Personal tales from the virtual crypt

This is ostensibly the story of modern cryptography, with digital signatures, unbreakable codes and public keys that do not need to be hidden in safes. As such it is a non-technical read with sufficient explanation to allow even a mathematical ignoramus to follow the plot. But what this book is really about is how the US National Security Agency attempted to suppress the new cryptographic knowledge to preserve its edge in spying over the rest of the world. Its fingers are shown to be in every pie, and it was seldom acting in anything but its own narrow interests.

When the IBM team designing the Data Encryption Standard (Des) in 1974 invented "differential cryptanalysis", and rebuilt their "S-boxes" to harden their cipher, the NSA suppressed the technique, and it was not reinvented in the open community until the 1990s. The NSA also forced Des to use short, 56-bit keys - which makes systems still fielded today insufficiently secure against "brute force" attacks.

Later in the 1970s, when researchers invented stream ciphers and phone scramblers, the NSA classified the patents. When cryptographers sought funding, the NSA attempted to hijack their grants and only the First Amendment prevented the NSA from suppressing academic papers. In the mid-1980s, when Lotus wanted to use Des in "Notes", the NSA blocked it, and what Lotus finally shipped had especially weak keys: which may not have prevented the Swedish government from using it, but certainly made the Swedes furious when they found out.

The majority of the history of modern cryptography took place in the United States. In the hands of an American journalist, you get a book with a "personality" approach to telling the story. We learn about Whitfield Diffie's love life long before we learn about the public-key cryptography that he helped to invent. This style may annoy some readers. It is also irritating to find typos aplenty. In one paragraph Blaise de Vigenère gets both acute and grave accents in his surname.

The book is strongest when dealing with the 1970s and 1980s. It shows how Diffie and Martin Hellman worked out how to swap secrets in plain sight. It covers Ron Rivest, Adi Shamir and Leonard Adleman (RSA), whose invention of an asymmetric system that allowed you to publish a key that would allow others to communicate with you securely. These academics fill the pages of Cryptography 101 , but less familiar characters are also introduced such as super-salesman Jim Bidzos, who sold the RSA's crypto to Lotus and Microsoft.

Phil Zimmermann's creation of PGP (Pretty Good Privacy) is covered fairly well, although the legal issues surrounding the licensing of RSA and the export of the program have clearly left the main participants reluctant to be totally frank about what happened. You are left to make up your own mind about who were the good guys.

The book is far weaker on David Chaum, who contributed the two workable anonymity schemes of MIXs and DC-Nets and who invented the "blind signature" schemes that allow for untraceable but secure electronic money. Some reasons for the failure of his Digicash company are hinted at, but there is no sense of authority here as to what may have happened or, given today's ubiquity of credit cards as payment method on the internet, how much it matters.

Thereafter, we are almost up to date and the book is struggling to keep up with events. Partly, it is hard to write history about yesterday - and it may be years before we fully understand the forces behind current crypto-debates. Mainly though, the issues have become global and an American book is not the place to explain about oceans, let alone contemplate the idea that there are other countries on the far side of them to which you wish to export your crypto-controls but not your crypto-software.

We get a quick canter through the Clipper debate and a taste of the key escrow proposals. However, there is nothing on "net centres" - where industry shares its goofs with law enforcement so that the bad guys can be hacked - nothing on Echelon and how the NSA gets the material to decrypt, and nothing on the Advanced Encryption Standard and the new era of global standards that should actually be secure.

There is a final chapter on James Ellis, Clifford Cocks and Malcolm Williamson, the British GCHQ researchers who discovered "Diffie-Hellman key exchange" and "RSA encryption" several years before D, H, R, S and A did their work. In the American style of the book, the topic is personalised by describing a trip by Diffie to meet James Ellis, but for once the emphasis on trivia is broadly correct - their work was a sideshow. The history of cryptography is about what was done with the technology and the forces who tried to prevent the inevitable. The British may have invented it, but it was Americans who made it matter.

I have laboured two weaknesses in this book, the US style and the fizzling-out in the 1990s; but that is only so the reader will not be disappointed. The core material is essential reading for those who want to know the background to crypto-politics, whether historians, mathematicians or computer users who wonder what is behind the padlock on their browser. Most important, readers will understand why the NSA is so distrusted and why its publishing of the source for a secure variant of Linux is being met with disbelief.

Richard Clayton has worked in the ISP industry for many years. He is currently a PhD student in the security group at the University of Cambridge.