THE CYPHERNOMICON
1. Introduction
1.1. copyright
THE CYPHERNOMICON: Cypherpunks FAQ and More, Version 0.666,
1994-09-10, Copyright Timothy C. May. All rights reserved.
See the detailed disclaimer. Use short sections under "fair
use" provisions, with appropriate credit, but don't put your
name on my words.
1.2. Foreword
- The Cypherpunks have existed since September, 1992. In that
time, a vast amount has been written on cryptography, key
escrow, Clipper, the Net, the Information Superhighway, cyber
terrorists, and crypto anarchy. We have found ourselves (or
_placed_ ourselves) at the center of the storm.
- This FAQ may help to fill in some gaps about what we're
about, what motivates us, and where we're going. And maybe
some useful knowledge on crypto, remailers, anonymity,
digital cash, and other interesting things.
+ The Basic Issues
+ Great Divide: privacy vs. compliance with laws
+ free speech and privacy, even if means some criminals
cannot be caught (a stand the U.S. Constitution was
strongly in favor of, at one time)
- a man's home is his castle...the essence of the Magna
Carta systems...rights of the individual to be secure
from random searches
+ or invasive tactics to catch criminals, regulate
behavior, and control the population
- the legitimate needs to enforce laws, to respond to
situations
+ this parallels the issue of self-protection vs.
protection by law and police
- as seen in the gun debate
- crypto = guns in the sense of being an individual's
preemptive protection
- past the point of no return
- Strong crypto as building material for a new age
+ Transnationalism and Increased Degrees of Freedom
- governments can't hope to control movements and
communications of citizens; borders are transparent
+ Not all list members share all views
- This is not "the Official Cypherpunks FAQ." No such thing
can exist. This is the FAQ I wanted written. Views
expressed are my own, with as much input from others, as
much consensus, as I can manage. If you want a radically
different FAQ, write it yourself. If you don't like this
FAQ, don't read it. And tell your friends not to read it.
But don't bog down my mailbox, or the 500 others on the
list, with messages about how you would have worded Section
12.4.7.2 slightly differently, or how Section 6.9.12 does
not fully reflect your views. For obvious reasons.
- All FAQs are the products of a primary author, sometimes of
a committee. For this FAQ, I am the sole author. At least
of the version you are reading now. Future versions may
have more input from others, though this makes me nervous
(I favor new authors writing their own stuff, or using
hypertext links, rather than taking my basic writing and
attaching their name to it--it is true that I include the
quotes of many folks here, but I do so by explicitly
quoting them in the chunk they wrote....it will be tough
for later authors to clearly mark what Tim May wrote
without excessively cluttering the text. The revisionist's
dilemma.
- The list has a lot of radical libertarians, some anarcho-
capitalists, and even a few socialists
- Mostly computer-related folks, as might be expected. (There
are some political scientists, classical scholars, etc.
Even a few current or ex-lawyers.)
+ Do I Speak for Others?
- As I said, no. But sometimes I make claims about what
"most" list members believe, what "many" believe, or what
"some" believe.
- "Most" is my best judgment of what the majority believe,
at least the vocal majority in Cypherpunks discussions
(at the physical meetings, parties, etc.) and on the
List. "Many" means fewer, and "some" fewer still. "A few"
will mean a distinct minority. Note that this is from the
last 18 months of activity (so don't send in
clarifications now to try to "sway the vote").
- In particular, some members may be quite uncomfortable
being described as anarchists, crypto anarchists, money
launderers, etc.
+ My comments won't please everyone
- on nearly every point ever presented, some have disagreed
- feuds, battles, flames, idee fixes
- on issues ranging from gun control to Dolphin Encrypt to
various pet theories held dearly
- Someone once made a mundane joke about pseudonyms being
like multiple personality disorder--and a flame came back
saying: "That's not funny. I am MPD and my SO is MPD.
Please stop immediately!"
- can't be helped....can't present all sides to all arguments
+ Focus of this FAQ is U.S.-centric, for various reasons
- most on list are in U.S., and I am in U.S.
- NSA and crypto community is largely centered in the U.S.,
with some strong European activities
- U.S. law is likely to influence overseas law
+ We are at a fork in the road, a Great Divide
- Surveillance vs. Freedom
- nothing in the middle...either strong crypto and privacy is
strongly limited, or the things I describe here will be
done by some people....hence the "tipping factor" applies
(point of no return, horses out of the barn)
+ I make no claim to speaking "for the group." If you're
offended, write your own FAQ. My focus on things loosely
called "crypto anarchy" is just that: my _focus_. This focus
naturally percolates over into something like this FAQ, just
as someone primarily interested in the mechanics of PGP would
devote more space to PGP issues than I have.
- Gary Jeffers, for example, devotes most of his "CEB" to
issues surrounding PGP.
+ Will leave out some of the highly detailed items...
- Clipper, LEAF, escrow, Denning, etc.
- a myriad of encryption programs, bulk ciphers, variants on
PGP, etc. Some of these I've listed...others I've had to
throw my hands over and just ignore. (Keeping track of
zillions of versions for dozens of platforms...)
- easy to get lost in the details, buried in the bullshit
1.3. Motivations
1.3.1. With so much material available, why another FAQ?
1.3.2. No convenient access to archives of the list....and who could
read 50 MB of stuff anyway?
1.3.3. Why not Web? (Mosaic, Http, URL, etc.)
- Why not a navigable Web document?
- This is becoming trendy. Lots of URLs are included here, in
fact. But making all documents into Web documents has
downsides.
+ Reasons why not:
- No easy access for me.
- Many others also lack access. Text still rules.
- Not at all clear that a collection of hundreds of
fragments is useful
- I like the structured editors available on my Mac
(specifically, MORE, an outline editor)
-
1.3.4. What the Essential Points Are
- It's easy to lose track of what the core issues are, what
the really important points are. In a FAQ like this, a vast
amount of "cruft" is presented, that is, a vast amount of
miscellaneous, tangential, and epiphenomenal material.
Names of PGP versions, variants on steganograhy, and other
such stuff, all of which will change over the next few
months and years.
+ And yet that's partly what a FAQ is for. The key is just
not to lose track of the key ideas. I've mentioned what I
think are the important ideas many times. To wit:
- that many approaches to crypto exist
- that governments essentially cannot stop most of these
approaches, short of establishing a police state (and
probably not even then)
- core issues of identity, authentication, pseudonyms,
reputations, etc.
1.4. Who Should Read This
1.4.1. "Should I read this?"
- Yes, reading this will point you toward other sources of
information, will answer the most commonly asked questions,
and will (hopefully) head off the reappearance of the same
tired themes every few months.
- Use a search tool if you have one. Grep for the things that
interest you, etc. The granularity of this FAQ does not
lend itself to Web conversion, at least not with present
tools.
+ What _Won't_ Be Covered Here
+ basic cryptography
+ many good texts, FAQs, etc., written by full-time
cryptologists and educators
- in particular, some of the ideas are not simple, and
take several pages of well-written text to get the
point across
- not the focus of this FAQ
- basic political rants
1.5. Comments on Style and Thoroughness
1.5.1. "Why is this FAQ not in Mosaic form?"
- because the author (tcmay, as of 7/94) does not have Mosaic
access, and even if did, would not necessarily....
- linear text is still fine for some things...can be read on
all platforms, can be printed out, and can be searched with
standard grep and similar tools
1.5.2. "Why the mix of styles?"
+ There are three main types of styles here:
- Standard prose sections, explaining some point or listing
things. Mini-essays, like most posts to Cypherpunks.
+ Short, outline-style comments
- that I didn't have time or willpower to expand into
prose format
- that work best in outline format anyway
- like this
+ Quotes from others
- Cypherpunks are a bright group. A lot of clever things
have been said in the 600 days x 40 posts/day = 24,000
posts, and I am trying to use what I can.
+ Sadly, only a tiny fraction can be used
- because I simply cannot _read_ even a fraction of
these posts over again (though I've only saved
several thousand of the posts)
- and because including too many of these posts would
simply make the FAQ too long (it's still too long, I
suppose)
- I hope you can handle the changes in tone of voice, in
styles, and even in formats. It'll just too much time to
make it all read uniformly.
1.5.3. Despite the length of this thing, a vast amount of stuff is
missing. There have been hundreds of incisive analyses by
Cypherpunks, dozens of survey articles on Clipper, and
thousands of clever remarks. Alas, only a few of them here.
- And with 25 or more books on the Internet, hundreds of FAQs
and URLs, it's clear that we're all drowning in a sea of
information about the Net.
- Ironically, good old-fashioned books have a lot more
relevant and timeless information.
1.5.4. Caveats on the completeness or accuracy of this FAQ
+ not all points are fully fleshed out...the outline nature
means that nearly all points could be further added-to,
subdivided, taxonomized, and generally fleshed-out with
more points, counterpoints, examples
- like a giant tree...branches, leaves, tangled hierarchies
+ It is inevitable that conflicting points will be made in a
document of this size
- views change, but don't get corrected in all places
- different contexts lead to different viewpoints
- simple failure by me to be fully consistent
- and many points raised here would, if put into an essay
for the Cypherpunks list, generate comments, rebuttals,
debate, and even acrimony....I cannot expect to have all
sides represented fully, especially as the issues are
often murky, unresolved, in dispute, and generally
controversial
- inconsistencies in the points here in this FAQ
1.6. Corrections and Elaborations
+ "How to handle corrections or clarifications?"
- While I have done my best to ensure accuracy, errors will
no doubt exist. And as anyone can see from reading the
Cypherpunks list, nearly *any* statement made about any
subject can produce a flurry of rebuttals, caveats,
expansions, and whatnot. Some subjects, such as the nature
of money, the role of Cypherpunks, and the role of
reputations, produce dozens of differing opinions every
time they come up!
- So, it is not likely that my points here will be any
different. Fortunately, the sheer number of points here
means that not every one of them will be disagreed with.
But the math is pretty clear: if every reader finds even
one thing to disagree with and then posts his rebuttal or
elaboration....disaster! (Especially if some people can't
trim quotes properly and end up including a big chunk of
text.)
+ Recommendations
- Send corrections of _fact_ to me
- If you disagree with my opinion, and you think you can
change my mind, or cause me to include your opinion as an
elaboration or as a dissenting view, then send it. If
your point requires long debate or is a deep
disagreement, then I doubt I have the time or energy to
debate. If you want your views heard, write your own FAQ!
- Ultimately, send what you want. But I of course will
evaluate comments and apply a reputation-based filter to
the traffic. Those who send me concise, well-reasoned
corrections or clarifications are likelier to be listened
to than those who barrage me with minor clarifications
and elaborations.
- In short, this is not a group project. The "stone soup
FAQ" is not what this is.
+ More information
- Please don't send me e-mail asking for more information
on a particular topic--I just can't handle custom
research. This FAQ is long enough, and the Glossary at
the end contains additional information, so that I cannot
expand upon these topics (unless there is a general
debate on the list). In other words, don't assume this
FAQ is an entry point into a larger data base I will
generate. I hate to sound so blunt, but I've seen the
requests that come in every time I write a fairly long
article.
+ Tips on feedback
- Comments about writing style, of the form "I would have
written it _this_ way," are especially unwelcome.
+ Credit issues
- inevitable that omissions or collisions will occur
- ideas have many fathers
- some ideas have been "in the air" for many years
+ slogans are especially problematic
- "They can have my...."...I credit Barlow with this, but
I've heard others use it independently (I think; at least
I used it before hearing Barlow used it)
- "If crypto is outlawed, only outlaws will have crypto"
- "Big Brother Inside"
- if something really bothers you, send me a note
1.7. Acknowledgements
1.7.1. Acknowledgements
- My chief thanks go to the several hundred active
Cypherpunks posters, past and present.
- All rights reserved. Copyright Timothy C. May. Don't try to
sell this or incorporate it into anything that is sold.
Quoting brief sections is "fair use"...quoting long
sections is not.
1.8. Ideas and Notes (not to be printed)
1.8.1. Graphics for cover
- two blocks...plaintext to cryptotext
- Cypherpunks FAQ
- compiled by Timothy C. May, tcmay@netcom.com
- with help from many Cypherpunks
- with material from other sources
- <credited in angle brackets>
1.8.2. "So don't ask"
1.9. Things are moving quickly in crypto and crypto policy
1.9.1. hard to keep this FAQ current, as info changes
1.9.2. PGP in state of flux
1.9.3. new versions of tools coming constantly
1.9.4. And the whole Clipper thing has been turned on its head
recently by the Administration's backing off...lots of points
already made here are now rendered moot and are primarily of
historical interest only.
- Gore's letter to Cantwell
- Whit Diffie described a conference on key escrow systems in
Karlsruhe, Germany, which seemed to contain new ideas
- TIS? (can't use this info?)
1.10. Notes: The Cyphernomicon: the CypherFAQ and More
1.10.1. 2.3.1. "The Book of Encyphered Names"
- Ibn al-Taz Khallikak, the Pine Barrens Horror.
- Liber Grimoiris....Cifur???
- spreading from the Sumerian sands, through the gate of
Ishtar, to the back alleys of Damascus, tempered with the
blood of Westerners
- Keys of Solomon, Kool John Dee and the Rapping Cryps Gone
to Croatan
- Peter Krypotkin, the Russian crypto anarchist
- Twenty-nine Primes, California
1.10.2. 2.3.2. THE CYPHERNOMICON: a Cypherpunk FAQ and More---
Version 0.666
1.10.3. 1994-09-01, Copyright Timothy C. May, tcmay@netcom.com
1.10.4.
- Written and compiled by Tim May, except as noted by
credits. (Influenced by years of good posts on the
Cypherpunks list.) Permission is granted to post and
distribute this document in an unaltered and complete
state, for non-profit and educational purposes only.
Reasonable quoting under "fair use" provisions is
permitted. See the detailed disclaimer of responsibilities
and liabilities in the Introduction chapter.
2. MFAQ--Most Frequently Asked Questions
2.1. copyright
THE CYPHERNOMICON: Cypherpunks FAQ and More, Version 0.666,
1994-09-10, Copyright Timothy C. May. All rights reserved.
See the detailed disclaimer. Use short sections under "fair
use" provisions, with appropriate credit, but don't put your
name on my words.
2.2. SUMMARY: MFAQ--Most Frequently Asked Questions
2.2.1. Main Points
- These are the main questions that keep coming up. Not
necessarily the most basic question, just the ones that get
asked a lot. What most FAQs are.
2.2.2. Connections to Other Sections
2.2.3. Where to Find Additional Information
- newcomers to crypto should buy Bruce Schneier's "Applied
Cryptography"...it will save many hours worth of
unnecessary questions and clueless remarks about
cryptography.
- the various FAQs publishe in the newsroups (like sci.crypt,
alt.security.pgp) are very helpful. (also at rtfm.mit.edu)
2.2.4. Miscellaneous Comments
- I wasn't sure what to include here in the MFAQ--perhaps
people can make suggestions of other things to include.
- My advice is that if something interests you, use your
editing/searching tools to find the same topic in the main
section. Usually (but not always) there's more material in
the main chapters than here in the MFAQ.
2.3. "What's the 'Big Picture'?"
2.3.1. Strong crypto is here. It is widely available.
2.3.2. It implies many changes in the way the world works. Private
channels between parties who have never met and who never
will meet are possible. Totally anonymous, unlinkable,
untraceable communications and exchanges are possible.
2.3.3. Transactions can only be *voluntary*, since the parties are
untraceable and unknown and can withdraw at any time. This
has profound implications for the conventional approach of
using the threat of force, directed against parties by
governments or by others. In particular, threats of force
will fail.
2.3.4. What emerges from this is unclear, but I think it will be a
form of anarcho-capitalist market system I call "crypto
anarchy." (Voluntary communications only, with no third
parties butting in.)
2.4. Organizational
2.4.1. "How do I get on--and off--the Cypherpunks list?"
- Send a message to "cypherpunks-request@toad.com"
- Any auto-processed commands?
- don't send requests to the list as a whole....this will
mark you as "clueless"
2.4.2. "Why does the Cypherpunks list sometimes go down, or lose the
subscription list?"
- The host machine, toad.com, owned by John Gilmore, has had
the usual problems such machines have: overloading,
shortages of disk space, software upgrades, etc. Hugh
Daniel has done an admirable job of keeping it in good
shape, but problems do occur.
- Think of it as warning that lists and communication systems
remain somewhat fragile....a lesson for what is needed to
make digital money more robust and trustable.
- There is no paid staff, no hardware budget for
improvements. The work done is strictly voluntarily.
2.4.3. "If I've just joined the Cypherpunks list, what should I do?"
- Read for a while. Things will become clearer, themes will
emerge, and certain questions will be answered. This is
good advice for any group or list, and is especially so for
a list with 500 or more people on it. (We hit 700+ at one
point, then a couple of list outages knocked the number
down a bit.)
- Read the references mentioned here, if you can. The
sci.crypt FAQ should be read. And purchase Bruce Schneier's
"Applied Cryptography" the first chance you get.
- Join in on things that interest you, but don't make a fool
of yourself. Reputations matter, and you may come to regret
having come across as a tedious fool in your first weeks on
the list. (If you're a tedious fool after the first few
weeks, that may just be your nature, of course.)
- Avoid ranting and raving on unrelated topics, such as
abortion (pro or con), guns (pro or con), etc. The usual
topics that usually generate a lot of heat and not much
light. (Yes, most of us have strong views on these and
other topics, and, yes, we sometimes let our views creep
into discussions. There's no denying that certain
resonances exist. I'm just urging caution.)
2.4.4. "I'm swamped by the list volume; what can I do?"
- This is a natural reaction. Nobody can follow it all; I
spend entirely too many hours a day reading the list, and I
certainly can't follow it all. Pick areas of expertise and
then follow them and ignore the rest. After all, not seeing
things on the list can be no worse than not even being
subscribed to the list!
- Hit the "delete" key quickly
- find someone who will digest it for you (Eric Hughes has
repeatedly said anyone can retransmit the list this way;
Hal Finney has offered an encrypted list)
+ Better mailers may help. Some people have used mail-to-news
systems and then read the list as a local newsgroup, with
threads.
- I have Eudora, which supports off-line reading and
sorting features, but I generally end up reading with an
online mail program (elm).
- The mailing list may someday be switched over to a
newsgroup, a la "alt.cypherpunks." (This may affect some
people whose sites do not carry alt groups.)
2.4.5. "It's very easy to get lost in the morass of detail here. Are
there any ways to track what's *really* important?"
- First, a lot of the stuff posted in the Usenet newsgroups,
and on the Cypherpunks list, is peripheral stuff,
epiphenomenal cruft that will blow away in the first strong
breeze. Grungy details about PGP shells, about RSA
encryption speeds, about NSA supercomputers. There's just
no reason for people to worry about "weak IDEA keys" when
so many more pressing matters exist. (Let the experts
worry.) Little of this makes any real difference, just as
little of the stuff in daily newspapers is memorable or
deserves to be memorable.
- Second, "read the sources." Read "1984," "The Shockwave
Rider," "Atlas Shrugged," "True Names." Read the Chaum
article on making Big Brother obsolete (October 1985,
"Communications of the ACM").
- Third, don't lose sight of the core values: privacy,
technological solutions over legal solutions, avoiding
taxation, bypassing laws, etc. (Not everyone will agree
with all of these points.)
- Fourth, don't drown in the detail. Pick some areas of
interest and follow _them_. You may not need to know the
inner workings of DES or all the switches on PGP to make
contributions in other areas. (In fact, you surely don't.)
2.4.6. "Who are the Cypherpunks?"
- A mix of about 500-700
+ Can find out who by sending message to majordomo@toad.com
with the message body text "who cypherpunks" (no quotes, of
course).
- Is this a privacy flaw? Maybe.
- Lots of students (they have the time, the Internet
accounts). Lots of computer science/programming folks. Lots
of libertarians.
- quote from Wired article, and from "Whole Earth Review"
2.4.7. "Who runs the Cypherpunks?"
- Nobody. There's no formal "leadership." No ruler = no head
= an arch = anarchy. (Look up the etymology of anarchy.)
- However, the mailing list currently resides on a physical
machine, and this machine creates some nexus of control,
much like having a party at someon'e house. The list
administrator is currently Eric Hughes (and has been since
the beginning). He is helped by Hugh Daniel, who often does
maintenance of the toad.com, and by John Gilmore, who owns
the toad.com machine and account.
- In an extreme situation of abuse or neverending ranting,
these folks could kick someone off the list and block them
from resubscribing via majordomo. (I presume they could--
it's never happened.)
- To emphasize: nobody's ever been kicked off the list, so
far as I know. Not even Detweiler...he asked to be removed
(when the list subscribes were done manually).
- As to who sets policy, there is no policy! No charter, no
agenda, no action items. Just what people want to work on
themselves. Which is all that can be expected. (Some people
get frustrated at this lack of consensus, and they
sometimes start flaming and ranting about "Cypherpunks
never do anything," but this lack of consensus is to be
expected. Nobody's being paid, nobody's got hiring and
firing authority, so any work that gets done has to be
voluntary. Some volunteer groups are more organized than we
are, but there are other factors that make this more
possible for them than it is for us. C'est la vie.)
- Those who get heard on the mailing list, or in the physical
meetings, are those who write articles that people find
interesting or who say things of note. Sounds fair to me.
2.4.8. "Why don't the issues that interest me get discussed?"
- Maybe they already have been--several times. Many newcomers
are often chagrined to find arcane topics being discussed,
with little discussion of "the basics."
- This is hardly surprising....people get over the "basics"
after a few months and want to move on to more exciting (to
them) topics. All lists are like this.
- In any case, after you've read the list for a while--maybe
several weeks--go ahead and ask away. Making your topic
fresher may generate more responses than, say, asking
what's wrong with Clipper. (A truly overworked topic,
naturally.)
2.4.9. "How did the Cypherpunks group get started?"
2.4.10. "Where did the name 'Cypherpunks' come from?"
+ Jude Milhon, aka St. Jude, then an editor at "Mondo 2000,"
was at the earliest meetings...she quipped "You guys are
just a bunch of cypherpunks." The name was adopted
immediately.
- The 'cyberpunk' genre of science fiction often deals with
issues of cyberspace and computer security ("ice"), so
the link is natural. A point of confusion is that
cyberpunks are popularly thought of as, well, as "punks,"
while many Cyberpunks are frequently libertarians and
anarchists of various stripes. In my view, the two are
not in conflict.
- Some, however, would prefer a more staid name. The U.K.
branch calls itself the "U.K. Crypto Privacy
Association." <check this> However, the advantages of the
name are clear. For one thing, many people are bored by
staid names. For another, it gets us noticed by
journalists and others.
-
- We are actually not very "punkish" at all. About as punkish
as most of our cyberpunk cousins are, which is to say, not
very.
+ the name
- Crypto Cabal (this before the sci.crypt FAQ folks
appeared, I think), Crypto Liberation Front, other names
- not everybody likes the name...such is life
2.4.11. "Why doesn't the Cypherpunks group have announced goals,
ideologies, and plans?"
- The short answer: we're just a mailing list, a loose
association of folks interested in similar things
- no budget, no voting, no leadership (except the "leadership
of the soapbox")
- How could such a consensus emerge? The usual approach is
for an elected group (or a group that seized power) to
write the charter and goals, to push their agenda. Such is
not the case here.
- Is this FAQ a de facto statement of goals? Not if I can
help it, to be honest. Several people before me planned
some sort of FAQ, and had they completed them, I certainly
would not have felt they were speaking for me or for the
group. To be consistent, then, I cannot have others think
this way about _this_ FAQ!
2.4.12. "What have the Cypherpunks actually done?"
- spread of crypto: Cypherpunks have helped
(PGP)...publicity, an alternative forum to sci.crypt (in
many ways, better...better S/N ratio, more polite)
- Wired, Whole Earth Review, NY Times, articles
- remailers, encrypted remailers
+ The Cypherpunk- and Julf/Kleinpaste-style remailers were
both written very quickly, in just days
- Eric Hughes wrote the first Cypherpunks remailer in a
weekend, and he spent the first day of that weekend
learning enough Perl to do the job.
+ Karl Kleinpaste wrote the code that eventually turned
into Julf's remailer (added to since, of course) in a
similarly short time:
- "My original anon server, for godiva.nectar.cs.cmu.edu
2 years ago, was written in a few hours one bored
afternoon. It
wasn't as featureful as it ended up being, but it was
"complete" for
its initial goals, and bug-free."
[Karl_Kleinpaste@cs.cmu.edu, alt.privacy.anon-server,
1994-09-01]
- That other interesting ideas, such as digital cash, have
not yet really emerged and gained use even after years of
active discussion, is an interesting contrast to this
rapid deployment of remailers. (The text-based nature of
both straight encryption/signing and of remailing is
semantically simpler to understand and then use than are
things like digital cash, DC-nets, and other crypto
protocols.)
- ideas for Perl scripts, mail handlers
- general discussion, with folks of several political
persuasions
- concepts: pools, Information Liberation Front, BlackNet
-
2.4.13. "How Can I Learn About Crypto and Cypherpunks Info?"
2.4.14. "Why is there sometimes disdain for the enthusiasm and
proposals of newcomers?"
- None of us is perfect, so we sometimes are impatient with
newcomers. Also, the comments seen tend to be issues of
disagreement--as in all lists and newsgroups (agreement is
so boring).
- But many newcomers also have failed to do the basic reading
that many of us did literally _years_ before joining this
list. Cryptology is a fairly technical subject, and one can
no more jump in and expect to be taken seriously without
any preparation than in any other technical field.
- Finally, many of us have answered the questions of
newcomers too many times to be enthusiastic about it
anymore. Familiarity breeds contempt.
+ Newcomers should try to be patient about our impatience.
Sometimes recasting the question generates interest.
Freshness matters. Often, making an incisive comment,
instead of just asking a basic question, can generate
responses. (Just like in real life.)
- "Clipper sux!" won't generate much response.
2.4.15. "Should I join the Cypherpunks mailing list?"
- If you are reading this, of course, you are most likely on
the Cypherpunks list already and this point is moot--you
may instead be asking if you should_leave_ the List!
- Only if you are prepared to handle 30-60 messages a day,
with volumes fluctuating wildly
2.4.16. "Why isn't the Cypherpunks list encrypted? Don't you believe
in encryption?"
- what's the point, for a publically-subscribable list?
- except to make people jump through hoops, to put a large
burden on toad (unless everybody was given the same key, so
that just one encryption could be done...which underscores
the foolishness)
+ there have been proposals, mainly as a stick to force
people to start using encryption...and to get the encrypted
traffic boosted
- involving delays for those who choose not or can't use
crypto (students on terminals, foreigners in countries
which have banned crypto, corporate subscribers....)
2.4.17. "What does "Cypherpunks write code' mean?"
- a clarifying statement, not an imperative
- technology and concrete solutions over bickering and
chatter
- if you don't write code, fine. Not everyone does (in fact,
probably less than 10% of the list writes serious code, and
less than 5% writes crypto or security software
2.4.18. "What does 'Big Brother Inside' Mean?"
- devised by yours truly (tcmay) at Clipper meeting
- Matt Thomlinson, Postscript
- printed by ....
2.4.19. "I Have a New Idea for a Cipher---Should I Discuss it Here?"
- Please don't. Ciphers require careful analysis, and should
be in paper form (that is, presented in a detailed paper,
with the necessary references to show that due diligence
was done, the equations, tables, etc. The Net is a poor
substitute.
- Also, breaking a randomly presented cipher is by no means
trivial, even if the cipher is eventually shown to be weak.
Most people don't have the inclination to try to break a
cipher unless there's some incentive, such as fame or money
involved.
- And new ciphers are notoriously hard to design. Experts are
the best folks to do this. With all the stuff waiting to be
done (described here), working on a new cipher is probably
the least effective thing an amateur can do. (If you are
not an amateur, and have broken other people's ciphers
before, then you know who you are, and these comments don't
apply. But I'll guess that fewer than a handful of folks on
this list have the necessary background to do cipher
design.)
- There are a vast number of ciphers and systems, nearly all
of no lasting significance. Untested, undocumented, unused-
-and probably unworthy of any real attention. Don't add to
the noise.
2.4.20. Are all the Cypherpunks libertarians?
2.4.21. "What can we do?"
- Deploy strong crypto, to ensure the genie cannot be put in
the bottle
- Educate, lobby, discuss
- Spread doubt, scorn..help make government programs look
foolish
- Sabotage, undermine, monkeywrench
- Pursue other activities
2.4.22. "Why is the list unmoderated? Why is there no filtering of
disrupters like Detweiler?"
- technology over law
- each person makes their own choice
- also, no time for moderation, and moderation is usually
stultifying
+ anyone who wishes to have some views silenced, or some
posters blocked, is advised to:
- contract with someone to be their Personal Censor,
passing on to them only approved material
- subscribe to a filtering service, such as Ray and Harry
are providing
2.4.23. "What Can I Do?"
- politics, spreading the word
- writing code ("Cypherpunks write code")
2.4.24. "Should I publicize my new crypto program?"
- "I have designed a crypting program, that I think is
unbreakable. I challenge anyone who is interested to get
in touch with me, and decrypt an encrypted massage."
"With highest regards,
Babak Sehari." [Babak Sehari, sci.crypt, 6-19-94]
2.4.25. "Ask Emily Post Crypt"
+ my variation on "Ask Emily Postnews"
- for those that don't know, a scathing critique of
clueless postings
+ "I just invented a new cipher. Here's a sample. Bet you
can't break it!"
- By all means post your encrypted junk. We who have
nothing better to do with our time than respond will be
more than happy to spend hours running your stuff through
our codebreaking Crays!
- Be sure to include a sample of encrypted text, to make
yourself appear even more clueless.
+ "I have a cypher I just invented...where should I post it?"
+ "One of the very most basic errors of making ciphers is
simply to add
- layer upon layer of obfuscation and make a cipher which
is nice and
- "complex". Read Knuth on making random number
generators for the
- folly in this kind of approach. " <Eric Hughes, 4-17-
94, Cypherpunks>
+ "Ciphers carry the presumption of guilt, not innocence.
Ciphers
- designed by amateurs invariably fail under scrutiny by
experts. This
- sociological fact (well borne out) is where the
presumption of
- insecurity arises. This is not ignorance, to assume
that this will
- change. The burden of proof is on the claimer of
security, not upon
- the codebreaker. <Eric Hughes, 4-17-94, Cypherpunks>
+ "I've just gotten very upset at something--should I vent my
anger on the mailing list?"
- By all means! If you're fed up doing your taxes, or just
read something in the newspaper that really angered you,
definitely send an angry message out to the 700 or so
readers and help make _them_ angry!
- Find a bogus link to crypto or privacy issues to make it
seem more relevant.
2.4.26. "What are some main Cypherpunks projects?"
+ remailers
+ better remailers, more advanced features
- digital postage
- padding, batching/latency
- agent features
- more of them
- offshore (10 sites in 5 countries, as a minimum)
- tools, services
- digital cash in better forms
-
2.4.27. "What about sublists, to reduce the volume on the main list."
- There are already half a dozen sub-lists, devoted to
planning meetings, to building hardware, and to exploring
DC-Nets. There's one for remailer operators, or there used
to be. There are also lists devoted to similar topics as
Cypherpunks, including Robin Hanson's "AltInst" list
(Alternative Institutions), Nick Szabo's "libtech-l" list,
the "IMP-Interest" (Internet Mercantile Protocols) list,
and so on. Most are very low volume.
+ That few folks have heard of any of them, and that traffic
volumes are extremely low, or zero, is not all that
surprising, and matches experiences elsewhere. Several
reasons:
- Sublists are a bother to remember; most people forget
they exist, and don't think to post to them. (This
"forgetting" is one of the most interesting aspects of
cyberspace; successful lists seem to be Schelling points
that accrete even more members, while unsuccessful lists
fade away into nothingness.)
- There's a natural desire to see one's words in the larger
of two forums, so people tend to post to the main list.
- The sublists were sometimes formed in a burst of
exuberance over some topic, which then faded.
- Topics often span several subinterest areas, so posting
to the main list is better than copying all the relevant
sublists.
- In any case, the Cypherpunks main list is "it," for now,
and has driven other lists effectively out of business. A
kind of Gresham's Law.
2.5. Crypto
2.5.1. "Why is crypto so important?"
+ The three elements that are central to our modern view of
liberty and privacy (a la Diffie)
- protecting things against theft
- proving who we say we are
- expecting privacy in our conversations and writings
- Although there is no explicit "right of privacy" enumerated
in the U.S. Constitution, the assumption that an individual
is to be secure in his papers, home, etc., absent a valid
warrant, is central. (There has never been a ruling or law
that persons have to speak in a language that is
understandable by eavesdroppers, wiretappers, etc., nor has
there ever been a rule banning private use of encrption. I
mention this to remind readers of the long history of
crypto freedom.)
- "Information, technology and control of both _is_ power.
*Anonymous* telecommunications has the potential to be the
greatest equalizer in history. Bringing this power to as
many as possible will forever change the discourse of power
in this country (and the world)." [Matthew J Miszewski, ACT
NOW!, 1993-03-06]
2.5.2. "Who uses cryptography?"
- Everybody, in one form or another. We see crypto all around
us...the keys in our pockets, the signatures on our
driver's licenses and other cards, the photo IDs, the
credit cards. Lock combinations, door keys, PIN numbers,
etc. All are part of crypto (although most might call this
"security" and not a very mathematical thing, as
cryptography is usually thought to be).
- Whitticism: "those who regularly
conspire to participate in the political process are
already encrypting." [Whit Diffie]
2.5.3. "Who needs crypto? What have they got to hide?"
+ honest people need crypto because there are dishonest
people
- and there may be other needs for privacy
- There are many reasons why people need privacy, the ability
to keep some things secret. Financial, personal,
psychological, social, and many other reasons.
- Privacy in their papers, in their diaries, in their pesonal
lives. In their financial choices, their investments, etc.
(The IRS and tax authorities in other countries claim to
have a right to see private records, and so far the courts
have backed them up. I disagree.)
- people encrypt for the same reason they close and lock
their doors
- Privacy in its most basic forms
2.5.4. "I'm new to crypto--where should I start?"
- books...Schneier
- soda
- sci.crypt
- talk.politics.crypto
- FAQs other than this one
2.5.5. "Do I need to study cryptography and number theory to make a
contribution?"
- Absolutely not! Most cryptographers and mathematicians are
so busy doing their thing that they little time or interest
for political and entrepreneurial activities.
Specialization is for insects and researchers, as someone's
.sig says.
- Many areas are ripe for contribution. Modularization of
functions means people can concentrate in other areas,
just as writers don't have to learn how to set type, or cut
quill pens, or mix inks.
- Nonspecialists should treat most established ciphers as
"black boxes" that work as advertised. (I'm not saying they
do, just that analysis of them is best left to experts...a
little skepticism may not hurt, though).
2.5.6. "How does public key cryptography work, simply put?"
- Plenty of articles and textbooks describe this, in ever-
increasing detail (they start out with the basics, then get
to the juicy stuff).
+ I did find a simple explanation, with "toy numbers," from
Matthew Ghio:
- "You pick two prime numbers; for example 5 and 7.
Multiply them together, equals 35. Now you calculate the
product of one less than each number, plus one. (5-1)(7-
1)+1=21. There is a mathematical relationship that says
that x = x^21 mod 35 for any x from 0 to 34. Now you
factor 21, yeilds 3 and 7.
"You pick one of those numbers to be your private key and
the other one is your public key. So you have:
Public key: 3
Private key: 7
"Someone encrypts a message for you by taking plaintext
message m to make ciphertext message c: c=m^3 mod 35
"You decrypt c and find m using your private key: m=c^7
mod 35
"If the numbers are several hundred digits long (as in
PGP), it is nearly impossible to guess the secret key."
[Matthew Ghio, alt.anonymous, 1994-09-03]
- (There's a math error here...exercise left for the
student.)
2.5.7. "I'm a newcomer to this stuff...how should I get started?"
- Start by reading some of the material cited. Don't worry
too much about understanding it all.
- Follow the list.
- Find an area that interests you and concentrate on that.
There is no reason why privacy advocates need to understand
Diffie-Hellman key exchange in detail!
+ More Information
+ Books
- Schneier
- Brassard
+ Journals, etc
- Proceedings
- Journal of Cryptology
- Cryptologia
- Newsgroups
- ftp sites
2.5.8. "Who are Alice and Bob?"
2.5.9. "What is security through obscurity"?
- adding layers of confusion, indirection
- rarely is strong in a an infromation-theoretic or
cryptographic sense
- and may have "shortcuts" (like a knot that looks complex
but which falls open if approached the right way)
- encryption algorithms often hidden, sites hidden
- Make no mistake about it, these approaches are often used.
And they can add a little to the overall security (using
file encyption programs like FolderBolt on top of PGP is an
example)...
2.5.10. "Has DES been broken? And what about RSA?"
- DES: Brute-force search of the keyspace in chosen-plaintext
attacks is feeasible in around 2^47 keys, according to
Biham and Shamir. This is about 2^9 times easier than the
"raw" keyspace. Michael Wiener has estimated that a macine
of special chips could crack DES this way for a few
thousand dollars per key. The NSA may have such machines.
- In any case, DES was not expected to last this long by many
(and, in fact, the NSA and NIST proposed a phaseout some
years back, the "CCEP" (Commercial COMSEC Endorsement
Program), but it never caught on and seems forgotten today.
Clipper and EES seem to have grabbed the spotlight.
- IDEA, from Europe, is supposed to be much better.
- As for RSA, this is unlikely. Factoring is not yet proven
to be NP-co
2.5.11. "Can the NSA Break Foo?"
- DES, RSA, IDEA, etc.
- Can the government break our ciphers?
2.5.12. "Can brute-force methods break crypto systems?"
- depends on the system, the keyspace, the ancillary
information avialable, etc.
- processing power generally has been doubling every 12-18
months (Moore's Law), so....
- Skipjack is 80 bits, which is probably safe from brute
force attack for 2^24 = 1.68e7 times as long as DES is.
With Wiener's estimate of 3.5 hours to break DES, this
implies 6700 years using today's hardware. Assuming an
optimistic doubling of hardware power per year (for the
same cost), it will take 24 years before the hardware costs
of a brute force attack on Skipjack come down to what it
now costs to attack DES. Assuming no other weaknesses in
Skipjack.
- And note that intelligence agencies are able to spend much
more than what Wiener calculated (recall Norm Hardy's
description of Harvest)
2.5.13. "Did the NSA know about public key ideas before Diffie and
Hellman?"
+ much debate, and some sly and possibly misleading innuendo
- Simmons claimed he learned of PK in Gardner's column, and
he certainly should've been in a position to know
(weapons, Sandia)
-
+ Inman has claimed that NSA had a P-K concept in 1966
- fits with Dominik's point about sealed cryptosystem boxes
with no way to load new keys
- and consistent with NSA having essentially sole access to
nation's top mathematicians (until Diffies and Hellmans
foreswore government funding, as a result of the anti-
Pentagon feelings of the 70s)
2.5.14. "Did the NSA know about public-key approaches before Diffie
and Hellman?"
- comes up a lot, with some in the NSA trying to slyly
suggest that _of course_ they knew about it...
- Simmons, etc.
- Bellovin comments (are good)
2.5.15. "Can NSA crack RSA?"
- Probably not.
- Certainly not by "searching the keyspace," an idea that
pops up every few months . It can't be done. 1024-bit keys
implies roughly 512-bit primes, or 153-decimal digit
primes. There are more than 10^150 of them! And only about
10^73 particles in the entire universe.
- Has the factoring problem been solved? Probably not. And it
probably won't be, in the sense that factoring is probably
in NP (though this has not been proved) and P is probably
not NP (also unproved, but very strongly suspected). While
there will be advances in factoring, it is extremely
unlikely (in the religious sense) that factoring a 300-
digit number will suddenly become "easy."
- Does the RSA leak information so as to make it easier to
crack than it is to factor the modulus? Suspected by some,
but basically unknown. I would bet against it. But more
iffy than the point above.
+ "How strong is strong crypto?"
- Basically, stronger than any of the hokey "codes" so
beloved of thriller writers and movie producers. Modern
ciphers are not crackable by "telling the computer to run
through all the combinations" (more precisely, the number
of combinations greatly exceeds the number of atoms in
the universe).
2.5.16. "Won't more powerful computers make ciphers breakable?"
+ The effects of increasing computer power confer even
*greater* advantage to the cipher user than to the cipher
breaker. (Longer key lengths in RSA, for example, require
polynomially more time to use, but exponentially more time
to break, roughly speaking.) Stunningly, it is likely that
we are close to being able to use key lengths which cannot
be broken with all the computer power that will ever exist
in the universe.
+ Analogous to impenetrable force fields protecting the
data, with more energy required to "punch through" than
exists in the universe
- Vernor Vinge's "bobbles," in "The Peace War."
- Here I am assuming that no short cuts to factoring
exist...this is unproven, but suspected. (No major
shortcuts, i.e., factoring is not "easy.")
+ A modulus of thousands of decimal digits may require more
total "energy" to factor, using foreseeable approaches,
than is available
- reversible computation may help, but I suspect not much
- Shor's quantum-mechanical approach is completely
untested...and may not scale well (e.g., it may be
marginally possible to get the measurement precision to
use this method for, say, 100-digit numbers, but
utterly impossible to get it for 120-digit numbers, let
alone 1000-digit numbers)
2.5.17. "Will strong crypto help racists?"
- Yes, this is a consequence of having secure virtual
communities. Free speech tends to work that way!
- The Aryan Nation can use crypto to collect and disseminate
information, even into "controlled" nations like Germany
that ban groups like Aryan Nation.
- Of course, "on the Internet no one knows you're a dog," so
overt racism based on superficial external characteristics
is correspondingly harder to pull off.
- But strong crypto will enable and empower groups who have
different beliefs than the local majority, and will allow
them to bypass regional laws.
2.5.18. Working on new ciphers--why it's not a Cypherpunks priority
(as I see it)
- It's an issue of allocation of resources. ("All crypto is
economics." E. Hughes) Much work has gone into cipher
design, and the world seems to have several stable, robust
ciphers to choose from. Any additional work by crypto
amateurs--which most of us are, relative to professional
mathematicians and cipher designers--is unlikely to move
things forward significantly. Yes, it could happen...but
it's not likely.
+ Whereas there are areas where professional cryptologists
have done very little:
- PGP (note that PRZ did *not* take time out to try to
invent his own ciphers, at least not for Version
2.0)...he concentrated on where his efforts would have
the best payoff
- implementation of remailers
- issues involving shells and other tools for crypto use
- digital cash
- related issues, such as reputations, language design,
game theory, etc.
- These are the areas of "low-hanging fruit," the areas where
the greatest bang for the buck lies, to mix some metaphors
(grapeshot?).
2.5.19. "Are there any unbreakable ciphers?"
- One time pads are of course information-theoretically
secure, i.e., unbreakable by computer power.
+ For conventional ciphers, including public key ciphers,
some ciphers may not be breakable in _our_ universe, in any
amount of time. The logic goes as follows:
- Our universe presumably has some finite number of
particles (currently estimated to be 10^73 particles).
This leads to the "even if every particle were a Cray Y-
MP it would take..." sorts of thought experiments.
But I am considering _energy_ here. Ignoring reversible
computation for the moment, computations dissipate energy
(some disagree with this point). There is some uppper
limit on how many basic computations could ever be done
with the amount of free energy in the universe. (A rough
calculation could be done by calculating the energy
output of stars, stuff falling into black holes, etc.,
and then assuming about kT per logical operation. This
should be accurate to within a few orders of magnitude.)
I haven't done this calculation, and won't here, but the
result would likely be something along the lines of X
joules of energy that could be harnessed for computation,
resulting in Y basic primitive computational steps.
I can then find a modulus of 3000 digits or 5000 digits,
or whatever, that takes *more* than this number of steps
to factor. Therefore, unbreakable in our universe.
- Caveats:
1. Maybe there are really shortcuts to factoring. Certainly
improvements in factoring methods will continue. (But of
course these improvements are not things that convert
factoring into a less than exponential-in-length
problem...that is, factoring appears to remain "hard.")
2. Maybe reversible computations (a la Landauer, Bennett,
et. al.) actually work. Maybe this means a "factoring
machine" can be built which takes a fixed, or very slowly
growing, amount of energy. In this case, "forever" means
Lefty is probably right.
3. Maybe the quantum-mechanical idea of Peter Shor is
possible. (I doubt it, for various reasons.)
2.5.20. "How safe is RSA?" "How safe is PGP?" "I heard that PGP has
bugs?"
- This cloud of questions is surely the most common sort that
appears in sci.crypt. It sometimes gets no answers,
sometimes gets a rude answer, and only occasionally does it
lead to a fruiful discussion.
- The simple anwer: These ciphers appear to be safe, to have
no obvious flaws.
- More details can be found in various question elsewhere in
this FAQ and in the various FAQs and references others have
published.
2.5.21. "How long does encryption have to be good for?"
- This obviously depends on what you're encrypting. Some
things need only be safe for short periods of time, e.g., a
few years or even less. Other things may come back to haunt
you--or get you thrown in prison--many years later. I can
imagine secrets that have to be kept for many decades, even
centuries (for example, one may fear one's descendents will
pay the price for a secret revealed).
- It is useful to think _now_ about the computer power likely
to be available in the year 2050, when many of you reading
this will still be around. (I'm _not_ arguing that
parallelism, etc., will cause RSA to fall, only that some
key lengths (e.g., 512-bit) may fall by then. Better be
safe and use 1024 bits or even more. Increased computer
power makes longer keys feasible, too.).
2.6. PGP
2.6.1. There's a truly vast amount of information out there on PGP,
from current versions, to sites, to keyserver issues, and so
on. There are also several good FAQs on PGP, on MacPGP, and
probably on nearly every major version of PGP. I don't expect
to compete here with these more specialized FAQs.
- I'm also not a PGP expert, using it only for sending and
receiving mail, and rarely doing much more with it.
- The various tools, for all major platforms, are a specialty
unto themselves.
2.6.2. "Where do I get PGP?"
2.6.3. "Where can I find PGP?"
- Wait around for several days and a post will come by which
gives some pointers.
- Here are some sites current at this writing: (watch out for
changes)
2.6.4. "Is PGP secure? I heard someone had...."
- periodic reports, urban legend, that PGP has been
compromised, that Phil Z. has been "persuaded" to....
+ implausible for several reasons
- Phil Z no longer controls the source code by himself
- the source code is available and can be inspected...would
be very difficult to slip in major back doors that would
not be apparent in the source code
- Phil has denied this, and the rumors appear to come from
idle speculation
+ But can PGP be broken?
- has not been tested independently in a thorough,
cryptanalytic way, yet (opinion of tcmay)
- NSA isn't saying
+ Areas for attack
+ IDEA
- some are saying doubling of the number of rounds
should be donee
- the random number generators...Colin Plumb's admission
2.6.5. "Should I use PGP and other crypto on my company's
workstations?"
- machines owned by corporations and universities, usually on
networks, are generally not secure (that is, they may be
compromised in various ways)
- ironically, most of the folks who sign all their messages,
who use a lot of encryption, are on just such machines
- PCs and Macs and other nonnetworked machines are more
secure, but are harder to use PGP on (as of 1994)
- these are generalizations--there are insecure PCs and
secure workstations
2.6.6. "I just got PGP--should I use it for all my mail?"
- No! Many people cannot easily use PGP, so if you wish to
communicate with them, don't encrypt everything. Use
encryption where it matters.
- If you just want more people to use encryption, help with
the projects to better integrate crypto into existing
mailers.
2.6.7. NSA is apparently worried about PGP, worried about the spread
of PGP to other countries, and worried about the growth of
"internal communities" that communicate via "black pipes" or
"encrypted tunnels" that are impenetrable to them.
2.7. Clipper
2.7.1. "How can the government do this?"
- incredulity that bans, censorship, etc. are legal
+ several ways these things happen
- not tested in the courts
- wartime regulations
+ conflicting interpretations
- e.g., "general welfare" clause used to justify
restrictions on speech, freedom of association, etc.
+ whenever public money or facilities used (as with
churches forced to hire Satanists)
- and in this increasingly interconnnected world, it is
sometimes very hard to avoid overlap with public
funding, facilities, etc.
2.7.2. "Why don't Cypherpunks develop their won competing encryption
chip?"
+ Many reasons not to:
- cost
- focus
- expertise
- hard to sell such a competing standard
- better to let market as a whole make these choices
2.7.3. "Why is crypto so frightening to governments?"
+ It takes away the state's power to snoop, to wiretap, to
eavesdrop, to control
- Priestly confessionals were a major way the Church kept
tabs on the locals...a worldwide, grassroots system of
ecclesiastical narcs
+ Crypto has high leverage
+ Unlike direct assaults with bombs, HERF and EMP attacks,
sabotage, etc, crypto is self-spreading...a bootstrap
technology
- people use it, give it to others, put it on networks
- others use it for their own purposes
- a cascade effect, growing geometrically
- and undermining confidence in governments, allowing the
spread of multiple points of view (especially
unapproved views)
2.7.4. "I've just joined the list and am wondering why I don't see
more debate about Clipper?"
- Understand that people rarely write essays in response to
questions like "Why is Clipper bad?" For most of us,
mandatory key escrow is axiomatically bad; no debate is
needed.
- Clipper was thoroughly trashed by nearly everyone within
hours and days of its announcement, April 16, 1993.
Hundreds of articles and editorials have condemned it.
Cyperpunks currently has no active supporters of mandatory
key escrow, from all indications, so there is nothing to
debate.
2.8. Other Ciphers and Crypto Products
2.9. Remailers and Anonymity
2.9.1. "What are remailers?"
2.9.2. "How do remailers work?" (a vast number of postings have
dealt with this)
- The best way to understand them is to "just do it," that
is, send a few remailed message to yourself, to see how the
syntax works. Instructions are widely available--some are
cited here, and up to date instructions will appear in the
usual Usenet groups.
- The simple view: Text messages are placed in envelopes and
sent to a site that has agreed to remail them based on the
instructions it finds. Encryption is not necessary--though
it is of course recommended. These "messages in bottles"
are passed from site to site and ultimately to the intended
final recipient.
- The message is pure text, with instructions contained _in
the text_ itself (this was a fortuitous choice of standard
by Eric Hughes, in 1992, as it allowed chaining,
independence from particular mail systems, etc.).
- A message will be something like this:
::
Request-Remailing-To: remailer@bar.baz
Body of text, etc., etc. (Which could be more remailing
instructions, digital postage, etc.)
- These nested messages make no assumptions about the type of
mailer being used, so long as it can handle straight ASCII
text, which all mailers can of course. Each mail message
then acts as a kind of "agent," carrying instructions on
where it should be mailed next, and perhaps other things
(like delays, padding, postage, etc.)
- It's very important to note that any given remailer cannot
see the contents of the envelopes he is remailing, provided
encryption is used. (The orginal sender picks a desired
trajectory through the labyrinth of remailers, encrypts in
the appropriate sequence (last is innermost, then next to
last, etc.), and then the remailers sequentially decrypt
the outer envelopes as they get them. Envelopes within
envelopes.)
2.9.3. "Can't remailers be used to harass people?"
- Sure, so can free speech, anonymous physical mail ("poison
pen letters"), etc.
- With e-mail, people can screen their mail, use filters,
ignore words they don't like, etc. Lots of options. "Sticks
and stones" and all that stuff we learned in Kindergarten
(well, I'm never sure what the the Gen Xers learned....).
- Extortion is made somewhat easier by anonymous mailers, but
extortion threats can be made in other ways, such as via
physical mail, or from payphones, etc.
- Physical actions, threats, etc. are another matter. Not the
domain of crypto, per se.
2.10. Surveillance and Privacy
2.10.1. "Does the NSA monitor this list?"
- Probably. We've been visible enough, and there are many
avenues for monitoring or even subscribing to the List.
Many aliases, many points of presence.
- some concerns that Cypherpunks list has been infiltrated
and is a "round up list"
- There have even been anonymous messages purporting to name
likely CIA, DIA, and NSA spooks. ("Be aware.")
- Remember, the list of subscribers is _not_ a secret--it can
be gotten by sending a "who cypherpunks" message to
majordomo@toad.com. Anyone in the world can do this.
2.10.2. "Is this list illegal?"
- Depends on the country. In the U.S., there are very strong
protections against "prior restraint" for published
material, so the list is fairly well -protected....shutting
it down would create a First Amendment case of major
importance. Which is unlikely. Conspiracy and sedition laws
are more complex to analyze; there are no indications that
material here or on the list is illegal.
- Advocacy of illegal acts (subversion of export laws,
espionage, etc.) is generally legal. Even advocating the
overthrow of the government.
- The situation in other countries is different. Some
countries ban unapproved encryption, so this list is
suspect.
- Practically speaking, anyone reading this list is probably
in a place which either makes no attempt to control
encryption or is unable to monitor what crosses its
borders.
2.10.3. "Can keystrokes really be monitored remotely? How likely is
this?"
- Yes. Van Eck, RF, monitors, easy (it is claimed) to build
this
- How likely? Depends on who you are. Ames, the KGB spy, was
probably monitored near the end, but I doubt many of us
are. The costs are simply too high...the vans outside, the
personnel needed, etc.
- the real hazards involve making it "easy" and "almost
automatic" for such monitoring, such as with Clipper and
EES. Then they essentially just flip a switch and the
monitoring happens...no muss, no fuss.
2.10.4. "Wouldn't some crimes be stopped if the government could
monitor what it wanted to?"
- Sure. This is an old story. Some criminals would be caught
if their diaries could be examined. Television cameras in
all homes would reduce crimes of .... (Are you listening,
Winston?).
- Orwell, fascism, surveillance states, what have you got to
hide, etc.
2.11. Legal
2.11.1. "Can encryption be banned?"
- ham operators, shortwave
- il gelepal, looi to waptime aolditolq
+ how is this any different from requiring speech in some
language?
- Navaho code talkers of WW2,,,,modern parallel
2.11.2. "Will the government try to ban encryption?"
- This is of course the major concern most of us have about
Clipper and the Escrowed Encryption Standard in general.
Even if we think the banning of crypto will ultimately be a
failure ("worse than Prohibition," someone has said), such
a ban could make things very uncomfortable for many and
would be a serious abridgement of basic liberties.
- We don't know, but we fear something along these lines. It
will be difficult to enforce such a ban, as so many avenues
for communication exist, and encrypted messages may be hard
to detect.
- Their goal, however, may be _control_ and the chilling
effect that using "civil forfeiture" may have on potential
crypto users. Like the drug laws. (Whit Diffie was the
first to emphasize this motivation.)
2.11.3. "How could encryption be banned?"
- most likely way: restrictions on networks, a la airwaves or
postal service
- could cite various needs, but absent a mechanism as above,
hard to do
- an outright ban, enforced with civil forfeiture penalties
- wartime sorts of policies (crypto treated as sedition,
treason...some high-profile prison sentences)
- scenario posted by Sandfort?
2.11.4. "What's the situation about export of crypto?"
+ There's been much debate about this, with the case of Phil
Zimmermann possibly being an important test case, should
charges be filed.
- as of 1994-09, the Grand Jury in San Jose has not said
anything (it's been about 7-9 months since they started
on this issue)
- Dan Bernstein has argued that ITAR covers nearly all
aspects of exporting crypto material, including codes,
documentation, and even "knowledge." (Controversially, it
may be in violation of ITAR for knowledgeable crypto people
to even leave the country with the intention of developing
crypto tools overseas.)
- The various distributions of PGP that have occurred via
anonymous ftp sources don't imply that ITAR is not being
enforced, or won't be in the future.
2.11.5. "What's the legal status of digital signatures?"
- Not yet tested in court. Ditto for most crypto protocols,
including digital timestamping, electronic contracts,
issues of lost keys, etc.
2.11.6. "Can't I just claim I forgot my password?"
2.11.7. "Is it dangerous to talk openly about these ideas?"
- Depends on your country. In some countries, perhaps no. In
the U.S., there's not much they can do (though folks should
be aware that the Cypherpunks have received a lot of
attention by the media and by policy makers, and so a vocal
presence on this list very likely puts one on a list of
crypto trouble makers).
- Some companies may also feel views expressed here are not
consistent with their corporate policies. Your mileage may
vary.
- Sedition and treason laws are not likely to be applicable.
- some Cypherpunks think so
- Others of us take the First Amendment pretty seriously:
that _all_ talk is permissable
- NSA agents threatened to have Jim Bidzos killed
2.11.8. "Does possession of a key mean possession of *identity*?"
- If I get your key, am I you?
- Certainly not outside the context of the cryptographic
transaction. But within the context of a transaction, yes.
Additional safeguards/speedbumps can be inserted (such as
biometric credentials, additional passphrases, etc.), but
these are essentially part of the "key," so the basic
answer remains "yes." (There are periodically concerns
raised about this, citing the dangers of having all
identity tied to a single credential, or number, or key.
Well, there are ways to handle this, such as by adopting
protocols that limit one's exposure, that limits the amount
of money that can be withdrawn, etc. Or people can adopt
protocols that require additional security, time delays,
countersigning, etc.)
+ This may be tested in court soon enough, but the answer for
many contracts and crypto transactions will be that
possession of key = possession of identity. Even a court
test may mean little, for the types of transactions I
expect to see.
- That is, in anonymous systems, "who ya gonna sue?"
- So, guard your key.
2.12. Digital Cash
2.12.1. "What is digital money?"
2.12.2. "What are the main uses of strong crypto for business and
economic transactions?"
- Secure communications. Ensuring privacy of transaction
records (avoiding eavesdroppes, competitors)
- Digital signatures on contracts (will someday be standard)
- Digital cash.
- Reputations.
- Data Havens. That bypass local laws about what can be
stored and what can't (e.g., silly rules on how far back
credit records can go).
2.12.3. "What are smart cards and how are they used?"
+ Most smart cards as they now exist are very far from being
the anonymous digital cash of primary interest to us. In
fact, most of them are just glorified credit cards.
- with no gain to consumers, since consumes typically don't
pay for losses by fraud
- (so to entice consumes, will they offer inducements?)
- Can be either small computers, typically credit-card-sized,
or just cards that control access via local computers.
+ Tamper-resistant modules, e.g., if tampered with, they
destroy the important data or at the least give evidence of
having been tampered with.
+ Security of manufacturing
- some variant of "cut-and-choose" inspection of
premises
+ Uses of smart cards
- conventional credit card uses
- bill payment
- postage
- bridge and road tolls
- payments for items received electronically (not
necessarily anonymously)
2.13. Crypto Anarchy
2.13.1. "What is Crypto Anarchy?"
- Some of us believe various forms of strong cryptography
will cause the power of the state to decline, perhaps even
collapse fairly abruptly. We believe the expansion into
cyberspace, with secure communications, digital money,
anonymity and pseudonymity, and other crypto-mediated
interactions, will profoundly change the nature of
economies and social interactions.
Governments will have a hard time collecting taxes,
regulating the behavior of individuals and corporations
(small ones at least), and generally coercing folks when it
can't even tell what _continent_ folks are on!
Read Vinge's "True Names" and Card's "Ender's Game" for
some fictional inspirations. "Galt's Gulch" in cyberspace,
what the Net is rapidly becoming already.
I call this set of ideas "crypto anarchy" (or "crypto-
anarchy," as you wish) and have written about this
extensively. The magazines "Wired" (issue 1.2), "Whole
Earth Review" (Summer, 1993), and "The Village Voice" (Aug.
6th, 1993) have all carried good articles on this.
2.13.2. The Crypto Anarchist Manifesto
- a complete copy of my 1988 pastiche of the Communisto
Manifesto is included in the chapter on Crypto Anarchy.
- it needs rewriting, but for historical sake I've left it
unchanged.
- I'm proud that so much of it remains accurate.
2.13.3. "What is BlackNet?"
- BlackNet -- an experiment in information markets, using
anonymous message pools for exchange of instructions and
items. Tim May's experiment in guerilla ontology.
- BlackNet -- an experimental scheme devised by T. May to
underscore the nature of anonymous information markets.
"Any and all" secrets can be offered for sale via anonymous
mailers and message pools. The experiment was leaked via
remailer to the Cypherpunks list (not by May) and thence to
several dozen Usenet groups by Detweiler. The authorities
are said to be investigating it.
2.13.4. "What effect will crypto have on governments?"
- A huge topic, one I've been thinking about since late 1987
when it dawned on me that public key crypto and anonymous
digital cash systems, information markets, etc. meant the
end of governments as we know them. (I called this
development "crypto anarchy." Not everyone is a fan of it.
But it's coming, and fast.)
- "Putting the NSA out of business," as the NYT article put
it
- Espionage is changing. To pick one example, "digital dead
drops." Any message can be sent through an untraceable path
with remailers....and then posted in encrypted form in a
newsgroup readable in most countries, including the Former
Soviet Union. This means the old stand by of the microfilm
in a Coke can left by a certain tree on a rural road--a
method fraught with delays, dangers, and hassles--is now
passe. The same message can be send from the comfort of
one's home securely and untraceably. Even with a a digital
signature to prevent spoofing and disinformation. This spy
can be a Lockheed worker on the Aurora program, a SIGINT
officer at Woomera, or a disgruntled chip designer at
Motorola. (Yes, a countermeasure is to limit access to
personal computers, to run only standard software that has
no such crypto capability. Such embargoes may already apply
to some in sensitive positions, and may someday be a
condition of employment.)
- Money-laundering
- Tax collection. International consultants. Perpetual
tourists. Virtual corporations.
- Terrorism, assassination, crime, Triads, Yakuza, Jamaicans,
Russian Mafia...virtual networks... Aryan Nation gone
digital
2.13.5. "How quickly could something like crypto anarchy come?"
- Parts of it are happening already, though the changes in
the world are not something I take any credit for. Rather,
there are ongoing changes in the role of nations, of power,
and of the ability to coerce behaviors. When people can
drop out of systems they don't like, can move to different
legal or tax jurisdictions, then things change.
+ But a phase change could occur quickly, just as the Berlin
Wall was impregnable one day, and down the next.
- "Public anger grows quietly and explodes suddenly. T.C.
May's "phase change" may be closer than we think. Nobody
in Russia in 1985 really thought the country would fall
apart in 6 years." [Mike Ingle, 1994-01-01]
2.13.6. "Could strong crypto be used for sick and disgusting and
dangerous purposes?"
- Of course. So can locked doors, but we don't insist on an
"open door policy" (outside of certain quaint sorority and
rooming houses!) So do many forms of privacy allow
plotters, molestors, racists, etc. to meet and plot.
- Crypto is in use by the Aryan Nation, by both pro- and anti-
abortion groups, and probably by other kinds of terrorists.
Expect more uses in the future, as things like PGP continue
to spread.
- Many of us are explicity anti-democratic, and hope to use
encryption to undermine the so-called democratic
governments of the world
2.13.7. "What is the Dining Cryptographers Problem, and why is it so
important?"
+ This is dealt with in the main section, but here's David
Chaum's Abstract, from his 1988 paper"
- Abstract: "Keeping confidential who sends which messages,
in a world where any physical transmission can be traced
to its origin, seems impossible. The solution presented
here is unconditionally or cryptographically secure,
depending on whether it is based on one-time-use keys or
on public keys. respectively. It can be adapted to
address efficiently a wide variety of practical
considerations." ["The Dining Cryptographers Problem:
Unconditional Sender and Recipient Untraceability," David
Chaum, Journal of Cryptology, I, 1, 1988.]
-
- DC-nets have yet to be implemented, so far as I know, but
they represent a "purer" version of the physical remailers
we are all so familiar with now. Someday they'll have have
a major impact. (I'm a bigger fan of this work than many
seem to be, as there is little discussion in sci.crypt and
the like.)
2.13.8. "Why won't government simply ban such encryption methods?"
+ This has always been the Number One Issue!
- raised by Stiegler, Drexler, Salin, and several others
(and in fact raised by some as an objection to my even
discussing these issues, namely, that action may then be
taken to head off the world I describe)
+ Types of Bans on Encryption and Secrecy
- Ban on Private Use of Encryption
- Ban on Store-and-Forward Nodes
- Ban on Tokens and ZKIPS Authentication
- Requirement for public disclosure of all transactions
+ Recent news (3-6-92, same day as Michaelangelo and
Lawnmower Man) that government is proposing a surcharge
on telcos and long distance services to pay for new
equipment needed to tap phones!
- S.266 and related bills
- this was argued in terms of stopping drug dealers and
other criminals
- but how does the government intend to deal with the
various forms fo end-user encryption or "confusion"
(the confusion that will come from compression,
packetizing, simple file encryption, etc.)
+ Types of Arguments Against Such Bans
- The "Constitutional Rights" Arguments
+ The "It's Too Late" Arguments
- PCs are already widely scattered, running dozens of
compression and encryption programs...it is far too
late to insist on "in the clear" broadcasts, whatever
those may be (is program code distinguishable from
encrypted messages? No.)
- encrypted faxes, modem scramblers (albeit with some
restrictions)
- wireless LANs, packets, radio, IR, compressed text and
images, etc....all will defeat any efforts short of
police state intervention (which may still happen)
+ The "Feud Within the NSA" Arguments
- COMSEC vs. PROD
+ Will affect the privacy rights of corporations
- and there is much evidence that corporations are in
fact being spied upon, by foreign governments, by the
NSA, etc.
+ They Will Try to Ban Such Encryption Techniques
+ Stings (perhaps using viruses and logic bombs)
- or "barium," to trace the code
+ Legal liability for companies that allow employees to use
such methods
- perhaps even in their own time, via the assumption that
employees who use illegal software methods in their own
time are perhaps couriers or agents for their
corporations (a tenuous point)
2.13.9. "Could anonymous markets facilitate repugnant services, such
as killings for hire?"
- Yes, though there are some things which will help lessen
the full impact.
- To make this brutally concrete, here's how escrow makes
murder contracts much safer than they are today to
negotiate. Instead of one party being caught in an FBI
sting, as is so often the case when amateurs try to arrange
hits, they can use an escrow service to insulate themselves
from:
1. From being traced, because the exchanges are handled via
pseudonyms
2. From the killer taking the money and then not performing
the hit, because the escrow agent holds the money until the
murder is verified (according to some prototocol, such a
newspaper report...again, an area for more work,
thankfully).
3. From being arrested when the money is picked up, as this
is all done via digital cash.
There are some ways to reduce the popularity of this
Murder, Incorporated system. (Things I've been thinking
about for about 6 years, and which we discussed on the
Cypherpunks list and on the Extropians list.)
2.14. Miscellaneous
2.14.1. "Why can't people just agree on an approach?"
- "Why can't everyone just support my proposal?"
- "I've proposed a new cipher, but nobody's interested...you
Cypherpunks just never _do_ anything!"
- This is one of the most consistently divisive issues on the
list. Often a person will become enamored of some approach,
will write posts exhorting others to become similarly
enamored, urging others to "do something!," and will then,
when no interest is evidenced, become irate. To be more
concrete, this happens most often with various and sundry
proposals for "digital money." A close second is for
various types of "Cypherpunks activism," with proposals
that we get together and collect a few million dollars to
run Ross Perot-type advertisements urging people to use
PGP, with calls for a "Cypherpunks radio show," and so on.
(Nothing wrong with people doing these things, I suppose.
The problem lies in the exhortation of _others_ to do these
things.)
- This collective action is always hard to achieve, and
rightly so, in my opinion. Emergent behavior is more
natural, and more efficient. And hence better.
+ the nature of markets, agents, different agendas and goals
- real standards and markets evolve
- sometimes because of a compelling exemplar (the Walkman,
PGP), sometimes because of hard work by standards
committees (NTSC, electric sockets, etc.)
- but almost never by simple appeals to correctness or
ideological rightness
2.14.2. "What are some of the practical limits on the deployment of
crypto, especially things like digital cash and remailers?"
+ Lack of reliable services
- Nodes go down, students go home for the summer, downtime
for various reasons
- Lack of robustness
2.14.3. "Is crypto dominated by mistrust? I get the impression that
everything is predicated on mutual mistrust."
- We lock our doors...does this mean we are lacking in trust?
No, it means we understand there are _some_ out there who
will exploit unlocked doors. Ditto for the crypto world.
- "Trust, but verify," as Ronald Reagan used to say. Mutual
mistrust can actually make for a more trustworthy
environment, paradoxical as that may sound. "Even paranoids
have enemies."
- The danger in a trusting environment that lacks other
mechanisms is that "predators" or "defectors" (in game-
theoretic terms) can exploit this trusting environment.
Confidence games, scams, renegging on deals, and even
outright theft.
- Crypto offers the opportunity for "mutually suspicious
agents" to interact without explicit "trust."
2.14.4. "Who is Detweiler?"
+ S. Boxx, an12070, ldxxyyy, Pablo Escobar, Hitler, Linda
Lollipop, Clew Lance Simpleton, tmp@netcom.com, Jim
Riverman
- often with my sig block, or variants of it, attached
- even my phone number
- he lost his ColoState account for such tactics...
- electrocrisy
- cypherwonks
2.14.5. "Who is Sternlight?"
- A retired policy analyst who is often contentious in Usenet
groups and supportive of government policies on crypto
policy. Not nearly as bad as Detweiler.
2.15. More Information and References
2.15.1. "Where can I find more information?"
- Well, this is a start. Also, lots of other FAQs and Mosaic
home pages (URLs) exist, encompassing a vast amount of
knowledge.
- As long as this FAQ is, it can only scratch the surface on
many topics. (I'm especially amused when someone says
they've looked for a FAQ on some obscure topic. No FAQ is
likely to answer all questions, especially obcure ones.)
- Many articles and papers are available at the
ftp.csua.berkeley.edu
site, in pub/cypherpunks. Look around there. The 1981 Chaum
paper on untraceabel e-mail is not (too many equations for
easy scanning), but the 1988 paper on Dining Cryptographers
Nets is. (I laboriously scanned it and OCRed it, back when
I used to have the energy to do such thankless tasks.)
+ Some basic sources:
+ Sci.crypt FAQ, published regularly, Also available by
anonymous ftp at rtfm.mit.edu. And in various URLs,
including:
- URLs for sci.crypt FAQ: xxxxxx
- RSA Data Security Inc. FAQ
- Bruce Schneier's "Applied Cryptography" book, 1993. Every
reader of this list should get this book!
- The "online generation" tends to want all material online,
I know, but most of the good stuff is to be found in paper
form, in journals and books. This is likely to be the case
for many years to come, given the limitation of ASCII, the
lack of widespread standards (yes, I know about LaTex,
etc.), and the academic prestige associated with bound
journals and books. Fortunately, you can _all_ find
universit libraries within driving range. Take my advice:
if you do not spend at least an entire Saturday immersing
yourself in the crypto literature in the math section of a
large library, perusing the "Proceeedings of the Crypto
Conference" volumes, scanning the textbooks, then you have
a poor foundation for doing any crypto work.
2.15.2. "Things are changing quickly. Not all of the addresses and
URLs given here are valid. And the software versions... How
do I get the latest information?"
- Yes, things are changing quickly. This document can't
possibly keep up with the rapid changes (nor can its
author!).
- Reading the various newsgroups is, as always, the best way
to hear what's happening on a day to day basis. Web pages,
gopher, archie, veronica, etc. should show the latest
versions of popular software packages.
2.15.3. "FUQs: "Frequently Unanswered Questions"?"
- (more to be added)
- With 700 or more people on the Cypherpunks list (as of 94-
09), it is inevitable that some FAQs will go unanswered
when newbies (or others) ask them. Sometimes the FUQs are
ignored because they're so stale, other times because to
answer them is to continue and unfruitful thread.
+ "P = NP?"
- Steve Smale has called this the most important new
unsolved problem of the past half-century.
- If P were (unexpectedly) proved to be NP
+ Is RSA and factoring in NP?
- not yet proved
- factoring might be easier
- and RSA might be easier than factoring in general (e.g.,
chosen- and known-plaintext may provide clues)
- "Will encryption be outlawed? What will happen?"
+ "Is David Sternlight an NSA agent?"
- Seriously, David S. is probably what he claims: a retired
economist who was once very senior in government and
corporate policy circles. I have no reason to doubt him.
- He has views at odds with most of us, and a baiting style
of expressing his views, but this does not mean he is a
government agent as so many people claim.
- Not in the same class as Detweiler.
3. Cypherpunks -- History, Organization, Agenda
3.1. copyright
THE CYPHERNOMICON: Cypherpunks FAQ and More, Version 0.666,
1994-09-10, Copyright Timothy C. May. All rights reserved.
See the detailed disclaimer. Use short sections under "fair
use" provisions, with appropriate credit, but don't put your
name on my words.
3.2. SUMMARY: Cypherpunks -- History, Organization, Agenda
3.2.1. Main Points
- Cypherpunks formed in September, 1992
- formed at an opportune time, with PGP 2.0, Clipper, etc.
hitting
- early successes: Cypherpunks remailers, publicity
3.2.2. Connections to Other Sections
3.2.3. Where to Find Additional Information
- "Wired," issue 1.2, had a cover story on Cypherpunks.
- "Whole Earth Review," Summer 1993, had a long article on
crypto and Cypherpunks (included in the book "Out of
Control," by Kevin Kelly.
- "Village Voice," August 6th (?). 1993, had cover story on
"Crypto Rebels" (also reprinted in local weeklies)
- and numerous articles in various magazines
3.2.4. Miscellaneous Comments
- the best way to get a feel for the List is to simply read
it for a while; a few months should do.
3.3. The Cypherpunks Group and List
3.3.1. What is it?
+ Formal Rules, Charter, etc.?
- no formal rules or charter
- no agreed-upon mission
3.3.2. "Who are the Cypherpunks?"
- A mix of about 500-700
+ Can find out who by sending message to majordomo@toad.com
with the message body text "who cypherpunks" (no quotes, of
course).
- Is this a privacy flaw? Maybe.
- Lots of students (they have the time, the Internet
accounts). Lots of computer science/programming folks. Lots
of libertarians.
- quote from Wired article, and from "Whole Earth Review"
3.3.3. "How did the Cypherpunks group get started?"
+ History?
- Discussions between Eric Hughes and me, led to Eric's
decision to host a gathering
+ First meeting was, by coincidence, the same week that PGP
2.0 was released...we all got copies that day
- morning session on basics
- sitting on the floor
+ afternoon we played the "Crypto Game"
- remailers, digital money, information for sale, etc.
- John Gilmore offered his site to host a mailing list, and
his company's offices to hold monthly meetings
- The mailing list began almost immediately
- The Name "Cypherpunks"?
3.3.4. "Should I join the Cypherpunks mailing list?"
- If you are reading this, of course, you are most likely on
the Cypherpunks list already and this point is moot--you
may instead be asking if you should_leave_ the List!
- Only if you are prepared to handle 30-60 messages a day,
with volumes fluctuating wildly
3.3.5. "How can I join the Cypherpunk mailing list?"
- send message to "majordomo@toad.com" with a _body_ text of
"subscribe cypherpunks" (no quote marks in either, of
course).
3.3.6. "Membership?"
- about 500-700 at any given time
- many folks join, are overwhelmed, and quit
- other groups: Austin, Colorado, Boston, U.K.
3.3.7. "Why are there so many libertarians on the Cypherpunks list?"
+ The same question is often asked about the Net in general.
Lots of suggested reasons:
- A list like Cypherpunks is going to have privacy and
freedom advocates. Not all privacy advocates are
libertarians (e.g., they may want laws restricting data
collection), but many are. And libertarians naturally
gravitate to causes like ours.
- Net grew anarchically, with little control. This appeals
to free-wheeling types, used to making their own choices
and building their own worlds.
- Libertarians are skeptical of central control structures,
as are most computer programming types. They are
skeptical that a centrally-run control system can
coordinate the needs and desires of people. (They are of
course more than just "skeptical" about this.)
- In any case, there's not much of a coherent "opposition
camp" to the anarcho-capitalist, libertarian ideology.
Forgive me for saying this, my non-libertarian friends on
the list, but most non-libertarian ideologies I've seen
expressed on the list have been fragmentary, isolated, and
not coherent...comments about "how do we take care of the
poor?" and Christian fundamentalism, for example. If there
is a coherent alternative to a basically libertarian
viewpoint, we haven't seen it on the list.
- (Of course, some might say that the libertarians outshout
the alternatives...I don't think this is really so.)
3.3.8. "How did the mailing list get started?"
- Hugh Daniel, Eric Hughes, and I discussed this the day
after the first meeting
- mailing list brought together diverse interests
- How to hoin?
3.3.9. "How did Cypherpunks get so much early publicity?"
- started at the right time, just as PGP was gaining
popularity, as plans for key escrow were being laid (I
sounded an alarm in October, 1992, six months before the
Clipper announcement), and just as "Wired" was preparing
its first issue
- Kevin Kelly and Steven Levy attended some of our early
meetings, setting the stage for very favorable major
stories in "Wired" (issue 1.2, the cover story), and "Whole
Earth Review" (Summer, 1993)
- a niche for a "renegade" and "monkey-wrenching" group, with
less of a Washington focus
- publicity in "Wired," "The Whole Earth Review," "The
Village Voice"
+ Clipper bombshell occupied much of our time, with some
effect on policy
- climate of repudiation
- links to EFF, CPSR, etc.
3.3.10. "Why the name?"
- Jude Milhon nicknames us
- cypherpunkts? (by analogy with Mikropunkts, microdots)
3.3.11. "What were the early meetings like?"
- cypherspiel, Crypto Anarchy Game
3.3.12. "Where are places that I can meet other Cypherpunks?"
- physical meetings
- start your own...pizza place, classroom
+ other organizations
-
+ "These kind of meetings (DC 2600 meeting at Pentagon City
Mall, 1st Fri. of
- every month in the food court, about 5-7pm or so) might
be good places for
- local cypherpunks gatherings as well. I'm sure there
are a lot of other
- such meetings, but the DC and Baltimore ones are the
ones I know of. <Stanton McCandlish, 7 April 1994>
- (note that the DC area already meets...)
- Hackers, raves
- regional meetings
3.3.13. "Is the Cypherpunks list monitored? Has it been infiltrated?"
- Unknown. It wouldn't be hard for anyone to be monitoring
the list.
- As to infiltration, no evidence for this. No suspicious
folks showing up at the physical meetings, at least so far
as I can see. (Not a very reliable indication.)
3.3.14. "Why isn't there a recruiting program to increase the number
of Cypherpunks?"
- Good question. The mailing list reached about 500
subscribers a year or so ago and has remained relatively
constant since then; many subscribers learned of the list
and its address in the various articles that appeared.
- Informal organizations often level out in membership
because no staff exists to publicize, recruit, etc. And
size is limited because a larger group loses focus. So,
some stasis is achieved. For us, it may be at the 400-700
level. It seems unlikely that list membership would ever
get into the tens of thousands.
3.3.15. "Why have there been few real achievements in crypto
recently?"
+ Despite the crush of crypto releases--the WinPGPs,
SecureDrives, and dozen other such programs--the fact is
that most of these are straightforward variants on what I
think have been the two major product classes to be
introduced in the last several years"
- PGP, and variants.
- Remailers, and variants.
- These two main classes account for about 98% of all product-
or version-oriented debate on the Net, epitomized by the
zillions of "Where can I find PGP2.6ui for the Amiga?"
sorts of posts.
+ Why is this so? Why have these dominated? What else is
needed?
+ First, PGP gave an incredible impetus to the whole issue
of public use of crypto. It brought crypto to the masses,
or at least to the Net-aware masses. Second, the nearly
simultaneous appearance of remailers (the Kleinpaste/Julf-
style and the Cypherpunks "mix"-style) fit in well with
the sudden awareness about PGP and crypto issues. And
other simultaneous factors appeared:
- the appearance of "Wired" and its spectacular success,
in early 1993
- the Clipper chip firestorm, beginning in April 1993
- the Cypherpunks group got rolling in late 1992,
reaching public visibility in several articles in 1993.
(By the end of '93, we seemed to be a noun, as Bucky
might've said.)
+ But why so little progress in other important areas?
- digital money, despite at least a dozen reported
projects, programs (only a few of which are really
anything like Chaum's "digital cash")
- data havens, information markets, etc.
- money-laundering schemes, etc.
+ What could change this?
- Mosaic, WWW, Web
- A successful digital cash effort
3.4. Beliefs, Goals, Agenda
3.4.1. "Is there a set of beliefs that most Cypherpunks support?"
+ There is nothing official (not much is), but there is an
emergent, coherent set of beliefs which most list members
seem to hold:
* that the government should not be able to snoop into our
affairs
* that protection of conversations and exchanges is a basic
right
* that these rights may need to be secured through
_technology_ rather than through law
* that the power of technology often creates new political
realities (hence the list mantra: "Cypherpunks write
code")
+ Range of Beliefs
- Many are libertarian, most support rights of privacy,
some are more radical in apppoach
3.4.2. "What are Cypherpunks interested in?"
- privacy
- technology
- encryition
- politics
- crypto anarchy
- digital money
- protocols
3.4.3. Personal Privacy and Collapse of Governments
- There seem to be two main reasons people are drawn to
Cypherpunks, besides the general attractiveness of a "cool"
group such as ours. The first reason is _personal privacy_.
That is, tools for ensuring privacy, protection from a
surveillance society, and individual choice. This reason is
widely popular, but is not always compelling (after all,
why worry about personal privacy and then join a list that
has been identified as a "subversive" group by the Feds?
Something to think about.)
- The second major is personal liberty through reducing the
power of governments to coerce and tax. Sort of a digital
Galt's Gulch, as it were. Libertarians and
anarchocapitalists are especially drawn to this vision, a
vision which may bother conventional liberals (when they
realize strong crypto means things counter to welfare,
AFDC, antidiscrimination laws....).
- This second view is more controversial, but is, in my
opinion, what really powers the list. While others may
phrase it differently, most of us realize we are on to
something that will change--and already is changing--the
nature of the balance of power between individuals and
larger entities.
3.4.4. Why is Cypherpunks called an "anarchy"?
- Anarchy means "without a leader" (head). Much more common
than people may think.
- The association with bomb-throwing "anarchists" is
misleading.
3.4.5. Why is there no formal agenda, organization, etc.?
- no voting, no organization to administer such things
- "if it ain't broke, don't fix it"
- and it's how it all got started and evolved
- also, nobody to arrest and hassle, no nonsense about
filling out forms and getting tax exemptions, no laws about
campaign law violations (if we were a formal group and
lobbied against Senator Foo, could be hit with the law
limiting "special interests," conceivably)
3.4.6. How are projects proposed and completed?
- If an anarchy, how do things get done?
- The way most things get done: individual actions and market
decisions.
3.4.7. Future Needs for Cyberspace
+ Mark Pesci's ideas for VR and simulations
- distributed, high bandwidth
- a billion users
- spatial ideas....coordinates...servers...holographic
models
- WWW plus rendering engine = spatial VR (Library of
Congress)
- "The Labyrinth"
+ says to avoid head-mounted displays and gloves (bad for
you)
+ instead, "perceptual cybernetics".
- phi--fecks--psi (phi is external world,Fx = fects are
effectuators and sensors, psi is your internal state)
3.4.8. Privacy, Credentials without identity
3.4.9. "Cypherpunks write code"
- "Cypherpunks break the laws they don't like"
- "Don't get mad, get even. Write code."
3.4.10. Digital Free Markets
+ strong crypto changes the nature and visibility of many
economic transactionst, making it very difficult for
governments to interfere or even to enforce laws,
contracts, etc.
- thus, changes in the nature of contract enforcement
+ (Evidence that this is not hopeless can be found in
several places:
- criminal markets, where governments obviously cannot be
used
- international markets, a la "Law Merchant"
- "uttering a check"
- shopping malls in cyberspace...no identifiable national or
regional jurisdiction...overlapping many borders...
+ caveat emptor (though rating agencies, and other filter
agents, may be used by wary customers....ironically,
reputation will matter even more than it now does)
- no ability to repudiate a sale, to be an Indian giver
- in all kinds of information....
3.4.11. The Role of Money
- in monetarizing transactions, access, remailers---digital
postage
3.4.12. Reductions on taxation
- offshore entities already exempt
- tax havens
- cyberspace localization is problematic
3.4.13. Transnationalism
- rules of nations are ignored
3.4.14. Data Havens
- credit, medical, legal, renter, etc.
3.4.15. MOOs, MUDs, SVRs, Habitat cyberspaces
- "True Names" and "Snow Crash"
- What are
+ Habitat....Chip and Randy
- Lucasfilm, Fujitsu
- started as game environment...
- many-user environments
- communications bandwidth is a scarce resource
- object-oriented data representation
+ implementation platform unimportant...range of
capabilities
- pure text to Real ity Engines
- never got as far as fully populating the reality
- "detailed central planning is impossible; don't even try"
- 2-D grammar for layouts
+ "can't trust anyone"
- someone disassembled the code and found a way to make
themselves invisible
- ways to break the system (extra money)
+ future improvements
- multimedia objects, customizable objects, local turfs,
mulitple interfaces
- "Global Cyberspace Infrastructure" (Fujitsu, FINE)
+ more bandwidth means more things can be done
- B-ISDN will allow video on demand, VR, etc.
- protocol specs, Joule (secure concurrent operating
system)
- intereaction spaces, topological (not spatial)
+ Xerox, Pavel Curtis
+ LambdaMOO
- 1200 different users per day, 200 at a time, 5000 total
users
- "social virtual realities"--virtual communities
- how emergent properties emerge
- pseudo-spatial
- rooms, audio, video, multiple screens
- policing, wizards, mediation
- effective telecommuting
- need the richness of real world markets...people can sell
to others
+ Is there a set of rules or basic ideas which can form the
basis of a powerfully replicable system?
- this would allow franchises to be disctrubed around the
world
- networks of servers? distinction between server and
client fades...
- money, commercialization?
- Joule language
3.4.16. "Is personal privacy the main interest of Cypherpunks?"
- Ensuring the _right_ and the _technological feasibility_ is
more of the focus. This often comes up in two contexts:
- 1. Charges of hypocrisy because people either use
pseudonyms or, paradoxically, that they _don't_ use
pseudonyms, digital signatures
3.4.17. "Shouldn't crypto be regulated?"
- Many people make comparisons to the regulation of
automobiles, of the radio spectrum, and even of guns. The
comparison of crypto to guns is especially easy to make,
and especially dangerous.
-
+ A better comparison is "use of crypto = right to speak as
you wish."
- That is, we cannot demand that people speak in a language
or form that is easily understandable by eavesdroppers,
wiretappers, and spies.
+ If I choose to speak to my friends in Latvian, or in
Elihiuish, or in
- triple DES, that's my business. (Times of true war, as
in World War
- II, may be slightly different. As a libertarian, I'm
not advocating
- that, but I understand the idea that in times of war
speaking in code
+ is suspect. We are not in a time of war, and haven't
been.)
-
- Should we have "speech permits"? After all, isn't the
regulation of
+ speech consistent with the regulation of automobiles?
-
- I did a satirical essay along these lines a while back.
I won't
- included it here, though. (My speech permit for satire
expired and I
+ haven't had time to get it renewed.)
-
- In closing, the whole comparison of cryptography to
armaments is
- misleading. Speaking or writing in forms not readily
understandable to
- your enemies, your neighbors, your spouse, the cops, or
your local
- eavesdropper is as old as humanity.
3.4.18. Emphasize the "voluntary" nature of crypto
+ those that don't want privacy, can choose not to use crypto
- just as they can take the locks of their doors, install
wiretaps on their phones, remove their curtains so as not
to interfere with peeping toms and police surveillance
teams, etc.
- as PRZ puts it, they can write all their letters on
postcards, because they have "nothing to hide"
- what we want to make sure doesn't happen is _others_
insisting that we cannot use crypto to maintain our own
privacy
+ "But what if criminals have access to crypto and can keep
secrets?"
- this comes up over and over again
- does this mean locks should not exist, or.....?
3.4.19. "Are most Cypherpunks anarchists?"
- Many are, but probably not most. The term "anarchy" is
often misunderstood.
- As Perry Metzger puts it "Now, it happpens that I am an
anarchist, but that isn't what most people associated with
the term "cypherpunk" believe in, and it isn't fair to
paint them that way -- hell, many people on this mailing
list are overtly hostile to anarchism." [P.M., 1994-07-01]
- comments of Sherry Mayo, others
- But the libertarian streak is undeniably strong. And
libertarians who think about the failure of politics and
the implications of cryptgraphy generally come to the
anarcho-capitalist or crypto-anarchist point of view.
- In any case, the "other side" has not been very vocal in
espousing a consistent ideology that combines strong crypto
and things like welfare, entitlements, and high tax rates.
(I am not condemning them. Most of my leftist friends turn
out to believe in roughly the same things I believe
in...they just attach different labels and have negative
reactions to words like "capitalist.")
3.4.20. "Why is there so much ranting on the list?"
- Arguments go on and on, points get made dozens of times,
flaming escalates. This has gotten to be more of a problem
in recent months. (Not counting the spikes when Detweiler
was around.)
+ Several reasons:
+ the arguments are often matters of opinion, not fact, and
hence people just keep repeating their arguments
- made worse by the fact that many people are too lazy to
do off-line reading, to learn about what they are
expressing an opinion on
- since nothing ever gets resolved, decided, vote upon,
etc., the debates continue
- since anyone is free to speak up at any time, some people
will keep making the same points over and over again,
hoping to win through repetition (I guess)
+ since people usually don't personally know the other
members of the list, this promotes ranting (I've noticed
that the people who know each other, such as the Bay Area
folks, tend not to be as rude to each other...any
sociologist or psychologist would know why this is so
immediately).
+ the worst ranters tend to be the people who are most
isolated from the other members of the list community;
this is generally a well-known phenomenon of the Net
- and is yet more reason for regional Cypherpunks
groups to occasionally meet, to at least make some
social and conversational connections with folks in
their region.
- on the other hand, rudeness is often warranted; people
who assault me and otherwise plan to deprive me of my
property of deserving of death, not just insults [Don't
be worried, there are only a handful of people on this
list I would be happy to see dead, and on none of them
would I expend the $5000 it might take to buy a contract.
Of course, rates could drop.]
3.4.21. The "rejectionist" stance so many Cypherpunks have
- that compromise rarely helps when very basic issues are
involved
- the experience with the NRA trying compromise, only to find
ever-more-repressive laws passed
- the debacle with the EFF and their "EFF Digital Telephony
Bill" ("We couldn't have put this bill together without
your help") shows the corruption of power; I'm ashamed to
have ever been a member of the EFF, and will of course not
be renewing my membership.
- I have jokingly suggested we need a "Popular Front for the
Liberation of Crypto," by analogy with the PFLP.
3.4.22. "Is the Cypherpunks group an illegal or seditious
organization?"
- Well, there are those "Cypherpunk Criminal" t-shirts a lot
of us have...
- Depends on what country you're in.
- Probably in a couple of dozen countries, membership would
be frowned on
- the material may be illegal in other countries
- and many of us advocate things like using strong crypto to
avoid and evade tzxes, to bypass laws we dislike, etc.
3.5. Self-organizing Nature of Cypherpunks
3.5.1. Contrary to what people sometimes claim, there is no ruling
clique of Cypherpunks. Anybody is free to do nearly anything,
just not free to commit others to course of action, or
control the machine resources the list now runs on, or claim
to speak for the "Cypherpunks" as a group (and this last
point is unenforceable except through reptutation and social
repercussions).
3.5.2. Another reason to be glad there is no formal Cypherpunks
structure, ruling body, etc., is that there is then no direct
target for lawsuits, ITAR vioalation charges, defamation or
copyright infringement claims, etc.
3.6. Mechanics of the List
3.6.1. Archives of the Cyperpunks List
- Karl Barrus has a selection of posts at the site
chaos.bsu.edu, available via
gopher. Look in the "Cypherpunks gopher site" directory.
3.6.2. "Why isn't the list sent out in encrypted form?"
- Too much hassle, no additional security, would only make
people jump through extra hoops (which might be useful, but
probably not worth the extra hassle and ill feelings).
- "We did this about 8 years ago at E&S using DEC VMS NOTES.
We used a plain vanilla secret key algorithm and a key
shared by all legitimate members of the group. We could do
it today -- but why bother? If you have a key that
widespread, it's effectively certain that a "wrong person"
(however you define him/her) will have a copy of the key."
[Carl Ellison, Encrypted BBS?, 1993-08-02]
3.6.3. "Why isn't the list moderated?"
- This usually comes up during severe flaming episodes,
notably when Detweiler is on the list in one of his various
personnas. Recently, it has not come up, as things have
been relatively quiet.
+ Moderation will *not* happen
- nobody has the time it takes
- nobody wants the onus
+ hardly consistent with many of our anarchist leanings, is
it?
- (Technically, moderation can be viewed as "my house, my
rules, and hence OK, but I think you get my point.)
- "No, please let's not become a 'moderated' newsgroup. This
would be the end of freedom! This is similar to giving the
police more powers because crime is up. While it is a
tactic to fight off the invaders, a better tactic is
knowledge." [RWGreene@vnet.net, alt.gathering.rainbow, 1994-
07-06]"
3.6.4. "Why isn't the list split into smaller lists?"
- What do you call the list outages?
+ Seriously, several proposals to split the list into pieces
have resulted in not much
- a hardware group...never seen again, that I know of
- a "moderated cryptography" group, ditto
- a DC-Net group...ditto
- several regional groups and meeting planning groups,
which are apparently moribund
- a "Dig Lib" group...ditto
- use Rishab's comment:
+ Reasons are clear: one large group is more successful in
traffic than smaller, low-volume groups...out of sight,
out of mind
- and topics change anyway, so the need for a
"steganography" mailing list (argued vehemently for by
one person, not Romana M., by the way) fades away when
the debate shifts. And so on.
3.6.5. Critical Addresses, Numbers, etc.
+ Cypherpunks archives sites
- soda
- mirror sites
- ftp sites
- PGP locations
- Infobot at Wired
- majordomo@toad.com; "help" as message body
3.6.6. "How did the Cypherpunk remailers appear so quickly?"
- remailers were the first big win...a weekend of Perl
hacking
3.7. Publicity
3.7.1. "What kind of press coverage have the Cypherpunks gotten?"
- " I concur with those who suggest that the solution to the
ignorance manifested in many of the articles concerning the
Net is education. The coverage of the Cypherpunks of late
(at least in the Times) shows me that reasonable accuracy
is possible." [Chris Walsh, news.admin.policy, 1994-07-04]
3.8. Loose Ends
3.8.1. On extending the scope of Cypherpunks to other countres
- a kind of crypto underground, to spread crypto tools, to
help sow discord, to undermine corrupt governments (to my
mind, all governments now on the planet are intrinsically
corrupt and need to be undermined)
- links to the criminal underworlds of these countries is one
gutsy thing to consider....fraught with dangers, but
ultimately destabilizing of governments
4. Goals and Ideology -- Privacy, Freedom, New Approaches
4.1. copyright
THE CYPHERNOMICON: Cypherpunks FAQ and More, Version 0.666,
1994-09-10, Copyright Timothy C. May. All rights reserved.
See the detailed disclaimer. Use short sections under "fair
use" provisions, with appropriate credit, but don't put your
name on my words.
4.2. SUMMARY: Goals and Ideology -- Privacy, Freedom, New Approaches
4.2.1. Main Points
4.2.2. Connections to Other Sections
- Crypto Anarchy is the logical outgrowth of strong crypto.
4.2.3. Where to Find Additional Information
- Vernor Vinge's "True Names"
- David Friedman's "Machinery of Freedom"
4.2.4. Miscellaneous Comments
- Most of the list members are libertarians, or leaning in
that direction, so the bias toward this is apparent.
- (If there's a coherent _non_-libertarian ideology, that's
also consistent with supporting strong crypto, I'm not sure
it's been presented.)
4.3. Why a Statement of Ideology?
4.3.1. This is perhaps a controversial area. So why include it? The
main reason is to provide some grounding for the later
comments on many issues.
4.3.2. People should not expect a uniform ideology on this list.
Some of us are anarcho-capitalist radicals (or "crypto
anarchists"), others of us are staid Republicans, and still
others are Wobblies and other assored leftists.
4.4. "Welcome to Cypherpunks"
4.4.1. This is the message each new subscriber to the Cypherpunks
lists gets, by Eric Hughes:
4.4.2. "Cypherpunks assume privacy is a good thing and wish there
were more of it. Cypherpunks acknowledge that those who want
privacy must create it for themselves and not expect
governments, corporations, or other large, faceless
organizations to grant them privacy out of beneficence.
Cypherpunks know that people have been creating their own
privacy for centuries with whispers, envelopes, closed doors,
and couriers. Cypherpunks do not seek to prevent other
people from speaking about their experiences or their
opinions.
"The most important means to the defense of privacy is
encryption. To encrypt is to indicate the desire for privacy.
But to encrypt with weak cryptography is to indicate not too
much desire for privacy. Cypherpunks hope that all people
desiring privacy will learn how best to defend it.
"Cypherpunks are therefore devoted to cryptography.
Cypherpunks wish to learn about it, to teach it, to implement
it, and to make more of it. Cypherpunks know that
cryptographic protocols make social structures. Cypherpunks
know how to attack a system and how to defend it.
Cypherpunks know just how hard it is to make good
cryptosystems.
"Cypherpunks love to practice. They love to play with public
key cryptography. They love to play with anonymous and
pseudonymous mail forwarding and delivery. They love to play
with DC-nets. They love to play with secure communications
of all kinds.
"Cypherpunks write code. They know that someone has to write
code to defend privacy, and since it's their privacy, they're
going to write it. Cypherpunks publish their code so that
their fellow cypherpunks may practice and play with it.
Cypherpunks realize that security is not built in a day and
are patient with incremental progress.
"Cypherpunks don't care if you don't like the software they
write. Cypherpunks know that software can't be destroyed.
Cypherpunks know that a widely dispersed system can't be shut
down.
"Cypherpunks will make the networks safe for privacy." [Eric
Hughes, 1993-07-21 version]
4.5. "Cypherpunks Write Code"
4.5.1. "Cypherpunks write code" is almost our mantra.
4.5.2. This has come to be a defining statement. Eric Hughes used it
to mean that Cypherpunks place more importance in actually
changing things, in actually getting working code out, than
in merely talking about how things "ought" to be.
- Eric Hughes statement needed here:
- Karl Kleinpaste, author of one of the early anonymous
posting services (Charcoal) said this about some proposal
made: "If you've got serious plans for how to implement
such a thing, please implement it at least skeletally and
deploy it. Proof by example, watching such a system in
action, is far better than pontification about it."
[Karl_Kleinpaste@cs.cmu.edu, news.admin.policy, 1994-06-30]
4.5.3. "The admonition, "Cypherpunks write code," should be taken
metaphorically. I think "to write code" means to take
unilateral effective action as an individual. That may mean
writing actual code, but it could also mean dumpster diving
at Mycrotronx and anonymously releasing the recovered
information. It could also mean creating an offshore digital
bank. Don't get too literal on us here. What is important
is that Cypherpunks take personal responsibility for
empowering themselves against threats to privacy." [Sandy
Sandfort, 1994-07-08]
4.5.4. A Cypherpunks outlook: taking the abstractions of academic
conferences and making them concrete
- One thing Eric Hughes and I discussed at length (for 3 days
of nearly nonstop talk, in May, 1992) was the glacial rate
of progress in converting the cryptographic primitive
operations of the academic crypto conferences into actual,
workable code. The basic RSA algorithm was by then barely
available, more than 15 years after invention. (This was
before PGP 2.0, and PGP 1.0 was barely available and was
disappointing, with RSA Data Security's various products in
limited niches.) All the neat stuff on digital cash, DC-
Nets, bit commitment, olivioius transfer, digital mixes,
and so on, was completely absent, in terms of avialable
code or "crypto ICs" (to borrow Brad Cox's phrase). If it
took 10-15 years for RSA to really appear in the real
world, how long would it take some of the exciting stuff to
get out?
- We thought it would be a neat idea to find ways to reify
these things, to get actual running code. As it happened,
PGP 2.0 appeared the week of our very first meeting, and
both the Kleinpaste/Julf and Cypherpunks remailers were
quick, if incomplete, implementations of David Chaum's 1981
"digital mixes." (Right on schedule, 11 years later.)
- Sadly, most of the abstractions of cryptology remain
residents of academic space, with no (available)
implementations in the real world. (To be sure, I suspect
many people have cobbled-together versions of many of these
things, in C code, whatever. But their work is more like
building sand castles, to be lost when they graduate or
move on to other projects. This is of course not a problem
unique to cryptology.)
- Today, various toolkits and libraries are under
development. Henry Strickland (Strick) is working on a
toolkit based on John Ousterhout's "TCL" system (for Unix),
and of course RSADSI provides RSAREF. Pr0duct Cypher has
"PGP Tools." Other projects are underway. (My own longterm
interest here is in building objects which act as the
cryptography papers would have them act...building block
objects. For this, I'm looking at Smalltalk of some
flavor.)
- It is still the case that most of the modern crypto papers
discuss theoretical abstractions that are _not even close_
to being implemented as reusable, robust objects or
routines. Closing the gap between theoretical papers and
practical realization is a major Cypherpunk emphasis.
4.5.5. Prototypes, even if fatally flawed, allow for evolutionary
learning and improvement. Think of it as engineering in
action.
4.6. Technological empowerment
4.6.1. (more needed here....)
4.6.2. As Sandy Sandfort notes, "The real point of Cypherpunks is
that it's better to use strong crypto than weak crypto or no
crypto at all. Our use of crypto doesn't have to be totally
bullet proof to be of value. Let *them* worry about the
technicalities while we make sure they have to work harder
and pay more for our encrypted info than they would if it
were in plaintext." [S.S. 1994-07-01]
4.7. Free Speech Issues
4.7.1. Speech
- "Public speech is not a series of public speeches, but
rather one's own
words spoken openly and without shame....I desire a society
where all may speak freely about whatever topic they will.
I desire that all people might be able to choose to whom
they wish to speak and to whom they do not wish to speak.
I desire a society where all people may have an assurance
that their words are directed only at those to whom they
wish. Therefore I oppose all efforts by governments to
eavesdrop and to become unwanted listeners." [Eric Hughes,
1994-02-22]
- "The government has no right to restrict my use of
cryptography in any way. They may not forbid me to use
whatever ciphers I may like, nor may they require me to use
any that I do not like." [Eric Hughes, 1993-06-01]
4.7.2. "Should there be _any_ limits whatsoever on a person's use of
cryptography?"
- No. Using the mathematics of cryptography is merely the
manipulation of symbols. No crime is involved, ipso facto.
- Also, as Eric Hughes has pointed out, this is another of
those questions where the normative "should" or "shouldn't"
invokes "the policeman inside." A better way to look at is
to see what steps people can take to make any question of
"should" this be allowed just moot.
- The "crimes" are actual physical acts like murder and
kidnapping. The fact that crypto may be used by plotters
and planners, thus making detection more difficult, is in
no way different from the possibility that plotters may
speak in an unusual language to each other (ciphers), or
meet in a private home (security), or speak in a soft voice
when in public (steganography). None of these things should
be illegal, and *none of them would be enforceable* except
in the most rigid of police states (and probably not even
there).
- "Crypto is thoughtcrime" is the effect of restricting
cryptography use.
4.7.3. Democracy and censorship
- Does a community have the right to decide what newsgroups
or magazines it allows in its community? Does a nation have
the right to do the same? (Tennessee, Iraq, Iran, France.
Utah?)
- This is what bypasses with crypto are all about: taking
these majoritarian morality decisions out of the hands of
the bluenoses. Direct action to secure freedoms.
4.8. Privacy Issues
4.8.1. "Is there an agenda here beyond just ensuring privacy?"
- Definitely! I think I can safely say that for nearly all
political persuasions on the Cypherpunks list. Left, right,
libertarian, or anarchist, there's much more to to strong
crypto than simple privacy. Privacy qua privacy is fairly
uninteresting. If all one wants is privacy, one can simply
keep to one's self, stay off high-visibility lists like
this, and generally stay out of trouble.
- Many of us see strong crypto as the key enabling technology
for a new economic and social system, a system which will
develop as cyberspace becomes more important. A system
which dispenses with national boundaries, which is based on
voluntary (even if anonymous) free trade. At issue is the
end of governments as we know them today. (Look at
interactions on the Net--on this list, for example--and
you'll see many so-called nationalities, voluntary
interaction, and the almost complete absence of any "laws."
Aside from their being almost no rules per se for the
Cypherpunks list, there are essentially no national laws
that are invokable in any way. This is a fast-growing
trend.)
+ Motivations for Cypherpunks
- Privacy. If maintaining privacy is the main goal, there's
not much more to say. Keep a low profile, protect data,
avoid giving out personal information, limit the number
of bank loans and credit applications, pay cash often,
etc.
- Privacy in activism.
+ New Structures. Using cryptographic constructs to build
new political, economic, and even social structures.
- Political: Voting, polling, information access,
whistleblowing
- Economic: Free markets, information markets, increased
liquidity, black markets
- Social: Cyberspatial communities, True Names
- Publically inspectable algorithms always win out over
private, secret algorithms
4.8.2. "What is the American attitude toward privacy and
encryption?"
+ There are two distinct (and perhaps simultaneously held)
views that have long been found in the American psyche:
- "A man's home is his castle." "Mind your own business."
The frontier and Calvinist sprit of keeping one's
business to one's self.
- "What have you got to hide?" The nosiness of busybodies,
gossiping about what others are doing, and being
suspicious of those who try too hard to hide what they
are doing.
+ The American attitude currently seems to favor privacy over
police powers, as evidenced by a Time-CNN poll:
- "In a Time/CNN poll of 1,000 Americans conducted last
week by Yankelovich Partners, two-thirds said it was more
important to protect the privacy of phone calls than to
preserve the ability of police to conduct wiretaps. When
informed about the Clipper Chip, 80% said they opposed
it." [Philip Elmer-Dewitt, "Who Should Keep the Keys,"
_TIME_, 1994-03-04.]
- The answer given is clearly a function of how the question
is phrased. Ask folks if they favor "unbreakable
encryption" or "fortress capabilities" for terrorists,
pedophiles, and other malefactors, and they'll likely give
a quite different answer. It is this tack now being taken
by the Clipper folks. Watch out for this!
- Me, I have no doubts.
- As Perry Metzger puts it, "I find the recent disclosures
concerning U.S. Government testing of the effects of
radiation on unknowing human subjects to be yet more
evidence that you simply cannot trust the government with
your own personal safety. Some people, given positions of
power, will naturally abuse those positions, often even if
such abuse could cause severe injury or death. I see little
reason, therefore, to simply "trust" the U.S. government --
and given that the U.S. government is about as good as they
get, its obvious that NO government deserves the blind
trust of its citizens. "Trust us, we will protect you"
rings quite hollow in the face of historical evidence.
Citizens must protect and preserve their own privacy -- the
government and its centralized cryptographic schemes
emphatically cannot be trusted." [P.M., 1994-01-01]
4.8.3. "How is 1994 like 1984?"
- The television ad for Clipper: "Clipper--why 1994 _will_ be
like 1984"
+ As Mike Ingle puts it:
- 1994: Wiretapping is privacy
Secrecy is openness
Obscurity is security
4.8.4. "We anticipate that computer networks will play a more and
more important role in many parts of our lives. But this
increased computerization brings tremendous dangers for
infringing privacy. Cypherpunks seek to put into place
structures which will allow people to preserve their privacy
if they choose. No one will be forced to use pseudonyms or
post anonymously. But it should be a matter of choice how
much information a person chooses to reveal about himself
when he communicates. Right now, the nets don't give you
that much choice. We are trying to give this power to
people." [Hal Finney, 1993-02-23]
4.8.5. "If cypherpunks contribute nothing else we can create a real
privacy advocacy group, advocating means of real self-
empowerment, from crypto to nom de guerre credit cards,
instead of advocating further invasions of our privacy as the
so-called privacy advocates are now doing!" [Jim Hart, 1994-
09-08]
4.9. Education Issues
4.9.1. "How can we get more people to use crypto?"
- telling them about the themes of Cypherpunks
- surveillance, wiretapping, Digital Telephony, Clipper, NSA,
FinCEN, etc....these things tend to scare a lot of folks
- making PGP easier to use, better integration with mailers,
etc.
- (To be frank, convincing others to protect themselves is
not one of my highest priorities. Then why have I written
this megabyte-plus FAQ? Good question. Getting more users
is a general win, for obvious reasons.)
4.9.2. "Who needs to encrypt?"
+ Corporations
- competitors...fax transmissions
+ foreign governments
- Chobetsu, GCHQ, SDECE, Mossad, KGB
+ their own government
- NSA intercepts of plans, investments
+ Activist Groups
- Aryan Nation needs to encrypt, as FBI has announced their
intent to infiltrate and subvert this group
- RU-486 networks
- Amnesty International
+ Terrorists and Drug Dealers
- clearly are clueless at times (Pablo Escobar using a
cellphone!)
- Triads, Russian Mafia, many are becoming crypto-literate
- (I've been appoached-'nuff said)
+ Doctors, lawyers, psychiatrists, etc.
- to preserve records against theft, snooping, casual
examination, etc.
- in many cases, a legal obligation has been attached to
this (notably, medical records)
- the curious situation that many people are essentially
_required_ to encrypt (no other way to ensure standards
are met) and yet various laws exists to limit
encryption...ITAR, Clipper, EES
- (Clipper is a partial answer, if unsatisfactory)
4.9.3. "When should crypto be used?"
- It's an economic matter. Each person has to decide when to
use it, and how. Me, I dislike having to download messages
to my home machine before I can read them. Others use it
routinely.
4.10. Libertarian Issues
4.10.1. A technological approach to freedom and privacy:
- "Freedom is, practically, given as much (or more) by the
tools we can build to protect it, as it is by our ability
to convince others who violently disagree with us not to
attack us. On the Internet we have tools like anon
remailers and PGP that give us a great deal of freedom
from coercion even in the midst of censors. Thus, these
tools piss off fans of centralized information control, the
defenders of the status quo, like nothing else on the
Internet." [<an50@desert.hacktic.nl> (Nobody), libtech-
l@netcom.com, 1994-06-08]
+ Duncan Frissell, as usual, put it cogently:
- "If I withhold my capital from some country or enterprise
I am not threatening to kill anyone. When a "Democratic
State" decides to do something, it does so with armed
men. If you don't obey, they tend to shoot....[I]f
technological change enhances the powers of individuals,
their power is enhanced no matter what the government
does.
"If the collective is weakened and the individual
strengthened by the fact that I have the power of cheap
guns, cars, computers, telecoms, and crypto then the
collective has been weakened and we should ease the
transition to a society based on voluntary rather than
coerced interaction.
"Unless you can figure out a new, improved way of
controlling others; you have no choice." [D.F., Decline
and Fall, 1994-06-19]
4.10.2. "They that can give up essential liberty to obtain a little
temporary safety deserve neither liberty nor safety."
[Benjamin Franklin]
4.10.3. a typical view of government
- "As I see it, it's always a home for bullies masquerading
as a collective defense. Sometimes it actually it actually
has to perform its advertised defense function. Like naked
quarks,
purely defensive governments cannot exist. They are
bipolar by nature, with some poles (i.e., the bullying
part) being "more equal than others." [Sandy Sandfort, 1994-
09-06]
4.10.4. Sadly, several of our speculative scenarios for various laws
have come to pass. Even several of my own, such as:
- "(Yet Another May Prediction Realized)...The text of a
"digital stalking bill" was just sent to Cyberia-l." [L.
Todd Masco, 1994-08-31] (This was a joking prediction I
made that "digital stalking" would soon be a crime; there
had been news articles about the horrors of such
cyberspatial stalkings, regardless of there being no real
physical threats, so this move is not all that surprising.
Not surprising in an age when free speech gets outlawed as
"assault speech.")
4.10.5. "Don't tread on me."
4.10.6. However, it's easy to get too negative on the situation, to
assume that a socialist state is right around the corner. Or
that a new Hitler will come to power. These are unlikely
developments, and not only because of strong crypto.
Financial markets are putting constraints on how fascist a
government can get...the international bond markets, for
example, will quickly react to signs like this. (This is the
theory, at least.)
4.10.7. Locality of reference, cash, TANSTAAFL, privacy
- closure, local computation, local benefits
- no accounting system needed
- markets clear
- market distortions like rationing, coupons, quotas, all
require centralized record-keeping
- anything that ties economic transactions to identity
(rationing, entitlements, insurance) implies identity-
tracking, credentials, etc.
+ Nonlocality also dramatically increases the opportunities
for fraud, for scams and con jobs
- because something is being promised for future delivery
(the essence of many scams) and is not verifiable locally
- because "trust" is invoked
- Locality also fixes the "policeman inside" problem: the
costs of decisions are borne by the decider, not by others.
4.11. Crypto Anarchy
4.11.1. The Crypto Anarchy Principle: Strong crypto permits
unbreakable encrypion, unforgeable signatures, untraceable
electronic messages, and unlinkable pseudonomous identities.
This ensures that some transactions and communications can be
entered into only voluntarily. External force, law, and
regulation cannot be applied. This is "anarchy," in the sense
of no outside rulers and laws. Voluntary arrangements, back-
stopped by voluntarily-arranged institutions like escrow
services, will be the only form of rule. This is "crypto
anarchy."
4.11.2. crypto allows a return to contracts that governments cannot
breach
- based on reputation, repeat business
- example: ordering illegal material untraceably and
anonymously,,,governments are powerless to do anything
- private spaces, with the privacy enforced via cryptographic
permissions (access credentials)
- escrows (bonds)
4.11.3. Technological solutions over legalistic regulations
+ Marc Ringuette summarized things nicely:
- "What we're after is some "community standards" for
cyberspace, and what I'm suggesting is the fairly
libertarian standard that goes like this:
" Prefer technological solutions and self-protection
solutions
over rule-making, where they are feasible.
"This is based on the notion that the more rules there
are, the more people will call for the "net police" to
enforce them. If we can encourage community standards
which emphasize a prudent level of self-protection, then
we'll be able to make do with fewer rules and a less
intrusive level of policing."[Marc Ringuette, 1993-03-14]
+ Hal Finney has made cogent arguments as to why we should
not become too complacent about the role of technology vis-
a-vis politics. He warns us not to grow to confident:
- "Fundamentally, I believe we will have the kind of
society that most people want. If we want freedom and
privacy, we must persuade others that these are worth
having. There are no shortcuts. Withdrawing into
technology is like pulling the blankets over your head.
It feels good for a while, until reality catches up. The
next Clipper or Digital Telephony proposal will provide a
rude awakening." [Hal Finney, POLI: Politics vs
Technology, 1994-01-02]
- "The idea here is that the ultimate solution to the low
signal-to-noise ratio on the nets is not a matter of
forcing people to "stand behind their words". People can
stand behind all kinds of idiotic ideas. Rather, there
will need to be developed better systems for filtering news
and mail, for developing "digital reputations" which can be
stamped on one's postings to pass through these smart
filters, and even applying these reputations to pseudonyms.
In such a system, the fact that someone is posting or
mailing pseudonymously is not a problem, since nuisance
posters won't be able to get through." [Hal Finney, 1993-
02-23]
4.11.4. Reputations
4.11.5. I have a moral outlook that many will find unacceptable or
repugnant. To cut to the chase: I support the killing of
those who break contracts, who steal in serious enough ways,
and who otherwise commit what I think of as crimes.
+ I don't mean this abstractly. Here's an example:
- Someone is carrying drugs. He knows what he's involved
in. He knows that theft is punishable by death. And yet
he steals some of the merchandise.
- Dealers understand that they cannot tolerate this, that
an example must be made, else all of their employees will
steal.
- Understand that I'm not talking about the state doing the
killing, nor would I do the killing. I'm just saying such
things are the natural enforcement mechanism for such
markets. Realpolitik.
- (A meta point: the drug laws makes things this way.
Legalize all drugs and the businesses would be more like
"ordinary" businesses.)
- In my highly personal opinion, many people, including most
Congressrodents, have committed crimes that earn them the
death penalty; I will not be sorry to see anonymous
assassination markets used to deal with them.
4.11.6. Increased espionage will help to destroy nation-state-empires
like the U.S., which has gotten far too bloated and far too
dependent on throwing its weight around; nuclear "terrorism"
may knock out a few cities, but this may be a small price to
pay to undermine totally the socialist welfare states that
have launched so many wars this century.
4.12. Loose Ends
4.12.1. "Why take a "no compromise" stance?"
- Compromise often ends up in the death of a thousand cuts.
Better to just take a rejectionist stance.
- The National Rifle Association (NRA) learned this lesson
the hard way. EFF may eventually learn it; right now they
appear to be in the "coopted by the power center" mode,
luxuriating in their inside-the-Beltway access to the Veep,
their flights on Air Force One, and their general
schmoozing with the movers and shakers...getting along by
going along.
- Let's not compromise on basic issues. Treat censorship as a
problem to be routed around (as John Gilmore suggests), not
as something that needs to be compromised on. (This is
directed at rumblings about how the Net needs to "police
itself," by the "reasonable" censorship of offensive posts,
by the "moderation" of newsgroups, etc. What should concern
us is the accomodation of this view by well-meaning civil
liberties groups, which are apparently willing to play a
role in this "self-policing" system. No thanks.)
- (And since people often misunderstand this point, I'm not
saying private companies can't set whatever policies they
wish, that moderated newsgroups can't be formed, etc.
Private arrangements are just that. The issue is when
censorship is forced on those who have no other
obligations. Government usually does this, often aided and
abetted by corporations and lobbying groups. This is what
we need to fight. Fight by routing around, via technology.)
4.12.2. The inherent evils of democracy
- To be blunt about it, I've come to despise the modern
version of democracy we have. Every issue is framed in
terms of popular sentiment, in terms of how the public
would vote. Mob rule at its worst.
- Should people be allowed to wear blue jeans? Put it to a
vote. Can employers have a policy on blue jeans? Pass a
law. Should health care be provided to all? Put it to a
vote. And so on, whittling away basic freedoms and rights.
A travesty. The tyranny of the majority.
- De Toqueville warned of this when he said that the American
experiment in democracy would last only until citizens
discovered they could pick the pockets of their neighbors
at the ballot box.
- But maybe we can stop this nonsense. I support strong
crypto (and its eventual form, crypto anarchy) because it
undermines this form of democracy. It takes some (and
perhaps many) transactions out of the realm of popularity
contests, beyond the reach of will of the herd. (No, I am
not arguing there will be a complete phase change. As the
saying goes, "You can't eat cyberspace." But a lot of
consulting, technical work, programming, etc., can in fact
be done with crypto anarchic methods, with the money gained
transferred in a variety of ways into the "real world."
More on this elsewhere.)
+ Crypto anarchy effectively allows people to pick and choose
which laws they support, at least in cyberspatial contexts.
It empowers people to break the local bonds of their
majoritarian normative systems and decide for themselves
which laws are moral and which are bullshit.
- I happen to have faith that most people will settle on a
relatively small number of laws that they'll (mostly)
support, a kind of Schelling point in legal space.
4.12.3. "Is the Cypherpunks agenda _too extreme_?"
- Bear in mind that most of the "Cypherpunks agenda," to the
extent we can identify it, is likely to provoke ordinary
citizens into _outrage_. Talk of anonymous mail, digital
money, money laundering, information markets, data havens,
undermining authority, transnationalism, and all the rest
(insert your favorite idea) is not exactly mainstream.
4.12.4. "Crypto Anarchy sounds too wild for me."
- I accept that many people will find the implications of
crypto anarchy (which follows in turn from the existence of
strong cryptography, via the Crypto Anarchy Principle) to
be more than they can accept.
- This is OK (not that you need my OK!). The house of
Cypherpunks has many rooms.
5. Cryptology
5.1. copyright
THE CYPHERNOMICON: Cypherpunks FAQ and More, Version 0.666,
1994-09-10, Copyright Timothy C. May. All rights reserved.
See the detailed disclaimer. Use short sections under "fair
use" provisions, with appropriate credit, but don't put your
name on my words.
5.2. SUMMARY: Cryptology
5.2.1. Main Points
- gaps still exist here...I treated this as fairly low
priority, given the wealth of material on cryptography
5.2.2. Connections to Other Sections
- detailed crypto knowledge is not needed to understand many
of the implications, but it helps to know the basics (it
heads off many of the most wrong-headed interpretations)
- in particular, everyone should learn enough to at least
vaguely understand how "blinding" works
5.2.3. Where to Find Additional Information
+ a dozen or so major books
- Schneier, "Applied Cryptography"--is practically
"required reading"
- Denning
- Brassard
- Simmons
- Welsh, Dominic
- Salomaa
- "CRYPTO" Proceedings
- Other books I can take or leave
- many ftp sites, detailed in various places in this doc
- sci.crypt, alt.privacy.pgp, etc.
- sci.crypt.research is a new group, and is moderated, so it
should have some high-quality, technical posts
- FAQs on sci.crypt, from RSA, etc.
- Dave Banisar of EPIC (Electronic Privacy Information
Center) reports: "...we have several hundred files on
encryption available via ftp/wais/gopher/WWW from cpsr.org
/cpsr/privacy/crypto." [D.B., sci.crypt, 1994-06-30]
5.2.4. Miscellaneous Comments
- details of algorithms would fill several books...and do
- hence, will not cover crypto in depth here (the main focus
of this doc is the implications of crypto, the
Cypherpunkian aspects, the things not covered in crypto
textbooks)
- beware of getting lost in the minutiae, in the details of
specific algorithms...try to keep in the mind the
_important_ aspects of any system
5.3. What this FAQ Section Will Not Cover
5.3.1. Why a section on crypto when so many other sources exist?
- A good question. I'll be keeping this section brief, as
many textbooks can afford to do a much better job here than
I can.
- not just for those who read number theory books with one
hand
5.3.2. NOTE: This section may remain disorganized, at least as
compared to some of the later sections. Many excellent
sources on crypto exist, including readily available FAQs
(sci.crypt, RSADSI FAQ) and books. Schneier's books is
especially recommended, and should be on _every_ Cypherpunk's
bookshelf.
5.4. Crypto Basics
5.4.1. "What is cryptology?"
- we see crypto all around us...the keys in our pockets, the
signatures on our driver's licenses and other cards, the
photo IDs, the credit cards
+ cryptography or cryptology, the science of secret
writing...but it's a lot more...consider I.D. cards, locks
on doors, combinations to safes, private
information...secrecy is all around us
- some say this is bad--the tension between "what have you
got to hide?" and "none of your business"
- some exotic stuff: digital money, voting systems, advanced
software protocols
- of importance to protecting privacy in a world of
localizers (a la Bob and Cherie), credit cards, tags on
cars, etc....the dossier society
+ general comments on cryptography
- chain is only as strong as its weakest link
- assume opponnent knows everything except the secret key
-
- Crypto is about economics
+ Codes and Ciphers
+ Simple Codes
- Code Books
+ Simple Ciphers
+ Substitution Ciphers (A=C, B=D, etc.)
- Caesar Shift (blocks)
+ Keyword Ciphers