April 08, 2002 | I interviewed Simon Singh, author of
The Code Book (1999), during a campus visit to Centenary
College. After he mesmerized one of my classes and delivered a series
of energizing lectures, we chatted about various aspects of cryptography
Bryan Alexander: In your 1999 book, specifically in chapters
4, 5, and 6, you make an impressive case for the importance of Alan
Turing, both as cryptography and as major Allied war hero in WWII.
Just a generation ago, he was scarcely known beyond small circles
of computer historians and codebreakers. Now, in 2002, how is the
recuperation of Turing going?
Simon Singh: Everyone knows about Turing. He is an herroic
figure, now recognized as a person who laid the foundations for
computing; who made an unparalleled contribution to codebreaking
in WWII, who save countless lives on both sides. And a figure
or martyr for the gay movement. Breaking the Code, a great
play, and Andrew Hodges book (Engima) were the first
works to bring his work to light, doing an extraordinary job in
researching Turings life, documenting his contributions. From
Hodges, Hugh Whitemore got the inspiration for his play. Derek Jacobis
took Turings story to a new audience,
millions of people who saw the play. Whenever I give a talk, I start
with the assumption that people know who Turing is. From the statue
in Manchester, to Web sites like Alanturing.net and Andrew Hodges
homepage, Turing is established.
BNA: Why did he remain in obscurity, and why emerge only
SS: Bletchley Park [the home of the British Enigma-cracking
effort] was a secret story for decades. Turing couldnt tell
his own headmaster that hed actually fought in WWII. Not until
the late 1970s, when computers become big, and artificial intelligence
becomes something people can talk about; and the Bletchley Park
story gets revealed in documentaries and movies and books. It was
natural, then, for Turing to come to the fore. Additionally, theres
the tragic story of a man persecuted for his sexuality. I bring
this up whenever I talk to schools. For schoolkids, sexuality is
still hard to talk about.
BNA: What about this Hollywood film, U-571? Doesnt
that give a misleading take on crypto and WWII?
SS: The whole story of the second world war is too huge.
U-571 is a tribute to some brave people who did things to
contribute to the codebreaking effort. Its such a wild fantasy
the Americans destroyer sinks, theyre attacked by their
own side its all fantasy. But like Saving Private
Ryan, which tells the American part of D-Day, it focuses on
Generally, code-breakers dont get appreciated for their work.
And today code-breaking is brute force, which isnt really
interesting. Code-breakers are much more appealing.
BNA: Speaking of brute force, what's the historical role of
Microsoft and cryptography? The Redmond giant has famously missed
the boat on several important technological revolutions, like the
SS: For a thousand years, this business has been dominated
by governments, the military, and occasionally the church (the Vatican,
for example). This continues into the start of the 20th
century. Only when the telecommunication revolution takes off, do
business start thinking about crypto. Things like the telegraph
inspire business to start thinking about it. Not until you get to
people like Diffie and Hellman, do academics and people outside
government start playing a role. Today, there are major, major players
in the public realm. Crypto has moved very much into the public
realm you have research wings of businesses and schools.
BNA: What's your assessment of cypherpunk's political aspirations?
The 1990s saw an explosion of political dreams, based on cryptography.
(See Crypto Anarchy, Cyberstates, and Pirate Utopias, MIT)
SS: The number of people on line was much smaller, back then.
Only now are people needing to think about these issues. The time
wasnt right, then. Maybe in the next 10 years therell
be a mass shift towards encryption for and by everybody. Now, its
shocking how unaware people are. Encryption has invaded so much
of our lives without people being aware of it. Things like cell
phones whenever you make a call, its encrypted. Its
so transparent you dont have to type a password, you
dont hear a crackling noise, no red light lights up. In a
way, thats a bad thing. I was talking to a company about a
new encryption scheme for e-commerce. You buy something online,
you type in a password, then they ring your mobile; youd have
to type in a 4-digit number, then the transaction would be
completed. Its overkill, but if someone steals your credit
card, they wont be able to do anything unless they steal your
mobile. The consumer has to do something. If they type in
the code, they feel as if theyre doing something. Their ethos
is dont make encryption too transparent.
BNA: Like cars, omnipresent but not largely understood?
SS: No, passengers know theyre in a car! People know
they have a phone, they know it tells them talk
but they dont
know it gives away their position.
Technology and the Present
BNA: Why is steganography so appealing, both popularly and
SS: Its important from the point of view that its
subversive. Crypto is clandestine; but to send messages, and to
have you not even know Im sending them, has a great appeal.
Practical application: what would happen if there is a huge clampdown
on crypto? In some countries, there [already] is. I imagine steganography
would be used every day by human rights groups
you from sending encrypted messages, because it looks like youre
sending random noise. But sending steganography means you cant
be arrested for something they cant find.
BNA: Habeus corpus for the information age?
SS: Right, thats the parallel. There will be greater
development, but not necessarily greater use. People will develop
it. For now, no one will send email by it. Like quantum cryptography
systems now are perfectly strong.
BNA: Will we see more of steganography, especially after
several rumors about al-Qaeda using it?
SS: Yes, 9-11 might awaken interest.
BNA: Id like to ask about a public key issue. Are public
key servers going to play a useful role?
SS: Yeah! But most people havent created their own
BNA: How is quantum cryptography developing, currently? Quantum
computing certainly looks
SS: Quantum cryptography gives a new level of security. It really
works. Its part of quantum computing, but people tend to think
of massively parallel computing thats a long way off.
But quantum cryptography really does work. Its a real technology.
You can send quantum cryptography messages for tens of kilometers.
Problem is the ideal wavelength photons you cant
have them scattered, so you have to tune them to the ideal wavelength.
At that wavelength, photon detectors arent very good. 50-60
km, thats been done. You could set up a quantum cryptography
network between several banks, government buildings. A university
in Geneva did a successful experiment with this, and has set up
a little company to commercialize it. They figure that the Swiss
banks data is so valuable, itll be worth investing in
QC - long-term, for protecting yourself for centuries. In Los Alamos,
theyre looking at QC through air tougher, due to particulates,
turbulence, etc. Theyve send QC message through the desert
for distances of up to a mile, or half-mile. That doesnt sound
like a lot, but sending messages upwards, to a satellite,
means that you dont have to go through much atmosphere, after
BNA: With the success of distributed computing projects,
such as Intel's anthrax research and SETI@HOME, this CPU-sharing
strategy seems to be a significant part of the cyberscape. What's
happening with distributed decryption projects, like Distributed.net?
SS: It really doesnt matter that much. People bandy around
these numbers - key length, years of cracking, etc. Distributed
computing wont make much of a difference. What happens is,
people like RSA are always keen to find out the state of codebreaking.
So theyll offer codes to be cracked , for prizes one
way to crack is by distributed computing. That gives RSA, the NSA,
etc. a good idea of where we are today. But these challenges are
trivial, in comparison with whats available out there. Like
the code in my book (The Cipher Challenge, for prize
money), I could have made it much harder. People offer deliberately
BNA: But what about Moores law?
SS: But it might take a hundred years to catch up, and I
can just use bigger numbers. Itll take a qualitatively different
BNA: Cell phones have taken off in the past few years, with
enormous numbers of people shifting from land lines to mobiles.
As cell usage takes off quantitatively, and expands in quality (texting,
Bluetooth, broadband), will users become concerned about security
and encryption for their communications, thereby boosting popular
awareness of crypto?
SS: Crypto will still be built in. People will buy cells, assuming
them to be as secure as a land line, oblivious to the workings of
crypto inside. I dont think itll register in that way.
BNA: What about technologies like Bluetooth, and possibilities
of cell spam?
SS: There are advantages to being swamped with useful stuff.
You arrive in Munich, and find out a jazz musician youve been
looking for is playing there.
In this sense, crypto is a facilitator. You want what it facilitates,
but dont have to worry about the process.
BNA: So the mere prevalence of cell crypto wont spur
a popular awakening of interest in crypto?
SS: No. Digital signatures might do it, if we need them.
Once you have a digitial signature, people can send things to you.
That takes effort, requiring awareness on the part of the user.
BNA: Since the September 11th attacks, many people
have been rethinking their attitudes towards policies and technologies
with security implications. On the one hand, theres a drive
towards allowing more governmental scope to surveil and control
crypto (see, for example, the Patriot Act, or the NSAs Assured
Information Directorate. On the other, theres a strong
civil libertarian defense, based partly on a sense that al-Qaedas
crypto savvy might
be overestimated. How have American and public attitudes towards
crypto changed, since 9-11?
SS: There must be a greater push for a clampdown.
People say the genie is out of the bottle, but things can change.
Theres no reason the government couldnt clamp down,
with such a threat. Similarly, if a government abused its control,
theres no reason there wouldnt be a pro-privacy backlash.
But the population really needs to understand the issues at stake:
global surveillance systems like ECHELON, how strong these systems
are. We say a code is unbreakable, but they might not realize that
that really means unbreakable.
BNA: Since cryptography has increased in popularity over
recent years, what is its role in education? For example, what do
you think of the teaching of crypto - aside from using what's clearly
the best book on the subject?
SS: In Britain, its not something you would teach.
Only computer science people would be interested. Theres no
real place for it. Why bother teaching kids about crypto when theyre
still struggling with basic maths? The curriculums too rigid.
In the US, on the other hand, you have a greater degree of curricular
freedom, and might be able to do more.
Im interested in using crypto to teach others things. With
young kids, for example, I can talk about the Mary Queen of Scots
cipher. Its an easy, trivial cipher to make and break. In
doing so, the students learn about structure of language, frequency
analysis, gathering data, and doing statistics. Analysis, plotting
bar charts, going through the process of logical thinking, trial
and at the end of it, they get to crack a real Elizabethan
message. They get to learn some history: the Protestant-Catholic
rivalry, the tale of Mary (which ends in a bloody execution, which
kids generally like!). Im all for giving more history in math.
BNA: This approach seems inherently interdisciplinary, unlike
a strictly computer science approach.
SS: Yes. And you can think of codes mathematically, as well.
Caesar cipher you can think of it as adding 5.
Thats something a ten or 11-year old can think about. You
can get kids to encrypt their own names, you can have competitions,
and so forth. For older kids, what if you multiply, rather than
add, the number? The difficult thinking comes with mod 20. You cant
use 2 as a multiplier, because its a factor of 26. 3 is ok,
because it isnt. And so forth
BNA: What fiction about crypto, what literature do you admire
and enjoy? Neal Stephensons Cryptonomicon is often
SS: Doyles The Adventure of the Dancing Men,
Poes The Gold-bug. Robert Harris historical
novel Enigma (also a film).
BNA: What are you working on now?
SS: Different ways of getting people interested in science.
For instance, in Australia, youve got Science
in the Pub two scientists argue about science in the
bar, then others join in. In Britain, we have something more genteel,
the Café Scientifique.
I did a session of the latter, recently, in a café in Oxford,
on cryptography. This is often less about mathematical arcane, and
more about people saying, Is my credit card safe online?
Its much more of a discursive environment.
Alexander is an Assistant Professor of English at Centenary
College of Louisiana, where he teaches computer-mediated classes
on the Gothic literature, cyberculture, eighteenth century literature,
critical theory, and the experience of war. Through classes on
topics ranging from the Vietnam War to Gothic novels, Bryan has
experimented with innovative approaches to distance learning.
Along these lines, Bryan consults on computer-mediated writing,
interdisciplinary studies, and writing across the curriculum.
Committed to exploring computer-mediated pedagogy, he continues
to research and write on the critical uses of computers and teaching
in terms of interdisciplinary liberal arts and the contemporary
development of cyberculture.
email for info