A Controversial Symposium

The International Symposium on Information Theory is not known for its racy content or politically charged presentations, but the session at Cornell University on October 10, 1977, was a special case. In addition to talks with titles like “Distribution-Free Inequalities for the Deleted and Holdout Error Estimates,” the conference featured the work of a group from Stanford that had drawn the ire of the National Security Agency and the attention of the national press. The researchers in question were Martin Hellman, then an associate professor of electrical engineering, and his students Steve Pohlig, MS ’75, PhD ’78, and Ralph Merkle, PhD ’79.

A year earlier, Hellman had published “New Directions in Cryptography” with his student Whitfield Diffie, Gr. ’78. The paper introduced the principles that now form the basis for all modern cryptography, and its publication rightfully caused a stir among electrical engineers and computer scientists. As Hellman recalled in a 2004 oral history, the nonmilitary community’s reaction to the paper was “ecstatic.” In contrast, the “NSA was apoplectic.”

The fact that Hellman and his students were challenging the U.S. government’s longstanding domestic monopoly on cryptography deeply annoyed many in the intelligence community. The NSA acknowledged that Diffie and Hellman had come up with their ideas without access to classified materials. Even so, in the words of an internal NSA history declassified in 2009 and now held in the Stanford Archives, “NSA regarded the [Diffie-Hellman] technique as classified. Now it was out in the open.”

The tension between Hellman and the NSA only worsened in the months leading up to the 1977 symposium. In July, someone named J. A. Meyer sent a shrill letter to the Institute of Electrical and Electronics Engineers, which had published Hellman’s papers and was holding the conference. It began:

I have noticed in the past months that various IEEE Groups have been publishing and exporting technical articles on encryption and cryptology — a technical field which is covered by Federal Regulations, viz: ITAR (International Traffic in Arms Regulations, 22 CFR 121–128).

Meyer’s letter asserted that the IEEE and the authors of the relevant papers might be subject to prosecution under federal laws prohibiting arms trafficking, communication of atomic secrets and disclosure of classified information.

Without naming Hellman or his co-authors, Meyer specified the issues of IEEE’s Transactions on Information Theory journal and Computer magazine in which Hellman’s articles appeared. Meyer concluded ominously that “these modern weapons technologies, uncontrollably disseminated, could have more than academic effect.”

Meyer’s letter alarmed many in the academic community and drew coverage by Science and the New York Times for two main reasons. First, the letter suggested that merely publishing a scientific paper on cryptography would be the legal equivalent of exporting nuclear weapons to a foreign country. If Meyer’s interpretation of the law was correct, it seemed to place severe restrictions on researchers’ freedom to publish. Second, Deborah Shapley and Gina Kolata of Science magazine discovered that Meyer was an NSA employee.

As soon as Hellman received a copy of the letter, he recognized that continuing to publish might put him and his students in legal jeopardy, so he sought advice from Stanford University counsel John Schwartz.

In his memo to Schwartz, Hellman made a lucid case for the value of public-domain cryptography research. Astutely, Hellman first acknowledged that the U.S. government’s tight control over cryptographic techniques proved enormously useful in World War II: Allied forces used confidential cryptographic discoveries to improve their own encryption systems while denying those same cryptographic benefits to Axis powers. Even so, Hellman argued that circumstances had changed.

[T]here is a commercial need today that did not exist in the 1940’s. The growing use of automated information processing equipment poses a real economic and privacy threat. Although it is a remote possibility, the danger of initially inadvertent police state type surveillance through computerization must be considered. From that point of view, inadequate commercial cryptography (which our publications are trying to avoid) poses an internal national security threat.

In the memo, Hellman described how his earlier attempts to prevent “stepping on [the] toes” of the NSA failed when the agency’s staffers would not even disclose which areas of cryptography research Hellman should avoid.

Responding to Hellman a few days later, Schwartz opined that publishing cryptography research would not in itself violate federal law. His findings had a strong legal basis: Two regulations governed classified information in the United States at the time — an executive order and the Atomic Energy Act of 1954 — and neither seemed to prevent the publication of unclassified research on cryptography.

SHARING THE STEALTH: Merkle, Hellman and Diffie ended government’s monopoly on cryptography. (Photo by Chuck Painter/Stanford News Service)

There was only one other likely legal tool that the federal government could use to prevent the Stanford group from disseminating their work: the Arms Export Control Act of 1976, which regulated the export of military equipment. Under a generous interpretation of the law, giving a public presentation on cryptographic algorithms could constitute “export” of arms. It was not clear, however, that a prosecution under this act would stand up to a legal challenge on First Amendment grounds.

Evaluating these laws together, Schwartz concluded that Hellman and his students could legally continue to publish. At the same time, Schwartz noted wryly, “at least one contrary view [of the law] exists” — that of Joseph A. Meyer. Hellman later recalled Schwartz’s less-than-comforting informal advice: “If you are prosecuted, Stanford will defend you. But if you’re found guilty, we can’t pay your fine and we can’t go to jail for you.”

The Cornell symposium was to begin three days after Schwartz offered his legal opinion; Hellman, Merkle and Pohlig had to quickly decide whether to proceed with their presentations in spite of the threat of prosecution, fines and jail time. Graduate students typically present their own research at academic conferences, but according to Hellman, Schwartz recommended against it in this case. Since the students were not employees of Stanford, it might be more difficult for the university to justify paying their legal bills. Schwartz also reasoned that dealing with a lengthy court case would be harder for a young PhD student than for a tenured faculty member. Hellman left the decision up to the students.

According to Hellman, Merkle and Pohlig at first said, “We need to give the papers, the hell with this.” After speaking with their families, though, the students agreed to let Hellman present on their behalf.

In the end, the symposium took place without incident. Merkle and Pohlig stood on stage while Hellman gave the presentation. The fact that the conference went ahead as planned, Science observed, “left little doubt that the work [in cryptography] has been widely circulated.” That a group of nongovernmental researchers could publicly discuss cutting-edge cryptographic algorithms signaled the end of the U.S. government’s domestic control of information on cryptography.