust to tell the story the way it is (and was).

I don't actually have my copy yet, but I have read excerpts, and I have heard nothing but the best from the people who've actually been there. I'd give it three thumbs-up, if I had an extra.