Guy Reams (00:01.272)
This is day 311, code is speech. Sometimes I like to just take dives into things that interest me. I was contemplating today the evolution of cryptography, primarily because I'm working on some ideas surrounding the early work of Alan Turing. In World War II, Allied codebreakers under the direction of Turing built the electromechanical bomb to crack Germany's enigma traffic.
which was a state-run, ultra-secret enterprise that set the tone for creating strong cryptography as a military asset. It was a general concern and fear that encrypted communication might be used in the future, considering the impact Allied codebreaking had on the outcome of the war. In 1976, Whitfield Diffie and Martin Hellman published the first open description of public key cryptography.
showing how two people could establish secrets without a pre-shared key. This is actually pretty interesting. If I have a shared key, how do I get it to somebody without transmitting it across the unsecured media? This might be one of the most significant or single most impactful papers of our modern age. Considering how important digital security has become for us. A year after they published this,
Rivesh Shamir and Adelman introduced RSA, enabling both encryption and digital signatures. Without these concepts, we may not have seen the explosion of e-commerce and other transactions on the internet, which would not have happened for many more years in the future. However, perhaps one of the unsung heroes of our modern age is Phil Zimmerman. In 1991, he released PGP, or what is known as Pretty Good Privacy.
a free tool that used a hybrid design, fast symmetric encryption for the message and public key cryptography to protect the one-time session key, plus a decentralized web of trust to verify identities of people. That design made strong privacy practical for ordinary users. People can now easily share encrypted messages without expensive or difficult to use software.
Guy Reams (02:29.088)
Additionally, the method of using a one-time session key made the communication efficient enough for the lower bandwidth environment of the early 1990s. Because the U.S. legally treated strong crypto as a weapon of war, PGP's global spread triggered a multi-year federal investigation of Zimmerman. His response was as clever as it was symbolic. He published the full PGP source code in a printed book from MIT Press.
Asserting that code is protected speech. I consider this one of the most bravest, most impactful exercises of free speech that any one individual has undertaken. I would put this up next to the Declaration of Independence in terms of impact. Of course, I say that as a total computer science nerd, but seriously, look at our society today. Where would we be if secure communication were not free?
Zimmerman is in his 70s now and what a world he has seen explode since the controversy he raised in the early 90s. After three years, the Justice Department eventually dropped its case against him in January 1996 and they didn't file any charges. A PhD student at Berkeley, Daniel Bernstein, would file a series of lawsuits claiming the US government was violating his First Amendment rights
by trying to apply export laws on encryption to his desire to publish papers on this topic. These cases ultimately established that publishing encryption source code is protected speech, and the US began relaxing its stance on encryption overall. I think there's a strong correlation here. Amazon did not start making money until after all of this had happened. The dot-com boom was most likely a direct result of SSL, or secure sockets layer,
which allowed transactions on the internet to be secure and encrypted. It is hard to believe that the US government actually proposed a project called Clipper Chip, in which it would hold secure keys and escrow, just in case they were needed. Luckily, individuals like Zimmerman and Bernstein fought hard to prevent this type of mentality from prevailing. Once the legal cloud lifted, strong crypto became the default.
Guy Reams (04:52.398)
browsers moved to using HTTPS and modern apps adopted end-to-end encryption. Today, the majority of web traffic is encrypted, a direct legacy of all these technical and policy battles of the 90s. Turing's wartime code breaking showed the power of cryptography in the hands of the state. Diffie and Hellman, and later RSA, showed how to do it publicly.
Zimmerman, through his PGP software and his boldness, made it personal and easily accessible. These pioneering efforts catalyzed a social and legal shift so that strong encryption could be used by anyone and not just by governments. And here we are.