Page 3 of 3 Soaring, cryptography and nuclear weapons
By Martin Hellman
guarantee, but we've made it through 50 years, so the odds are good that we can
make it through 10 more. In the order of magnitude approach, we have now
bounded the time horizon for a failure of nuclear deterrence as being greater
than 10 years and less than 1,000. That leaves 100 years as the only power of
10 in between. Most people thus estimate that we can survive on the order of
100 years, which implies a failure rate of roughly 1% per year.
On an annual basis, that makes relying on nuclear weapons a 99% safe maneuver.
As with 99.9% safe maneuvers in soaring,
that is not as safe as it sounds and is no cause for complacency. If we
continue to rely on a strategy with a 1% failure rate per year, that adds up to
about 10% in a decade and almost certain destruction within my grandchildren's
lifetimes. Because the estimate was only accurate to an order of magnitude, the
actual risk could be as much as three times greater or smaller. But even
one-third percent per year adds up to roughly a 25% fatality rate for a child
born today, and 3% per year would, with high probability, consign that child to
an early, nuclear death.
Given the catastrophic consequences of a failure of nuclear deterrence, the
usual standards for industrial safety would require the time horizon for a
failure to be well over a million years before the risk might be acceptable.
Even a 100,000 year time horizon would entail as much risk as a skydiving jump
every year, but with the whole world in the parachute harness. And a 100 year
time horizon is equivalent to making three parachute jumps a day, every day,
with the whole world at risk.
While my preliminary analysis and the above described intuitive approach
provide significant evidence that business as usual entails far too much risk,
in-depth risk analyses are needed to correct or confirm those indications. A
statement endorsed by notable individuals [1] therefore "urgently petitions the
international scientific community to undertake in-depth risk analyses of
nuclear deterrence and, if the results so indicate, to raise an alarm alerting
society to the unacceptable risk it faces as well as initiating a second phase
effort to identify potential solutions".
This second phase effort will be aided by the initial studies because, in
addition to estimating the risk of a failure of nuclear deterrence, they will
identify the most likely trigger mechanisms, thereby allowing attention to be
directed where it is most needed. For example, if as seems likely, a nuclear
terrorist incident is found to be a likely trigger mechanism for a full-scale
nuclear war, then much needed attention would be directed to averting that
smaller, but still catastrophic event.
While definitive statements about the risk we face must await the results of
the proposed in-depth studies, for ease of exposition the remainder of this
article assumes the conclusion reached by my preliminary study - that the risk
is far too great and urgently needs to be reduced.
The positive possibility
In the mid-1970s, Whit Diffie, Ralph Merkle and I invented public key
cryptography, a technology that now secures the Internet and has won the three
of us many honors. Yet, when we first conceived the idea, many experts told us
that we could not succeed. Their skepticism was understandable because a public
key flew in the face of the accumulated wisdom of hundreds of years of
cryptographic knowledge: How could the key be public if its secrecy was all
that kept an opponent from reading my mail? What was missed is that "the key"
might become "two keys", a public key for enciphering and a secret key for
deciphering. Everyone could encipher messages using my public key, but only I
could understand them by deciphering with my secret key.
Just as many cryptographic experts thought we couldn't split the key and used
arguments based on years of accumulated wisdom that were not applicable to the
new possibility, most people have difficulty envisioning a world in which the
nuclear threat is a relic of the past. While there is no guarantee that a
similar breakthrough exists for ending the threat posed by nuclear weapons,
this section provides evidence that our chances for survival are greater than
we think.
First, Figure 3 must be modified by adding a third state in which the risk of
nuclear catastrophe has been reduced thousands of times from its present level,
so that it is at an acceptable level.
For the risk to truly be acceptable, this new state also must be a state of no
return - its risk would not be acceptable if the world could transition back to
our current state with its unacceptable risk. In this new figure, our current
substate is near the middle of the current state of the world. We are not close
to World War III, but neither are we close to an acceptable level of risk.
Much as people had difficulty envisioning public key cryptography before we
developed a workable system, they also have difficulty envisioning a world that
is far better than what they have experienced in the past. The evolution of the
movement to abolish slavery in the United States provides a good illustration
of that difficulty.
In 1787, slavery was written
into the US constitution. In 1835, a Boston mob
attacked the abolitionist William Lloyd Garrison
and dragged him half naked through the streets. In
Illinois in 1837, a mob killed another
abolitionist, Elijah Lovejoy. The next year, a
Philadelphia mob burned the building where an
antislavery convention was held. In that
environment or substate, few people could envision
the end of slavery within 30 years, much less that
citizens of Massachusetts, Illinois and
Pennsylvania would give
their lives to help bring
about that noble goal.
While it was almost impossible to envision in 1787 - or even in the 1830s - we
now know that, as depicted in Figure 5 above, there was a sequence of substates
that led to a new state in which slavery not only was abolished, but had no
possibility of returning. The anti-abolitionist riots of the 1830s - probably
seen by most at that time as evidence of the insurmountable barriers to ending
slavery - were actually a sign that a new substate had been reached and change
was beginning to occur.
There were no such riots in 1787 because the abolitionist movement was almost
non-existent. By the 1830s abolition was beginning to be seen as a serious
threat to the supporters of slavery, resulting in the riots.
History shows that people have tremendous difficulty envisioning both negative
and positive possibilities that are vastly different from their current
experience. Therefore, even if I had a crystal ball and could predict the
sequence of substates (steps) that will take us to the state of acceptable risk
depicted in Figure 4, very few would believe me. As an example of the
difficulty, imagine the reaction if someone, prior to Gorbachev's coming to
power, had predicted that a leader of the Soviet Union would lift censorship,
encourage free debate and not use military force to prevent republics from
seceding from the union. At best, such a seer would have been seen as extremely
naive.
I had a milder version of that problem in September 1984 when I started a
project designed to foster a meaningful dialogue between the American and
Soviet scientific communities in an attempt to defuse the threat of nuclear
war, which was then in sharp focus. I was aware of the limitations that Soviet
censorship imposed, but believed there still was some opportunity for
information flow, primarily unidirectional. It had been eight years since my
last trip to the Soviet Union and this visit was an eye-opening experience.
While I did not know it at the time, I was meeting with people who were in the
forefront of the nascent reform movement which would bring Gorbachev to power
six months later, with some of them directly advising him.
Censorship was still the law of the land, so the scientists with whom I met
could not agree with those of my views that contradicted the party line. But
neither did they argue. I sensed something very different was brewing, but on
returning to the US. I was often seen as extremely naive for believing that
meaningful conversations were possible with persons of any standing within the
Soviet system.
The steps leading to a truly safe world in Figure 4 would sound similarly naive
to most people today. It is therefore counterproductive to lay out too explicit
a road map to that goal. But how can one garner support without an explicit
plan for reaching the goal? Until I realized the applicability of risk
analysis, I didn't see how that could be accomplished, but risk analysis
provides an implicit, rather than an explicit map. No single step can reduce
the risk a thousand-fold, so if the risk analysis approach can be embedded in
society's consciousness, then one step after another will have to be taken
until a state with acceptable risk is reached. Later steps, which today would
be rejected as impossible (which they probably currently are) need not be
spelled out, but are latent, waiting to be discovered as part of that process.
The first critical step therefore is for society to recognize the risk inherent
in nuclear deterrence.
(If you agree, please share this article - or whatever approach you favor - with
others. E-mail is particularly effective since friends who agree can then relay
your message to others. This article, a sample e-mail, and other tools can be
found on the resource page at NuclearRisk.org. "Just talking" might not seem to
accomplish much, but as graphically depicted in Figure 4 and as noted by the
ancient Chinese sage Lao Tzu, "The journey of a thousand miles starts with a
single step." If you have not already done so, I hope you will take the first
step.)
Martin Hellman, professor emeritus of electrical engineering, Stanford
University. The renowned mathematician is best known for inventing public key
cryptography, the basis for secure transactions over the Internet, among
others. Hellman has worked for over 25 years to reduce the threat posed by
nuclear weapons and his current project is described at NuclearRisk.org. He is
a glider pilot with over 2,600 hours in the air.
Note
1. Professor Kenneth Arrow, Stanford University, 1972 Nobel Laureate in
Economics; Mr D James Bidzos, chairman of the board and interim CEO, VeriSign
Inc; Dr Richard Garwin, IBM fellow emeritus, former member President's Science
Advisory Committee and Defense Science Board; Admiral Bobby R Inman, USN
(Retired), University of Texas at Austin, former Director National Security
Agency and Deputy Director CIA; Professor William Kays, former dean of
engineering, Stanford University; Professor Donald Kennedy, president emeritus
of Stanford University, former head of FDA; Professor Martin Perl, Stanford
University, 1995 Nobel Laureate in Physics.
Head
Office: Unit B, 16/F, Li Dong Building, No. 9 Li Yuen Street East,
Central, Hong Kong Thailand Bureau:
11/13 Petchkasem Road, Hua Hin, Prachuab Kirikhan, Thailand 77110
their lives to help bring
about that noble goal.
