Saturday, April 16, 2005

Would That be E-E-Mail?

President Bush recently revealed that he no longer uses email, because he doesn't want the press to know what he's writing to his daughters. This is understandable, but he's really denying himself a great convenience unnecessarily.

During the '90s, there was a substantial debate regarding publicly available cryptography. The government strongly backed a requirement that all encryption mechanisms have a back-door so that law enforcement could decrypt messages. This was called "key escrow," and it was wildly unpopular among most academics and online free-speech advocates (with a few notable exceptions).

One major problem with key escrow is that the government can ban certain forms of cryptography, but there's a limit to what it can do to enforce such a ban. If all software development were controlled, the government could in principle prevent the development and use of "illegal" cryptography. There is, however, a substantial free/open-source software development community, which has brought us a large amount of high quality software. (Just about everything that I run on my computers at work and at home is open source software.) If it can be done, and someone wants it, there's either an open source program to do it or one is under development. In terms of cryptography, the demand for non-escrowed crytographic mechanisms means these mechanisms will exist.

Fortunately, key escrow was eventually shot down, and even the export restrictions on cryptography have become progressively more relaxed. One advantage of this is that programs like GnuPG are not only widely available, but also perfectly legal to use. In fact, GnuPG has been integrated into a number of email clients, so encrypting or digitally signing your email is easy.

Mr. President, if you want the convenience of emailing your daughters but you don't want anyone but them reading it, give encrypted email a try.

No comments: