Encryption Quagmire Ahead For Education?
Recent postings in the Electronic Frontier Foundation forums have reported that MIT, ViaCrypt, RSA, and Phil Zimmerman have reached an agreement on the encryption system Phil has been distributing, called Pretty Good Privacy, or PGP, so that the current version, PGP v. 2.6, is available via FTP from MIT. This indicates that MIT will probably advocate PGP, rather than the Clipper encryption standard being pushed by the Clinton administration. For more information on PGP, check out:
One weekend in May of this year, some of my brother sailors and I were stringing cable at a local elementary school, as part of our Adopt-a-School commitment. We had to thread the cable around a variety of computers and it occurred to me that TCI, who donated the cable, is one of the companies seeking to expand the scope of telecommunications services they provide. It is likely in the near future that same cable we were stringing for educational television will be used to link the school to the Internet.
When considering how Internet access will benefit public education, the area of standardized tests (such as the SAT) seems a natural candidate for encryption. Teachers could download tests in encrypted form and only release the keys to decrypt the tests at the beginning of the exam. The students would finish the exams, then re-encrypt them with another key. The teacher would download the answer sheets, using yet a third key, and there would be less likelihood of cheating allegations. (Did anyone else have to retake the SAT because the principal didn’t believe you knew that much?)
When the practice of downloadable encrypted testing pervades our education system, there will come a dilemma for education – do we use "government standard" Clipper-style encryption (and might the government mandate its use for schools to receive federal funding?), or do we use PGP, the encryption standard in use on the Internet, now made legally and freely available by FTP from MIT? Either way, a group of midshipmen just cost the government an expensive four years of education at Annapolis when they got caught hacking into electrical engineering exams, and the only way to ensure that won’t happen again is to encrypt the exams.
Will education go for PGP or the Clipper standard? That remains to be seen, but MIT students already use PGP to digitally encrypt signatures and thus authenticate their email messages. If the Department of Education adopts the Clipper standard, I anticipate a lot of griping about other departments holding copies of their keys "to allow for legal wiretaps." Disk space may be getting cheaper, but there is little economy in having a bunch of computers in Washington D.C. keep track of the crypto keys used by elementary schools in Key West, or Anchorage, Alaska.