Phil Zimmermann – Father of PGP and Guardian of Our Privacy

I remember very well the first time I heard about Phil Zimmermann… It was in the late 90s when I installed PGP on my computer for the first time, thinking “Too cool, we can encrypt in 4096 bits, that’s amazing (plus it was forbidden at the time)!”

Philip R. Zimmermann was born in 1954 in Camden, New Jersey, United States, and he is best known to all of us techies for making history in computing with his invention: PGP (Pretty Good Privacy).

Initially downloaded by a few geeks, PGP quickly became the most widely used email encryption software in the world. Imagine in 1991, at the age of 37, developing what he hoped would become a tool to aid human rights… Our utopianist quickly made it available for free, distributing it on the net… And it was mind-blowing! Finally, we could seriously secure our electronic communications with this tiny little tool. It was this event that forever shaped Zimmermann’s reputation as a pioneer of modern cryptography.

One of the fascinating aspects of PGP was that it already functioned as a hybrid encryption system. Instead of choosing between symmetric cryptography (fast but requiring secure key distribution) and asymmetric cryptography (secure but slow), Zimmermann opted for a combination of both, aiming for both speed and efficiency. The first version of PGP even included an encryption algorithm he had developed himself, called Bass-O-matic.

Yes, because before PGP came along, sending an email was like sending a postcard. Everyone could read what you wrote. But with this tool, the information sent became so indecipherable that even the intelligence services couldn’t do anything about it. And that’s where Zimmermann scored points in my heart, by offering Mr. and Mrs. Everybody the possibility to protect their personal exchanges easily and, above all, ultra-securely.

However, this brilliant invention quickly caught the attention of authorities. The story gets complicated in 1993, when the U.S. government, already wary of the proliferation of encryption tools, launched a criminal investigation against Phil for violating export control laws. Yes, according to the authorities, circulating PGP on the net was like smuggling weapons abroad. This investigation, triggered by an RSA Security report regarding a licensing dispute over the use of the RSA algorithm in PGP, lasted three years. It was finally dropped in 1996, after the PGP source code was published by the MIT Press.

Zimmermann, as a true resistor, used this publication as a way to circumvent digital code export restrictions. He later admitted confusion about how USENET handled geographic limitations, mistakenly thinking that a “US only” tag would actually prevent global dissemination. But his intent was clear: PGP should belong to the entire world.

Following this tumultuous episode, he then founded PGP Inc. in 1996, his company aimed at commercializing his encryption technology. Then came the buyouts like in a game of Monopoly: PGP Inc. was acquired by Network Associates in 1997, before being acquired by PGP Corporation in 2002, eventually landing at Symantec in 2010. And of course, Phil has always remained on board, overseeing PGP like a guardian of the temple.

Then in 2006, he created Zfone, a project aimed at securing VoIP communications. Using the ZRTP protocol, Zfone was capable of securing voice calls by creating a unique cryptographic key for each conversation.

However, between software licenses and community expectations, this project faced some setbacks. Then in 2012, with his friends Mike Janke and Jon Callas, he co-founded Silent Circle, a company specializing in securing mobile communications. Their encrypted messaging, calling, and emailing services were used by everyone from journalists in conflict zones to government agencies.

With Silent Circle, Zimmermann once again transformed the art of secure communication into something accessible and seamless regardless of the network… We’re far from the complex configuration concerns of PGP that we encountered at the beginning. Following the Lavabit case in 2013, where the FBI demanded access to Edward Snowden’s emails, Silent Circle got scared and moved its servers to Switzerland because they are less likely to face legal pressure there than in the United States, as Phil explained at the time.

Then in 2013, he joined the Dark Mail Alliance movement with Lavabit’s Ladar Levison, to create a new protocol that surpasses the limitations of PGP by securing not only emails but also metadata. He also got involved in the now-defunct social network Okuna, which was an ethical and privacy-respecting alternative to existing social networks like Facebook or Twitter.

So as Zimmermann declared long ago: “Strong cryptography does more good than harm to democracy, even though it can serve terrorists.”

This premise serves as both a defense against those who prioritize their security over their freedom (especially that of others), and a clear vision of his commitment. He has always emphasized the importance of privacy in the digital age.

Zimmermann’s contributions to cryptography have earned him numerous awards: from the Chrysler Design Award in 1995 to the most prestigious distinctions like his induction into the Internet Hall of Fame in 2012. There are too many awards for me to list them all here, but trust me, he has received plenty and has even been among the TOP 50 most influential personalities.

In addition to his technical achievements, Zimmermann has also played an important educational and political role. Between 2016 and 2021, he worked at Delft University of Technology as a professor in the cybersecurity section of the Faculty of Electrical Engineering, Mathematics, and Computer Science. He has also been involved in several advisory boards, including for the Department of Computer Engineering at Santa Clara University and for Hush Communications. He even contributed to the development of the cryptographic key agreement protocol for the Wireless USB standard, demonstrating once again the extent of his skills and influence in the field of security.

He has also participated in political and scientific discussions on secure communication and national security in the United States, and as a member of the International Association for Cryptologic Research and the League for Programming Freedom, he has continuously defended individuals’ rights to private and secure communication.

Today, his greatest concern is not backdoors in software, but the petabytes of information stored by companies like Google and Facebook. He also warns against legal proceedings facilitated by technology and fears that a surveillance infrastructure in the hands of a malicious government could be used to create an immutable regime. He also advocates for the restoration of some “friction” in police work, to avoid sliding too easily towards a police state.

In conclusion, Phil Zimmermann remains an unwavering pioneer in the field of cryptography. He has inspired generations of developers and activists to continue their quest for a free and secure Internet. So a big thank you to him for making our Internet a safer place for our privacy!

Sources:

Mohamed SAKHRI
Mohamed SAKHRI

I'm the creator and editor-in-chief of Tech To Geek. Through this little blog, I share with you my passion for technology. I specialize in various operating systems such as Windows, Linux, macOS, and Android, focusing on providing practical and valuable guides.

Articles: 1310

Newsletter Updates

Enter your email address below and subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are marked *