1996-11-12 - Re: Why is cryptoanarchy irreversible?

Header Data

From: ph@netcom.com (Peter Hendrickson)
To: Adam Back <aba@dcs.ex.ac.uk>
Message Hash: f8a6994a6d24af8a8029b9577de6dfc9938e1fec2d0789aafc4e779f2624585e
Message ID: <v02140b06aeada4b1925d@[192.0.2.1]>
Reply To: N/A
UTC Datetime: 1996-11-12 04:49:41 UTC
Raw Date: Mon, 11 Nov 1996 20:49:41 -0800 (PST)

Raw message

From: ph@netcom.com (Peter Hendrickson)
Date: Mon, 11 Nov 1996 20:49:41 -0800 (PST)
To: Adam Back <aba@dcs.ex.ac.uk>
Subject: Re: Why is cryptoanarchy irreversible?
Message-ID: <v02140b06aeada4b1925d@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 12:34 PM 11/10/1996, Adam Back wrote:
>Peter Hendrickson <ph@netcom.com> writes:
>>At 3:30 AM 11/9/1996, Adam Back wrote:
>>>Peter Hendrickson <ph@netcom.com> writes:
>>>> Where will you keep your secret key?  Remember, when they go through
>>>> your house they bring 20 young graduates from MIT who are just dying
>>>> to show how clever they are and save the world at the same time.

>>> Keep your secret key in your head.

>> I think this is hard to do in practice.  I have tried.

> You could probably keep a hashing function around plausibly, then you
> could do as usual and remember the passphrase and use the hash
> function to construct the actual key.

9 words selected from a pool of 25,000 has an entropy of about
131 bits.  I could probably remember that.

> If your stego techniques are any good, the feds will never get beyond
> that point.  They will then be left with the option of doing random
> `spot-checks'.  Having been on the cypherpunks list probably would
> increase your chances of having your system checked.

Yes, if things go sour, I doubt many cypherpunks will be practicing
cryptoanarchists.

>>> Your real challenge is keeping your stego programs safe.  Boot
>>> strapping a stegoed encrypted file system while leaving no stego code
>>> lying around isn't that easy.

>> Excellent point, especially since you don't have an encrypted virtual
>> disk.  Can anybody resolve this?

>>> rc4 in C:
>>>
>>> #define S,t=s[i],s[i]=s[j],s[j]=t /* rc4 key <file */
>>> unsigned char s[256],i,j,t;main(c,v)char**v;{++v;while
>>> (s[++i]=i);while(j+=s[i]+(*v)[i%strlen(*v)]S,++i);for(
>>> j=0;c=~getchar();putchar(~c^s[t+=s[i]]))j+=s[++i]S;}

>> (Under 3.3)  I would have a hard time memorizing these programs.  This
>> pretty much guarantees that the number of cryptoanarchists will be small.

> That program is optimised for size rather than ease of memorizing.

> RC4 is an elegantly simple algorithm, and I sumbit that you could
> remember it.  Barring that you could just leave around a few
> cypherpunks archives, or sci.crypt archives or whatever, and cut and
> paste it form one of my posts :-)

I am willing to accept that I can remember it.

> Because RC4 is a stream cipher, you shouldn't reuse the key.  However
> you shouldn't need to for this application.  You just use it to boot-
> strap the real code.

You are beginning to convince me.

>> (I am deeply envious of your legal right to post this code, however.
>> Now, why was it that we broke away from the Mother Country?)

>> I would like to see a longer exposition of your approach.  Given
>> a hostile environment, how would I operate a small anonymous perl
>> coding service using your techniques?

> Once you've bootstrapped to your cryptoanarchists toolkit, you can
> have anything you want, even a virtual TCP/IP layer, a hidden level of
> TCP/IP in stego data.  TCP/IP itself is a likely candidate for a stego
> carrier.  Non-predictable sequence nos are required to stop things
> like the spoofing attack, and so are perfectly plausible.

> Once we get to everyone having enough bandwidth, lots of people with
> permanent connections, lots of people using video conference software,
> audio, downloading feature length films, etc. there's no stopping
> crypto anarchy.  The LSbits in that lot would make a fairly responsive
> subliminal channel by todays standards.

I am finding this all very persuasive, although I am still suspicious
of stegonagraphy.

It would be cool to have an exact specification and working machine.

This might even be easy enough to operate that non-technical people
could learn how to do it, which implies that there could be large
numbers of practicing cryptoanarchists.

What we need is an experiment.  Let's pick a country with a near
police state and design a system so that people in that country
can freely and securely communicate with each other and the outside
world with minimal chance of arrest.  Once the system is available,
we can see if it succeeds in the field.  I'll leave others to
suggest the target.

>> Don't forget to tell me how I get paid and when I get to spend my
>> "ill-gotten" gains and how nobody will notice that I am doing it.

> You get paid in ecash, paid on the BlackNet bank.  You take a holiday
> to a tax-haven and get paid off by a getting "lucky" at a BlackNet
> affiliated casino.  The casino takes a their "currency exchange fee",
> and you get US$.  Translations into paper currencies, I'll admit are
> the weak link if you need paper currencies.

> However there are two ways to get anonymous electronic cash, either
> you start with anonymous electronic cash, or you add the anonymity
> afterwards via `privacy brokers', once there are a few dozen systems,
> and trillions flowing around using these systems, it's going to be
> hard to keep track of it all.

I still think the eventual payoff is a weak point, but it does make
me think that in order to stop cryptoanarchy, foreign travel and
foreign communication would have to be tightly controlled.  If
steganographic evidence is the only evidence that can be collected
(and RC4 is strong) then it would be necessary to give the authorities
great flexibility.  Which means that it is beginning to look more and
more like a bona fide police state as Tim suggested.

While payment is a weak point, there are many cryptoanarchic activities
that don't involve payment, such as participating in mailing lists,
which people may like to do even when their governments disapprove.

Anyway, you have certainly given me a lot to think about.  I still
have some doubts about safety from tempest attacks and the like,
but my basic claim that you can stop cryptoanarchy without full
deployment of a police state is looking weak to me right now.

Peter Hendrickson
ph@netcom.com







Thread