Identity Theft: If We Didn't Dodge a Bullet

C Matthew Curtin
Interhack Corporation

Cryptography is one of the best tools to avoid the kind of exposure that feeds identity theft and related fraud today. While many organizations struggle to implement cryptographic controls to become compliant with regulation such as GLBA, HIPAA, and the Payment Card Industry data security standard, the situation is improving.

PDF Identity Theft: If We Didn't Dodge a Bullet

Ten years ago, cryptography was considered a munition by the Federal government of the United States. American companies were severely limited in their ability to develop products that would serve a global customer base and the government standard for cryptography was called DES, a 56-bit cipher that had been in place since 1977.

A series of events took place in late 1996 through January of 1999 that changed the way that cryptography was viewed as a matter of public policy, greatly relaxing restrictions on it and making an important and visible case for the need for a new federal cryptographic standard.

This presentation gives a glimpse into just how bad the identity theft problem could be today if the Crypto Wars of the mid-to-late-1990s had gone differently.

This presentation was part of a panel discussion on identity theft presented by the Central Ohio ISSA for TechColumbus on January 18, 2006.