PGP, Phil Zimmermann, Life, the Universe, and so on...

It's funny that the resident Australian on the USENIX board of directors gets to write a piece like this, but I sort of volunteered by being the one to bring this to the attention of the board. Anyway, to cut a long story short, There Is Something Funny Going On, and if you aren't aware of it, we think you might want to be. If you already know about the Grand Jury indictment proceedings involving Phil Zimmermann ( then you can stop now, but if you don't, please read on.

By the way, I'm preparing this article for ;login: in a very short time, mostly due to sickness, so I hereby state that in places I'm using (and modifying) words written by Hugh Miller of Loyola University Chicago. Hugh didn't assert copyright on the material I've used, and it is in a good cause, so I hope he doesn't mind too much.

First, you need to know why I'm writing this. The combination of some fairly abstract mathematics, some archaic laws in the United States, and some "Pretty Good" software, has caused a situation with interesting ramifications.

Background: Public Key Cryptography

In 1976, Whitfield Diffie and Martin Hellman wrote a paper about asymmetric cryptography. If you imagine locks with keys to be analagous to conventional or symmetric cryptography, then public key or asymmetric cryptography is about a different kind of lock -- where you have two keys, and one can secure the lock, but not open it, and the other can open the lock but not secure it. You keep the one that can open the lock in your pocket, but you make as many copies as you like of the other one, and give them to your friends. Now, if you want to send a secret message to your friend Alice, you can lock it away using the copy of Alice's "locking" key, and only Alice can unlock it to read it. But there is another benefit (which stretches the analogy a bit): Alice could use her key to "lock" something away, and if you can use a copy of Alice's other key to "unlock" it successfully, you know that Alice must have "locked" it. This is the essence of digital signatures.

Ron Rivest, Adi Shamir and Len Adelman invented what is called the RSA system a few years later. It is the only currently known system in which the keys used for "locking" and "unlocking" are interchangeable, the only difference being which one you keep secret. A careful reader will have noticed that I interchanged the meanings of "locking" and "unlocking" at the end of the last paragraph.

Phil Zimmerman, in 1990, used the RSA system in a program called "Pretty Good Privacy", or PGP for short, which allows people to send secret messages to each other, or verify the authenticity of who sent it, or both. PGP is, in some sense, too good. According to the state of the art, messages encoded or signed with PGP are uncrackable and unforgeable.

(Side note: RSA is patented in the USA, and some people think that Phil may have done something wrong in using a patented algorithm in PGP. However, that issue is COMPLETELY IRRELEVANT to the rest of this article, and if you think that it matters you may as well stop reading.)

This is Pretty Serious technology. It enables freedom fighters in south-east Asia to communicate securely. It may also allow terrorists in the USA to communicate securely. The USA has laws, under which PGP is classed as a "munition" in the same category as tanks and napalm, which prevent its export from the US. It is worth noting that, in the same sense a people in other countries can easily manufacture tanks and napalm, any decent programmer could implement RSA encryption knowing only the published algorithm. In fact my own interested in this issue started in 1990 when I was doing exactly that in Sydney, Australia.

So what is the problem?

Somehow, PGP was illegally exported from the USA, and it was almost certainly without Phil Zimmerman's knowledge. Phil is currently engaged with a USA Federal Grand Jury considering his indictment.

Note well that the indictment is NOT for actually exporting PGP himself, which the government freely admits he did not do, but for making it available in such a manner that it might get exported by someone else! The government clearly wishes to crush Phil and send a strong message about making software available on networks, especially software they don't like, even if the author takes significant care to discourage or prevent export. They wish to establish that the author is responsible for potentially illegal acts committed by others even without his knowledge or control.

This is the issue that USENIX believes is important and of interest to its members.

The USENIX Board of Directors thought fairly hard about whether or not to support Phil's defense. It turns out that we can't, whether we wanted to or not, because it would jeopardize our tax exempt status as a group whose primary purpose is education. However, keeping the members advised about the status of this issue is certainly education, and that is what we intend to do.

Phil Zimmermann Legal Defense Fund Appeal

[This section was originally written by Hugh Miller of Loyola University Chicago, but edited by me mostly to give up-to-the minute information, so blame me for any mistakes - Greg Rose.]

In November, 1976, Martin Hellman and Whitfield Diffie announced their discovery of public-key cryptography by beginning their paper with the sentence: "We stand today on the brink of a revolution in cryptography."

We stand today on the brink of an important battle in the revolution they unleased. Philip Zimmermann, who encoded and released the most popular and successful program to flow from that discovery, may be about to go to court.

It has been over fourteen months now since Phil was first informed that he was the subject of a grand jury investigation being mounted by the San Jose, CA, office of US Customs into the international distribution, over the Internet, of the original version of the program. [On January 12th, Phil's legal team met for the first time with William Keane, Assistant US Attorney for the Northern District of California, who is in charge of the grand jury investigation, in San Jose. The aim of this meeting was, I believe, to try and get the indictment proceedings stopped, but that failed, and the grinding process continues. An indictment, if one is pursued by the government after this meeting, could be handed down shortly. -- Greg Rose]

If indicted, Phil would likely be charged with violating statute 22 USC 2778 of the US Code, "Control of arms exports and imports." This is the federal statute behind the regulation known as ITAR, "International Traffic in Arms Regulations," 22 CFR 120.1 et seq. of the Code of Federal Regulations. Specifically, the indictment would allege that Phil violated 22 USC 2778 by exporting an item listed as a "munition" in 22 CFR 120.1 et seq. without having a license to do so. That item is cryptographic software -- PGP.

At stake, of course, is far more than establishing whether Phil violated federal law or not. The case presents significant issues and will establish legal precedent, a fact known to everyone involved. According to his lead counsel, Phil Dubois, the US government hopes to establish the proposition that anyone having anything at all to do with an illegal export -- even someone like Phil, whose only involvement was writing the program and making it available to US citizens and who has no idea who actually exported it -- has committed a federal felony offense. The government also hopes to establish the proposition that posting a "munition" on a BBS or on the Internet is exportation. If the government wins its case, the judgment will have a profound chilling effect on the US software industry, on the free flow of information on the emerging global networks, and in particular upon the grassroots movement to put effective cryptography in the hands of ordinary citizens. The US government will, in effect, resurrect Checkpoint Charlie -- on the Information Superhighway.

We may not all know the price Phil has had to pay for his courage and willingness to challenge the crypto status quo. For years now Phil has been the point man in the ongoing campaign for freely available effective cryptography for the everyday computer user. The costs, personal and professional, to him have been great. He wrote the original code for PGP 1.0 by sacrificing months of valuable time from his consulting career and exhausting his savings. He continues to devote large amounts of his time to testifying before Congress, doing public speaking engagements around the world, and agitating for "cryptography for the masses," largely at his own expense.

Phil's legal team consists of his lead counsel, Philip Dubois of Boulder, CO; Kenneth Bass of Venable, Baetjer, Howard & Civiletti, in Washington, DC, first counsel for intelligence policy for the Justice Department under President Carter; Eben Moglen, professor of law at Columbia and Harvard Universities; Curt Karnow, a former assistant US attorney and intellectual property law specialist at Landels, Ripley & Diamond in San Francisco; and Thomas Nolan, noted criminal defense attorney in Menlo Park.

While this is a stellar legal team, what makes it even more extraordinary is that several of its members have given their time for free to Phil's case. Still, while their time has been donated so far, other expenses -- travel, lodging, telephone, and other costs -- have fallen to Phil. If the indictment is handed down, time and costs will soar, and the members of the team currently working pro bono may no longer be able to. Justice does not come cheap in this country, but Phil deserves the best justice money can buy him.

This is where you and I come in. Phil Dubois estimates that the costs of the case [if an indictment is handed down -- GGR], leaving aside the lawyers' fees, will run from US$100,000 - $150,000. If Phil's team must charge for their services, the total cost of the litigation may range as high as US$300,000. The legal defense fund is already several thousand dollars in the red.

Phil has assumed the burden and risk of being the first to develop truly effective tools with which we all might secure our communications against prying eyes, in a political environment increasingly hostile to such an idea -- an environment in which Clipper chips and digital telephony bills are our own government's answer to our concerns. Now is the time for us all to step forward and help shoulder that burden with him.

It is time more than ever. I call on all of us, both here in the US and abroad, to help defend Phil and perhaps establish a groundbreaking legal precedent. PGP now has an installed base of hundreds of thousands of users. PGP works. It must -- no other "crypto" package, of the hundreds available on the Internet and BBS's worldwide, has ever been subjected to the governmental attention PGP has. How much is PGP worth to you? How much is the complete security of your thoughts, writings, ideas, communications, your life's work, worth to you? The price of a retail application package?i Send it. More? Send it. Whatever you can spare: send it.

A legal trust fund, the Philip Zimmermann Defense Fund (PZDF), has been established with Phil Dubois in Boulder. Donations will be accepted in any reliable form, check, money order, or wire transfer, and in any currency, as well as by credit card.

You may give anonymously or not, but PLEASE - give generously. If you admire PGP, what it was intended to do and the ideals which animated its creation, express your support with a contribution to this fund.

What is USENIX going to do?

[This is Greg Rose again.] Well, we can't donate money, and it isn't totally clear that that would be in the best interest of our membership anyway. However, it is certainly the case that keeping the membership and the public informed is worthwhile. To this end we intend to:

  1. Write a regular piece for ;login: keeping you advised of the state of affairs. (Generally the articles won't be this long, but the first one needed the background.)
  2. Get "snitch reports" of the indictment and, if it goes that far, prosecution, along the lines of the ones we do for the POSIX committees, and publish these in the newsletter and as press releases.
  3. Prepare "Friend of the Court" submissions on the subject if that appears relevant.
  4. Possibly release a position paper to the press.
  5. Let you know how to donate yourself, if that is something you want to do. I have.

How to donate.

To send a check or money order by mail, make it payable to "Philip L. Dubois, Attorney Trust Account." Mail the check or money order to the following address:

Philip Dubois
2305 Broadway
Boulder, CO USA 80304
(Phone #: +1-303-444-3885)

To send a wire transfer, your bank will need the following information:

Bank: VectraBank
Routing #: 107004365
Account #: 0113830
Account Name: "Philip L. Dubois, Attorney Trust Account"

Now here's the neat bit. You can make a donation to the PZDF by Internet mail on your VISA or MasterCard. Worried about snoopers intercepting your e-mail? Don't worry -- use PGP.

Simply compose a message in plain ASCII text giving the following: the recipient ("Philip L. Dubois, Attorney Trust Account"); the bank name of your VISA or MasterCard; the name which appears on it; a telephone number at which you can be reached in case of problems; the card number; date of expiry; and, most important, the amount you wish to donate. (Make this last item as large as possible.) Then use PGP to en- crypt and ASCII-armor the message using Phil Dubois's public key, enclosed below. (You can also sign the message if you like.) E-mail the output file to Phil Dubois ( Please be sure to use a "Subject:" line reading something like "Phil Zimmermann Defense Fund" so he'll know to decrypt it right away. You can easily find out how to get PGP and Phil Dubios' public key if you want to, just see the various FAQs in sci.crypt and

Greg Rose
USENIX Director
PGP key ID: 09D3E64D 1994/11/30
Greg Rose