Phil Zimmermann is an American cryptographer responsible for creating the symmetric and asymmetric cryptographic software, Pretty Good Privacy (PGP).

Philip R. Zimmermann was born in Camden, New Jersey (United States) on February 12, 1954. Better known in the computer world as Phil Zimmermann, was one of the pioneers in the development and use of asymmetric cryptography. He earned his Bachelor of Science in Computer Science from Florida Atlantic University in Boca Ratón, in the year of 1978.

Zimmermann devoted much of his work as a software engineer to building cryptographic and data security systems. As well as communication systems and real-time systems. Your interest in the political part of the cryptography He grew up from his background in matters of military policy.

The development of PGP

The main cryptographic work that led him to be recognized worldwide was software PGP. Developed in the year of 1991, Zimmermann created it with the aim of turning it into "A tool for human rights".

With it in mindZimmermann published the binaries and PGP source code for free on the Internet. PGP stands for Pretty Good Privacy, a name inspired by Ralph's Pretty Good Grocery from Lake Wobegon. Lake Wobegon is a fictional city invented by radio host Garrison Keillor.

PGP works as a hybrid crypto system. Which means that it uses symmetric and asymmetric encryption techniques to ensure the highest possible security. Something it achieves by taking advantage of the best of each encryption system. For example, symmetric encryption is faster than asymmetric or public key encryption; but asymmetric encryption provides a solution to the problem of secure key distribution. In addition to this, it guarantees the non-repudiation of the data and the non-impersonation.

With these capabilities in mind, Zimmermann designed PGP with the goal of offering the best of two worlds. The result was a highly secure, fast, easy to use information sharing system, to implement and merge with other systems. Such is its effect that it is widely used in mail systems, instant messaging (Jabber, IRC) or distributed web systems.

PGP is considered a security standard, to the point that the Internet Engineering Task Force has created the implementation OpenPGP.

Legal problems due to the creation of PGP

When Zimmermann released the binary and PGP code, he indicated that such software would not be able to leave the United States. However, as it was published on the Internet, it quickly crossed the borders of that country. This led to Zimmermann becoming involved in a series of legal problems. because the laws of the United States classified crypto as ammunition. In addition to this, the company RSA Data Security, had a dispute regarding the use of the RSA cryptographic algorithm in PGP.

In both situations, an investigation into Zimmermann was initiated for a possible violation of the United States encryption software export law. The investigation lasted three years, until early 1996. Eventually the indictment was dropped and the case was closed without charge.

After the US government dropped the charges, Zimmermann founded the company in 1996, PGP Inc. The newly created company launches a new version of PGP and other related products. The company was acquired by Network Associates Inc. (NAI) In December 1997, Zimmermann remained linked to the company for three years as a majority partner. NAI decides in 2002 to phase out the PGP product line, and the software is acquired by PGP Corporation. Zimmermann becomes the director and consultant of this firm.

“I have already said this years before 11/9, the worst privacy threat is Moore's law. The world population may not multiply by 2 every 18 months, but the ability of computers to monitor us does double every 18 months. After the 11/XNUMX attack we have the power of Moore's Law mixed with a policy focused on surveillance and that is a terrible combination ... 

The natural tendency of technology is to move in the direction of making this (citizen) surveillance easier and easier. "

Phil Zimmermann's Law - Interview 2013

The development of ZFone - The PGP for VoIP

Zimmermann continued to develop cryptographic systems and this led to his second creation, the software ZFone and the protocol ZRTP. This was a VoIP communication system focused on security and privacy. To achieve this, the ZRTP protocol intercepts and ensures the data flow of calls in real time. With this system, ZRTP was able to secure calls from any device compatible with existing VoIP, SIP and RTP protocols.

The calls were secured by means of a system, in which a cryptographic key was agreed between the two parties. With this, all the data flow of the call was secured, preventing spying on it. Nevertheless, the system accumulated enough criticism for the licenses of the software itself. On the one hand, many system files had a free license (AGPL) but others were proprietary. This situation created friction in the community and has brought the project to a standstill.

However, the system was highly secure and opened the doors for further developments with VoIP security in mind.

Phil Zimmermann, cypherpunks and blockchain

Although Zimmermann was not related to the creation of the Bitcoin or with previous digital currency systems, your contributions with PGP are very valuable. Thanks to PGP the community cypherpunk It had a system to encrypt its communications and that is why it was widely used by this group to share sensitive information. Adam Back made heavy use of PGP on the Cypherpunks mailing list. In fact, in his web personal we can see the public key Back PGP, which is:


Awards received

Zimmermann has received numerous technical and humanitarian awards for his pioneering work in cryptography:

  1. Newsweek names him as one of the "Net 50", the 50 most influential people on the Internet.
  2. Receive the award Chrysler Design Award for Innovation (Chrysler Award for Innovation and Design) in 1995.
  3. You will be awarded the prize Pioneer Award from the Electronic Frontier Foundation, in 1995.
  4. In 1996, he received the award Norbert Wiener Award for Social and Professional Responsibility. An award received for promoting the responsible use of technology.
  5. You are awarded the first Lifetime Achievement Award from Secure Computing Magazine, in 1998.
  6. Receive the award Louis Brandeis Award of the organization Privacy International, in 1999.
  7. In 2000, InfoWorld magazine names him as one of the Top 10 of the innovators in e-business (electronic commerce).
  8. Enter in the CRN Industry Hall of FameIn the year 2001.
  9. It is included in 2003, in the Heinz Nixdorf Museums Forum Wall of Fame.