PGP Blogs

Celebrating 15 Years of PGP Encryption
14 Nov, 2006

We are celebrating a number of anniversaries this quarter in the cryptography community. Today, PGP Corporation acknowledged the 15-year anniversary of Phil Zimmermann's first release of PGP® encryption. As Phil noted in today's press release, back then, cryptography was considered a criminal act in some quarters and today it's being legally mandated in many parts of the world. Yes, we have come a long way, but we still have a long way to go.

In addition, the Computer History Museum here in the Silicon Valley recently celebrated the 30-year anniversary of the invention of public key cryptography. The original development of public key crypto and Phil Zimmermann's work, which made PKI usable by mere mortals, were each watershed events in the development of data security solutions.

It's hard to overstate how much the business and political environments surrounding cryptography have changed in the last 15 years. Many of you know the story of the U.S. government's attempt to limit the use of PGP encryption and the battle Phil Zimmermann fought to allow us all to take advantage of this important technology.

At the time, it looked like our government was going to prevent individuals and corporations from having access to what has become the key tool in protecting our individual and collective privacy. Fortunately, the Clinton administration came to its senses in 1996 and now, only 10 years later, encryption technology is one of the fastest-growing sectors of the IT industry—and for good reason. As the original inventor of public key cryptography, Whitfield Diffie has stated, "The virtue of the current world is that information gets around a lot better than it used to, and the vice of the current world is that information gets around a lot better than it used to." Without developments like Phil's, very little of this information would be secure while in transit or while it's on our laptops.

As I noted above, however, we still have a long way to go as an industry to make encryption pervasive and usable. ComputerWorld last week predicted that 2007 would be the year that enterprises finally focus on "defending the data".

Note that the publication did not say it would be the year to defend the "data center", but the data itself. This is the place the crypto community has to do its very best work. As the rate and volume of data moving around the world each day increases, so does the need for consistent, trustworthy, and usable ways to protect it. I don't know if there's ever been a more exciting time to be a part of this effort, but if you think the last 15 years have been interesting, in the words of Al Jolson, "You ain't heard nothing yet!"

- Phil