TweetFollow Us on Twitter

What is Cryptography Good For?

Volume Number: 13 (1997)
Issue Number: 11
Column Tag: Dialog Box

What Is Cryptography Good For, Anyway?

by Robert Hettinga, Boston

A look at why the market demands cryptography, because it makes electronic business more efficient

Cryptography allows you to do business with, work with, and trust people you don't know. It can also save a lot of time, programming, and machine resources, and thus, money.

Many people who talk about cryptography talk about it in political terms. We hear people talk about civil liberties, about freedom of speech, the right to bear "arms" (crypto is classified as a munition) or even freedom from having the government quarter "troops", in the form of key escrow authorities, on our hard drives. Frankly I've gotten tired of all the politics. Cryptography, like any other technology, is value neutral. Just like any form of progress, cryptography won't be adopted unless it makes our lives better. And that, I assure you, is what it is going to do.

I've talked extensively in speeches, on the net, and in articles like this one, about financial cryptography and how it's going to change the world, not by making our transactions invisible to big brother, but by forcing profit and loss responsibility down onto smaller and smaller organizations, and, eventually, to applications and microprocessors themselves. I joke about the day when, instead of a credit card association and a bank loaning us money for lunch, it will be a syndicate of individual "bond-bots" each taking a small piece of what could be called a personal digital bearer bond issue for that lunch, all based on our reputation and ability to repay.

I talk about routers which would move information around the net by charging minuscule bits of picocash, buying bandwidth low and selling it high -- sender pays -- in an instantaneously settled auction market for packet switching. Good bye to peering fights, NAPs, and the emerging hierarchy of super-routers and high-capacity backbones. Since each router makes money instead of costs money, it behooves routers to be connected to several other routers, creating a geodesic, instead of hierarchical, Internet. When a router saves enough money out of operations, it could buy a copy of itself. This whole idea of a self-organizing ecology of microeconomic entities makes a lot of people yell at me, particularly those who've spent their careers building bigger and bigger systems, but, then, as my friend Rodney Thayer says, "you're only as good as the people who yell at you". Since I've had some pretty clueful people yell at me, I must be on to something.

Financial Basics

Let's start with a little finance. It will help us understand things a little better.

One of the pervasive notions in the economy is that of the book entry. Modern double-entry bookkeeping is about keeping debits and credits in a database. Most of our transaction systems are about sending these debits and credits over wires: credit cards, checks, and almost all transaction settlement in the capital markets are all done with book-entry settlement. Try asking your broker for physical delivery of a stock certificate sometime, and you'll see what I mean.

We have book-entry settlement now because when telegraphy was invented, you couldn't send a bearer certificate, like those old fashioned bonds with rows of coupons on the bottom -- or paper money -- down a wire. We could send only stuff like "I'm debiting this amount from my account, please credit yours by the same."

One problem with book-entries is that you have to trust who sent them to you. This is usually done with access control lists and private proprietary networks. "Clubs" if you will, with a list of members, all biometrically identified (the SEC doesn't take fingerprints for fun), and strict rules for doing things with other members of the club. Break the rules and get thrown out of the club, or worse.

This is different from bearer certificates. With a bearer certificate, you can tell by inspection that the certificate is valid, and, if you know the public reputation of the person or company who issued the certificate, you can decide whether or not to trust them. For example, you can pretty much tell that a dollar bill is genuine by inspection, and you can trust that a modern dollar bill is worth something, but that a Confederate dollar isn't, simply by knowing the public reputation of the issuer.

Another problem with book-entries is that because they are basically unsecure transactions sent down a secure network, we have to have some kind of sanction to prevent fraud. By "sanction" we usually mean violence, usually "sold" by a nation-state of some kind. Nick Leeson, who recently brought down Barings Bank, was sent to jail for making the wrong book-entry. (They tried in Singapore but he escaped to Germany and was extradited to Britain.) Of course, if you send a book-entry to a machine in St. Louis, but you're in Kampala, there's a problem. The answer, of course, is a global government and police force. Right. Go look up Occam's Razor in the dictionary for an answer to that one...

With a bearer certificate, you can shun people who cheat you, which, in some ways, is better than violent sanction. It's certainly cheaper. Ask the Amish how well shunning works as social control. In a financial market, shunning is economic death. Nobody will do business with you.

The very biggest problem with digital book-entries is that they cost so much, and I don't mean just in paying taxes to support police. I mean in computer processing and storage. Not only must we keep lists of who can do what to whom and for how much, we also have to keep records of what we did with anybody else, so we can bust them for doing something wrong to us later. Also, for every transaction regime, there must be a trusted third party, usually called a clearinghouse, who has records of what everybody did to everybody else. On a typical credit card transaction, for instance, you, me, your bank, my bank, and the credit card company all have a record of the lunch I bought from you. We aren't even talking about the check I send to my bank monthly to actually settle my credit card transactions.

We also won't talk about the fact that anyone who scored high enough on a civil service test and now works at the Financial Crimes Enforcement Network (FinCEN) has the right to see those transactions. That's because, again, heretical as it is to the civil liberties folks, cryptography is not really about privacy. It's about economic efficiency and progress.

Creating Digital Bearer Certificates

How can we send a bearer certificate down a wire? Because we can now create digital bearer certificates using the blind signature algorithm developed by David Chaum, the founder of DigiCash. Using this algorithm I can create a unique cryptographic object which has value in the same way that a dollar bill is a unique printed object having value. Of course, those cryptographic objects can be moved down a wire.

Moore's Law dictates a more geodesic network by automating switching and dropping its cost in half every 18 months. It also allows us to pay for that switching very efficiently, by allowing us to automate and manipulate blind signatures and other cryptographic algorithms very cheaply. We, or better, our machines, can issue and spend these bearer certificates of any transaction size, from trillions of dollars to trillionths of a cent, all without keeping transaction records or access lists.

Pull the change out of your pocket and look at it. Do you remember where each and every coin came from? Do you care? When you spend them in a soda machine, does it care? No. Imagine a world where the soda machine or the Internet takes VISA. And, no, I don't mean of big brother, either. Imagine if the whole net cleared on a 90 day float time, at 18% interest... It's absurd. But, of course, I'm still not really here to talk about financial cryptography. I'm here to talk about access control.

Controlling Access with Bearer Certificates

Well, suppose you had some code you wanted to limit access to, say the SubWoofer source code, or maybe beta version of your software. Suppose, instead of creating and managing a list of developers and what they can see, or even passing around an easily compromised password, you just handed each of them a unique cryptographic object. A ticket, if you will. People could download the package, but only if they cashed in a ticket for it.

The neat thing about this idea is that you don't care who shows up with a ticket, because the tickets are unique and unreplicable. They have value, the value of one download of the SubWoofer source. You can e-mail them out, and if the person who receives the ticket doesn't use it and gives it to someone else, you still have issued only a finite number of copies of the code. Anyone who shows up with a duplicate ticket doesn't get the package. If you're really draconian, Chaum's protocol lets you take the "double-spent" ticket, compare it with the ticket you have taken in already, and identify the key which duplicated the ticket. No access control lists, but you still have to hang onto the tickets which have been turned in.

There are other problems, too. The above actually involves setting up a Chaumian mint and having patented, signature-blinding walletware. Unfortunately, DigiCash, like Chaum before them, have been playing dog in the manger with the patent and are not licensing it to people who could actually make some use of it. There has always been a problem of mistaken identity at DigiCash. First they thought they were CitiCorp, then they thought they were Microsoft, now they think they're VISA. Someday they'll wake up and realize they're cryptographers, or possibly Dolby and Co. (the audio technology people), and we'll all be better off for it.

Fortunately, there is an almost equivalent way to get the same result with minor modifications to an existing, public code base: PGP. It should be possible to do the following neat hack, a sort of a poor man's certification authority. Actually, we're creating something more important than a hierarchical "authority", we're creating a small, geodesic, "web" of trust. First, create a private PGP key which authorizes people to access the package. (PGP allows you to generate multiple private keys. Just create one for this particular "permission".) Then, using that key, digitally sign the public key of people who you want to have access, and send their signed keys to them. Now, create a quick and dirty browser plugin to hold a copy of the person's signed public key. (This also can then be used for other kinds of access signatures later.) Actually, you might as well put their signed key into the plugin and send it to them that way, since they won't have the plugin the first time around, anyway. Next, put a CGI on your webserver which reads the key in the plugin, and checks to see if it's signed by the right key. Again, this is a single key, an access control "list" which will always have one "record". Well, I suppose you might have two or three people, so you could have them each generate a special purpose key pair of their own, and store the public keys in the list of authorized signatures. Only the person who owns the key in the plugin can make the plugin work.

To use it, someone puts the plugin where their browser wants to see it, and goes to the URL you told them to. The CGI checks the "ticket pocket" plugin and sees if their signature is signed by the key which authorizes access. If not, they go to a page which tells them how to get permission. If they do have permission, then they just see the download page automatically. They can download as many copies of the package as they want, and whether they hand it around is covered, hopefully, by an NDA of some kind.

By the way, when someone talks about cryptographically "watermarking" an application, remember that all this does is tell where the code was stolen from, not who stole it. Clearly, this makes "watermarking" things a waste of time.

Anyway, once we've built the pieces, we can use this technology for anything we want to control access to. No passwords, no users accounts, no group list -- hardly any management at all. In fact, if everyone has the plugin already, all the authorizing person has to do is to download someone's public key off a keyserver somewhere and mail them a signed copy of it.

Cryptography is Easier than Bookkeeping

So now you know why cryptography is so cool, and, most especially, efficient. You don't need vulnerable and expensive databases, with probably secure but potentially unreliable session "pipes" linking them (SSL and SET for example), all to just move permissions, or decision rules, or abstractions of value -- like money -- around the net. Anytime you're confronted with a large and volatile database, especially if it requires another large list of people to have permission to change data in that list, ask yourself if you could do it all much better by creating cryptographic objects and moving them around instead of database entries.

As our ticket and certification web examples show, cryptography usually offers a better way to do it.

Occam's Cryptography, if you will. Cryptography is a weapon, remember?

Robert Hettinga,, is a financial cryptography industry pundit. He started several e-mail lists, a web site, a monthly luncheon group, and even an annual conference in Anguilla, all to talk about financial cryptography. See the e$ web site for more information about his various services.


Community Search:
MacTech Search:

Software Updates via MacUpdate

OfficeTime 1.8.2 - Easy time and expense...
OfficeTime is time and expense tracking that is easy, elegant and focused. Other time keepers are clumsy or oversimplified. OfficeTime balances features and ease of use, allowing you to easily track... Read more
Dash 4.1.6 - Instant search and offline...
Dash is an API documentation browser and code snippet manager. Dash helps you store snippets of code, as well as instantly search and browse documentation for almost any API you might use (for a full... Read more
Civilization VI 1.1.0 - Next iteration o...
Sid Meier’s Civilization VI is the next entry in the popular Civilization franchise. Originally created by legendary game designer Sid Meier, Civilization is a strategy game in which you attempt to... Read more
Network Radar 2.3.3 - $17.99
Network Radar is an advanced network scanning and managing tool. Featuring an easy-to-use and streamlined design, the all-new Network Radar 2 has been engineered from the ground up as a modern Mac... Read more
Quicken 5.5.6 - Complete personal financ...
Quicken makes managing your money easier than ever. Whether paying bills, upgrading from Windows, enjoying more reliable downloads, or getting expert product help, Quicken's new and improved features... Read more
Civilization VI 1.1.0 - Next iteration o...
Sid Meier’s Civilization VI is the next entry in the popular Civilization franchise. Originally created by legendary game designer Sid Meier, Civilization is a strategy game in which you attempt to... Read more
Network Radar 2.3.3 - $17.99
Network Radar is an advanced network scanning and managing tool. Featuring an easy-to-use and streamlined design, the all-new Network Radar 2 has been engineered from the ground up as a modern Mac... Read more
Printopia 3.0.8 - Share Mac printers wit...
Run Printopia on your Mac to share its printers to any capable iPhone, iPad, or iPod Touch. Printopia will also add virtual printers, allowing you to save print-outs to your Mac and send to apps.... Read more
ForkLift 3.2.1 - Powerful file manager:...
ForkLift is a powerful file manager and ferociously fast FTP client clothed in a clean and versatile UI that offers the combination of absolute simplicity and raw power expected from a well-executed... Read more
BetterTouchTool 2.417 - Customize multi-...
BetterTouchTool adds many new, fully customizable gestures to the Magic Mouse, Multi-Touch MacBook trackpad, and Magic Trackpad. These gestures are customizable: Magic Mouse: Pinch in / out (zoom... Read more

Latest Forum Discussions

See All

Construction Simulator 2 reaches its fir...
Construction Simulator 2 debuted iOS and Android devices exactly one year ago, and publisher Astragon is marking the game’s first anniversary with a range of time-limited discounts. It’s been a successful debut for the civil engineering sim, which... | Read more »
All the best games on sale for iPhone an...
This week's list of games on sale for the iPhone and iPad isn't too bad really. There's some gems on here, as well as some games that have had their prices cut low enough that you can look past the rough edges and questionable decisions. [Read... | Read more »
The best games that came out for iPhone...
It's not a huge surprise that there's not a massive influx of new, must-buy games on the App Store this week. After all, GDC is happening, so everyone's busy at parties and networking and dying from a sinister form of jetlag. That said, there are... | Read more »
Destiny meets its mobile match - Everyth...
Shadowgun Legends is the latest game in the Shadowgun series, and it's taking the franchise in some interesting new directions. Which is good news. The even better news is that it's coming out tomorrow, so if you didn't make it into the beta you... | Read more »
How PUBG, Fortnite, and the battle royal...
The history of the battle royale genre isn't a long one. While the nascent parts of the experience have existed ever since players first started killing one another online, it's really only in the past six years that the genre has coalesced into... | Read more »
Around the Empire: What have you missed...
Oh hi nice reader, and thanks for popping in to check out our weekly round-up of all the stuff that you might have missed across the Steel Media network. Yeah, that's right, it's a big ol' network. Obviously 148Apps is the best, but there are some... | Read more »
All the best games on sale for iPhone an...
It might not have been the greatest week for new releases on the App Store, but don't let that get you down, because there are some truly incredible games on sale for iPhone and iPad right now. Seriously, you could buy anything on this list and I... | Read more »
Everything You Need to Know About The Fo...
In just over a week, Epic Games has made a flurry of announcements. First, they revealed that Fortnite—their ultra-popular PUBG competitor—is coming to mobile. This was followed by brief sign-up period for interested beta testers before sending out... | Read more »
The best games that came out for iPhone...
It's not been the best week for games on the App Store. There are a few decent ones here and there, but nothing that's really going to make you throw down what you're doing and run to the nearest WiFi hotspot in order to download it. That's not to... | Read more »
Death Coming (Games)
Death Coming Device: iOS Universal Category: Games Price: $1.99, Version: (iTunes) Description: --- Background Story ---You Died. Pure and simple, but death was not the end. You have become an agent of Death: a... | Read more »

Price Scanner via

Apple restocks clearance 2016 13-inch MacBook...
Apple has Certified Refurbished 2016 13″ MacBook Airs available starting at $809. An Apple one-year warranty is included with each MacBook, and shipping is free: – 13″ 1.6GHz/8GB/128GB MacBook Air: $... Read more
Thursday roundup of the best 13″ MacBook Pro...
B&H Photo has new 2017 13″ MacBook Pros on sale for up to $200 off MSRP. Shipping is free, and B&H charges sales tax for NY & NJ residents only. Their prices are the lowest available for... Read more
Sale: 9.7-inch 2017 WiFi iPads starting at $2...
B&H Photo has 9.7″ 2017 WiFi Apple iPads on sale for $40 off MSRP for a limited time. Shipping is free, and pay sales tax in NY & NJ only: – 32GB iPad WiFi: $289, $40 off – 128GB iPad WiFi: $... Read more
Roundup of Certified Refurbished iPads, iPad...
Apple has Certified Refurbished 9.7″ WiFi iPads available for $50-$80 off the cost of new models. An Apple one-year warranty is included with each iPad, and shipping is free: – 9″ 32GB WiFi iPad: $... Read more
Back in stock! Apple’s full line of Certified...
Save $300-$300 on the purchase of a 2017 13″ MacBook Pro today with Certified Refurbished models at Apple. Apple’s refurbished prices are the lowest available for each model from any reseller. A... Read more
Wednesday deals: Huge sale on Apple 15″ MacBo...
Adorama has new 2017 15″ MacBook Pros on sale for $250-$300 off MSRP. Shipping is free, and Adorama charges sales tax in NJ and NY only: – 15″ 2.8GHz Touch Bar MacBook Pro Space Gray (MPTR2LL/A): $... Read more
Apple offers Certified Refurbished Series 3 A...
Apple has Certified Refurbished Series 3 Apple Watch GPS models available for $50, or 13%, off the cost of new models. Apple’s standard 1-year warranty is included, and shipping is free. Numerous... Read more
12″ 1.2GHz Space Gray MacBook on sale for $11...
B&H Photo has the Space Gray 12″ 1.2GHz MacBook on sale for $100 off MSRP. Shipping is free, and B&H charges sales tax for NY & NJ residents only: – 12″ 1.2GHz Space Gray MacBook: $1199 $... Read more
Mac minis available for up to $150 off MSRP w...
Apple has restocked Certified Refurbished Mac minis starting at $419. Apple’s one-year warranty is included with each mini, and shipping is free: – 1.4GHz Mac mini: $419 $80 off MSRP – 2.6GHz Mac... Read more
Back in stock: 13-inch 2.5GHz MacBook Pro (Ce...
Apple has Certified Refurbished 13″ 2.5GHz MacBook Pros (MD101LL/A) available for $829, or $270 off original MSRP. Apple’s one-year warranty is standard, and shipping is free: – 13″ 2.5GHz MacBook... Read more

Jobs Board

Payments Counsel - *Apple* Pay (payments, c...
# Payments Counsel - Apple Pay (payments, credit/debit) Job Number: 112941729 Santa Clara Valley, California, United States Posted: 26-Feb-2018 Weekly Hours: 40.00 Read more
Firmware Engineer - *Apple* Accessories - A...
# Firmware Engineer - Apple Accessories Job Number: 113452350 Santa Clara Valley, California, United States Posted: 28-Feb-2018 Weekly Hours: 40.00 **Job Summary** Read more
*Apple* Solutions Consultant - Apple (United...
# Apple Solutions Consultant Job Number: 113501424 Norman, Oklahoma, United States Posted: 15-Feb-2018 Weekly Hours: 40.00 **Job Summary** Are you passionate about Read more
*Apple* Inc. Is Look For *Apple* Genius Te...
Apple Inc. Is Look For Apple Genius Technical Customer Service Minneapolis Mn In Minneapolis - Apple , Inc. Apple Genius Technical Customer Service Read more
*Apple* Genius Technical Customer Service Co...
Apple Genius Technical Customer Service Columbus Oh Apple Inc. - Apple , Inc. Apple Genius Technical Customer Service Columbus Oh - Apple , Inc. Job Read more
All contents are Copyright 1984-2011 by Xplain Corporation. All rights reserved. Theme designed by Icreon.