In 1976, the trio came up with the theory that revolutionized cryptography and led to the system that protects Internet transactions of all sorts, from e-commerce to e-banking. As the New York Times put it, the invention of public key cryptography “was a pivotal moment in network security, a crucial component of public privacy and also an elegant and simple mathematical solution.”
However, in 1997, the British government’s eavesdropping organization, the Government Communications Headquarters, announced that it had played a role in discovering public key cryptography in the 1960s, well before Hellman, Merkle and Diffie. However, this information had been kept secret for national security reasons.
But is the matter settled there?
Not necessarily, said Steven M. Bellovin, a computer science professor at Columbia University who spoke recently in a Robert T. Chien lecture at CSL. According to Bellovin, when Bobby Inman was director of the National Security Agency (NSA), “he claimed (without substantiation) that NSA had public key cryptography a decade earlier than Diffie and Hellman.”
As further evidence, Bellovin cited a colloquium that Diffie organized to honor cryptologist Gus Simmons in 1993. One of the speakers, Jim Frazer, spoke about Permissive Action Links, or PALs, which are designed to safeguard nuclear weapons from unauthorized use. PALs were initiated by President Kennedy’s famous National Security Action Memorandum 160 in 1962. And according to Bellovin, Frazer said in his talk at the colloquium that this memo “was the basis for the invention of public key cryptography by NSA. Simmons nodded in vigorous agreement.”
After hearing of this, one of Bellovin’s colleagues contacted the Kennedy Library in Massachusetts to obtain a copy of the Kennedy memo. But as it turned out, it was an attached memorandum by Kennedy’s science adviser Jerome Weisner that offered up even more telling clues.
One large section had been scrubbed out of the Weisner memorandum for security reasons. But a curious sentence, right in the middle of this redacted section, remained in tact. Referring to PALs, this section of Weisner’s memo said, “This equipment…would certainly deter unauthorized use by military forces holding the weapons during periods of high tension or military combat.”
According to Bellovin, the key word is “deter.” He said the sentence implies that non-repudiation, a classic use of public key cryptography, was important to the PALs system. Non-repudiation would make it possible to identify who ordered the launch of a bomb.
“Pending declassification of the rest of the memo,” Bellovin said, “I suspect that this is the crucial seed that led to the invention of public key cryptography at NSA.”
As Bellovin went on to note, it should come as no surprise that NSA might have had public key cryptography well before a small team of Stanford researchers discovered it. “After all,” he said, “NSA is one of the largest employers of mathematicians in the world.”