Martin E. Hellman
Work on Cryptography

I trace my interest in cryptography to three main sources:

For the next several years, cryptography remained a low-level activity for me. My research support was in more usual areas of information theory, so any work on crypto occurred in what little time I could call my own. I did not yet feel ready to propose research in crypto for two reasons:

In the early 70's, whenever I mentioned my budding interest in cryptography to colleagues, the almost universal response was that I was foolish to even consider the area. The concerns were two-fold. First, with NSA (the National Security Agency, America's primary cryptographic entity) having a multi-billion dollar budget, how could I hope to discover something that was not already known? Second, if I did anything good, they would classify it. I countered the first accusation of foolishness by noting that it didn't matter what was known in the classified literature since

I didn't have a good answer to my colleagues' second concern, about my work possibly being suppressed by the government, and figured I would cross that bridge when I came to it. But I also have come to see that my counter-arguments were less logical than I thought at the time. As I noted in the discussion of my Work on War and Peace, the muse of the fools seems to whisper in my ear frequently or I seem to pay her more attention than most. In hindsight, I can see that I was drawn to cryptography in a way that defies rational explanation, and that my seemingly rational arguments were just rationalizations for what I was going to do, whether it made sense or not. My colleagues arguments were based on valid concerns, both of which reared their heads.

As Whit Diffie, Ralph Merkle and I, followed by Ron Rivest, Adi Shamir and Len Adleman (RSA) at MIT, and then others began to publish papers that NSA would have classified top secret, various forces within the government, and especially the intelligence community, agitated for such papers to be "born classified", even though we had developed our ideas without any benefit of the classified literature. There was even a threat that we could be prosecuted under the International Traffic in Arms Regulations (ITAR), since technical literature on cryptography was considered an implement of war by the ITAR.

On the advice of Stanford's general counsel, I even presented two papers at a 1977 symposium at Cornell University, instead of my usual practice of having the student co-authors do the presentations. The attorney told me that if the ITAR were interpreted broadly enough to include our papers, he believed they were unconstitutional. But a court case could drag on for years, severely hindering a new Ph.D.'s career (especially if the attorney's belief was not shared by the jury), whereas I was already a tenured professor.

I presented these thoughts to Ralph Merkle and Steve Pohlig, the students in question, but left the final decision to them. Initially they wanted to take the risk and give the papers, but eventually concern from their parents won out. Fortunately, the presentations went off without incident, though it was dramatic having Ralph and Steve stand mute by the podium, so they would get the recognition they deserved, as I gave the papers.

My colleagues' second concern did not rear its head until December 1997, when GCHQ, the British equivalent of NSA, issued a statement claiming that they had invented public key cryptography several years before we did. To my surprise, some people who should have known better, deviated from the well established rule that credit goes to the first to publish. For example, the journal Cryptologia published GCHQ's claim without any disclaimer to this effect and without noting that there was no way to verify the claim. And a colleague at another university broadcast an email giving the URL for the GCHQ claim and encouraging people to look there for what he called "the true story on the invention of public key cryptography." The researchers at GCHQ and NSA who toil in secret to protect our freedoms deserve our thanks. But it is more difficult to decide what credit they deserve in this instance. For what I believe is a reasoned approach to GCHQ's claim, I recommend Bruce Schneier's May 1998 newsletter.

For a more detailed discussion of some of the above topics, as well as many others, I recommend Simon Singh's Codebook and Steven Levy's Crypto. While David Kahn's The Codebreakers was written before public key cryptography was invented, it is an excellent history of cryptography prior to those events. All three books were written for popular audiences and do not require advanced mathematics.

Return to home page.