I've written some more material for it. Criticisms and additions welcome. --- DRAFT VERSION ---- DRAFT VERSION ---- DRAFT VERSION ---- DRAFT VERSION --- From: esr@snark.thyrsus.com (Eric S. Raymond) Newsgroups: news.answers Followup-To: poster This is the Cypherpunks FAQ. It explains the projects and purposes of the Cypherpunks mailing list. It is also intended to serve as a general introduction to privacy and encryption issues. For details on the technical and theoretical aspects of computer cryptography, see the sci.crypt FAQ, available for FTP from rtfm.mit.edu (18.172.1.27) in the directory pub/usenet-by-group/sci.crypt. The cypherpunks archive is available for FTP at soda.berkeley.edu:pub/cypherpunks This site contains code, information, rants, and other miscellany, including the most up-to-date version of this FAQ. This FAQ is maintained by Eric S. Raymond <esr@snark.thyrsus.com>; send additions and corrections to that address. Sections contributed by others are credited to individual authors. We gratefully acknowledge, in addition, feedback and comments from David Mandl <dmandl@lehman.com> and Eric Hughes <hughes@soda.berkeley.edu>. Here is a table of contents for this FAQ: 1. Why cypherpunks? 2. What are the essentials of privacy software? a. Public-key cryptosystems for secure communication. b. Unforgeable electronic signatures for message authentication. c. DC-net or similar protocols to thwart spoofing. 3. What are the potential applications of good privacy software? a. Secure communications. b. Digital cash. c. Electronic voting. d. Electronic contracts. e. Secure anonymous remailers and posters. f. <more?> 4. What are the key algorithms, tools, and implementations for privacy software? a. RSA b. DES c. Clipper/Capstone/DSS d. PGP e. Possible non-RSA trapdoor functions. 5. What are the social and political implications of good privacy software? a. Drastically lower transaction costs for trade. b. Expansion of the counter-economy. c. Disempowerment of government. d. Anonymity for whistleblowers. 6. What are the legal, political, and technical obstacles? a. The Clipper/Capstone/DSS power grab. b. The RSA patent and the PGP/RSA fight. c. RSA's base problem may not be NP-complete. 7. What can I do to help? a. Work on cryptographic software. b. Agitate against the Clipper/Capstone/DES proposals. c. Promote the use of encrypted communication. To join the cypherpunks mailing list, send a request to: cypherpunks-request@toad.com Working with us could be your best shot at stopping Big Brother. So if you have skills to contribute, act now. The freedom you save could be your own. 1. Why cypherpunks? Because privacy is essential to freedom. If the government (or any other oppressor that behaves like one) can effectively monitor communications, it can control or suppress them. And it will do so, because the natural tendency of controllers is always to seek more control. The government cannot be relied on to protect your privacy rights. Nor can anyone else --- certainly not your employer, or the corporations that want to know all about you so they can sell you things. Given half the chance, governments and corporations will always push for security standards that protect *them*, but not *you*. Computer technology can help protect you against would-be snoopers, but only if somebody is sufficiently smart and dedicated to build the tools. The Cypherpunks list exists to build and propagate privacy software. Our aim is to give you the tools to keep your private information private, and to communicate with other people and computers in ways snoopers cannot tap. 2. What are the essentials of privacy software? a. Public-key cryptosystems for secure communication. A conventional cryptosystem consists of an encoding/decoding method and a single key. Two users who share a key can exchange private messages. A public-key cryptosystem uses a *pair* of keys; one private, one public. Anyone with either key can decode messages encoded with the other. For privacy, it must be impossible (or at least impractical) to deduce the private key from the public one. Public-key cryptosystems imply many exciting things --- unforgeable electronic signatures, digital cash, and secure electronic contracts are among them. The basic idea behind all of these is that, as long as your private key is secure, people can verify that an encoded message containg known text came from you by decoding with your public key. In the remainder of this FAQ we use `PKC' as an abbreviation for `Public Key Cryptosystem'. The best-known PKCs are the RSA system, the Federal Government's DES standard, and the government's Clipper proposal. We'll discuss these, and others, in more detail below. b. Unforgeable electronic signatures for message authentication. There are many circumstances in which you want to be able to check a public clear-text message for tampering. To do this, the message must contain a `digital signature' or `message digest code' or `message hash' derived from its clear text, which can be checked against the clear text by a receiver. For security, the message hash should have the property that no one knows how to modify a message in a way that preserves its hash. PKCs give you unforgeable signatures as a side-effect. Unfortunately, known PKCs are too slow to use practically for message hashing. Thus, there is a separate category of `Digital Signature Systems'. The three major DSS techniques are Snefru, MD5, and DSS. Snefru, invented by Ralph Merkle at Xerox PARC, is of historical interest only as it has been broken. MD5 is described in Internet RFC 1321, which also gives a reference implementation in C. As of July 1993 it is believed to be secure, but has not been *proved* to be secure. DSS is a Federal Government proposed standard associated with the Clipper proposal. <more needed here> c. DC-net or similar protocols to thwart spoofing. <more needed here> 3. What are the potential applications of good privacy software? a. Secure communications. With a PKC, you can send a message that no one but the intended receiver can decrypt by encoding it with the receiver's public key. If you encode it with *your* public key, the receiver can verify that it came from you. This means that it is possible to do secure communications even over public channels. Neither nosy neighbors, business competitors, nor the government or any (other) criminal gang can interfere with it. b. Digital cash. Unforgeable messages also imply digital cash. You could use a PKC to send to the receiver a code permitting them to draw a particular amount of money from your bank account. The bank, with access to both yours and the payee's public keys, can verify that the order is genuine. This means that it is possible to do trade over electronic links, without any part trusting any other party beyond the bounds of normal commercial risk. c. Electronic voting. Unforgeable messages also imply secure electronic voting. If you encode your voting form with a PKC, the vote-collecting authority can verify it with your public key. d. Electronic contracts. If two or more people encode known text with their private keys applied in succession, all their public keys will be required to decode it. This is an unforgeable contract. Furthermore, it is an unforgeable *private* contract. e. Secure anonymous remailers and posters. <more needed here> 4. What are the key algorithms, tools, and implementations for privacy software? a. RSA RSA stands for `Rivest-Shamir-Adelson', the names of the three computer scientists who developed the technique. RSA has withstood determined attacks for over a decade and is widely believed to be secure. It has been proposed as an Internet standard. The RSA technique is patented. The patents are held by RSA, Inc. <contact information should go here>. An implemenation in C called RSAREF is available for research and certain noncommercial uses. b. DES <more needed here> c. Clipper/Capstone/DSS <more needed here> d. PGP <more needed here> e. Possible non-RSA trapdoor functions. <more needed here> 5. What are the social and political implications of good privacy software? a. Drastically lower transaction costs for trade. <more needed here> b. Expansion of the counter-economy. <more needed here> c. Disempowerment of government. <more needed here> d. Anonymity for whistleblowers. <more needed here> 6. What are the legal, political, and technical obstacles? <more needed here> a. The Clipper/Capstone/DSS power grab. <more needed here> b. The RSA patent and the PGP/RSA fight. <more needed here> c. RSA's base problem may not be NP-complete. <more needed here> 7. What can I do to help? a. Work on cryptographic software. <list of current projects should go here> b. Agitate against the Clipper/Capstone/DES proposals. <more needed here> c. Promote the routine use of encrypted communication. <more needed here> You can help spread PGP and other appropriate tools far and wide (both to help get a better foothold to thwart the Clipper proposal and its ilk, and to work towards making crypto as commonplace as envelopes). --- DRAFT VERSION ---- DRAFT VERSION ---- DRAFT VERSION ---- DRAFT VERSION --- -- >>eric>>