Levy is one of my favorite essayists. He finds a compelling story, researches it exhaustively, and then shares his excitement. The history of Internet cryptography is a perfect subject for Levy, who delights in recounting stories about technoradicals with new ideas who see them through to fruition.
Encryption truly is one of the most critical technologies necessary for a smoothly functioning virtual world, and is very much the case that the U.S. Federal Government successfully delayed the general availability of strong encryption for at least a decade. (Future economists may point back to the last two decades of the 20th century and show how this failed government policy was responsible for the loss of U.S. dominance in the high-tech market.)
It would have been easy to take the politically correct road and portray the Feds as being evil conspirators, bent on maintaining their own power and pride at the expense of the entire world. Levy chooses a more balanced approach, depicting the NSA in nearly heroic terms. He is especially sympathetic towards Clint Brooks (a name I did not know), an NSA lifer who developed the key escrow concept as a compromise that would allow widespread public utilization of strong encryption while still allowing law enforcement (and of course, intelligence agencies), the ability to intercept communications under controlled circumstances. If both the NSA and their philosophical opponents are heroes with noble goals, a tragic ending is inevitable, which adds an element of pathos to this triumph of democracy.
As a former software vendor, I've been totally frustrated by both the crypto export laws and by the NSA attitude of "If you only knew what we knew, you wouldn't even ask that question." That argument turned out to be just as specious now as everyone thought it was at the time, but the marvelous aspect of this book is that Levy is able to make a cynic like me accept that the people within the Puzzle Palace have legitimate motivations. (He is much harsher on the FBI, and creates an especially unflattering portrayal of Louie Freeh). It's a well-balanced approach to a very contentious subject, which adds considerably to the author's credibility.
Personalities loom large in a history like this one, and Levy is a master at drawing them out of their personal shells and detailing aspects of their private lives to explain their motivations and feelings. Whitfield Diffie is the old master who had the vision to conceive of a new model for encryption that would meet the unprecedented needs of a network society. Ron Rivest was the energy behind the development of the most significant public key algorithm, created by an unlikely trio of inventors. Jim Bidzos was a young playboy who found the commercialization of the RSA technology to be the challenge he needed in his hitherto shallow life of world travel, hot cars and fast women. Like Diffie, Phil Zimmerman marches to a drummer that only he can hear, yet this amateur programmer succeeded in popularizing strong encryption long before RSA and its millions in venture cap money did. Given his ten years of personal research and interviews of the people he chronicles, Levy's will probably be the definitive written account on many of these quirky visionaries.
The book is a quick read, but a good one. Technically, it is very accurate, with one unfortunate mistake on page 178 where it reads "Then he uses the hash function to recreate Alice's message from the digest..." Hash functions are 1-way functions, and cannot be reversed. If it read instead, "Then he uses the hash function to recreate Alice's message digest..." it would be more accurate. In order to verify a digital signature, the encrypted hash value provided by the sender is decrypted by their public key, which is then compared to another hash value generated by the verifying party (see p. 38 of "Applied Cryptography, 2nd Edition" by Bruce Schneier). Other than this confusion over how digital signatures are verified, the book does an excellent job of presenting the concepts of public key encryption to a non-technical reader. Besides being an enjoyable tale of business and technology history, this book could also be considered an executive-level introduction to the need for encryption on the Internet and the ways in which modern implementations provide it.
If you want to know what is happening when that little lock icon at the bottom of your web browser closes, you'll find a conceptual answer in this book. You'll not only learn the sequence of events that led to the development of SSL, but you'll also read the history of the first successful attempt to crack SSL security, and its significance to you as a customer of sites like Amazon. "Crypto" should appeal not only to those who are interested in the history of technology, but anyone wanting to understand more about the history and personal and commercial use of encryption on the Internet. Anyone involved in an e-commerce project or with an interest in information security would find this an interesting and accessible book. It is not a technology book per se, but I think most technically-oriented people will enjoy reading about how people like them had the drive and vision to change the world-especially when the odds were so heavily stacked against them.
This is a compelling and important story that needs to be told and understood. Levy is neither the first to undertake this telling, and undoubtedly won't be the last, but I'm convinced that this will become a classic of technology history-even more so than his earlier books. His thoroughness, extensive research, and evenhanded approach will make this book an important source for future researchers.