Re: Why is cryptoanarchy irreversible?
At 12:34 PM 11/10/1996, Adam Back wrote:
Peter Hendrickson <ph@netcom.com> writes:
At 3:30 AM 11/9/1996, Adam Back wrote:
Peter Hendrickson <ph@netcom.com> writes:
Where will you keep your secret key? Remember, when they go through your house they bring 20 young graduates from MIT who are just dying to show how clever they are and save the world at the same time.
Keep your secret key in your head.
I think this is hard to do in practice. I have tried.
You could probably keep a hashing function around plausibly, then you could do as usual and remember the passphrase and use the hash function to construct the actual key.
9 words selected from a pool of 25,000 has an entropy of about 131 bits. I could probably remember that.
If your stego techniques are any good, the feds will never get beyond that point. They will then be left with the option of doing random `spot-checks'. Having been on the cypherpunks list probably would increase your chances of having your system checked.
Yes, if things go sour, I doubt many cypherpunks will be practicing cryptoanarchists.
Your real challenge is keeping your stego programs safe. Boot strapping a stegoed encrypted file system while leaving no stego code lying around isn't that easy.
Excellent point, especially since you don't have an encrypted virtual disk. Can anybody resolve this?
rc4 in C:
#define S,t=s[i],s[i]=s[j],s[j]=t /* rc4 key <file */ unsigned char s[256],i,j,t;main(c,v)char**v;{++v;while (s[++i]=i);while(j+=s[i]+(*v)[i%strlen(*v)]S,++i);for( j=0;c=~getchar();putchar(~c^s[t+=s[i]]))j+=s[++i]S;}
(Under 3.3) I would have a hard time memorizing these programs. This pretty much guarantees that the number of cryptoanarchists will be small.
That program is optimised for size rather than ease of memorizing.
RC4 is an elegantly simple algorithm, and I sumbit that you could remember it. Barring that you could just leave around a few cypherpunks archives, or sci.crypt archives or whatever, and cut and paste it form one of my posts :-)
I am willing to accept that I can remember it.
Because RC4 is a stream cipher, you shouldn't reuse the key. However you shouldn't need to for this application. You just use it to boot- strap the real code.
You are beginning to convince me.
(I am deeply envious of your legal right to post this code, however. Now, why was it that we broke away from the Mother Country?)
I would like to see a longer exposition of your approach. Given a hostile environment, how would I operate a small anonymous perl coding service using your techniques?
Once you've bootstrapped to your cryptoanarchists toolkit, you can have anything you want, even a virtual TCP/IP layer, a hidden level of TCP/IP in stego data. TCP/IP itself is a likely candidate for a stego carrier. Non-predictable sequence nos are required to stop things like the spoofing attack, and so are perfectly plausible.
Once we get to everyone having enough bandwidth, lots of people with permanent connections, lots of people using video conference software, audio, downloading feature length films, etc. there's no stopping crypto anarchy. The LSbits in that lot would make a fairly responsive subliminal channel by todays standards.
I am finding this all very persuasive, although I am still suspicious of stegonagraphy. It would be cool to have an exact specification and working machine. This might even be easy enough to operate that non-technical people could learn how to do it, which implies that there could be large numbers of practicing cryptoanarchists. What we need is an experiment. Let's pick a country with a near police state and design a system so that people in that country can freely and securely communicate with each other and the outside world with minimal chance of arrest. Once the system is available, we can see if it succeeds in the field. I'll leave others to suggest the target.
Don't forget to tell me how I get paid and when I get to spend my "ill-gotten" gains and how nobody will notice that I am doing it.
You get paid in ecash, paid on the BlackNet bank. You take a holiday to a tax-haven and get paid off by a getting "lucky" at a BlackNet affiliated casino. The casino takes a their "currency exchange fee", and you get US$. Translations into paper currencies, I'll admit are the weak link if you need paper currencies.
However there are two ways to get anonymous electronic cash, either you start with anonymous electronic cash, or you add the anonymity afterwards via `privacy brokers', once there are a few dozen systems, and trillions flowing around using these systems, it's going to be hard to keep track of it all.
I still think the eventual payoff is a weak point, but it does make me think that in order to stop cryptoanarchy, foreign travel and foreign communication would have to be tightly controlled. If steganographic evidence is the only evidence that can be collected (and RC4 is strong) then it would be necessary to give the authorities great flexibility. Which means that it is beginning to look more and more like a bona fide police state as Tim suggested. While payment is a weak point, there are many cryptoanarchic activities that don't involve payment, such as participating in mailing lists, which people may like to do even when their governments disapprove. Anyway, you have certainly given me a lot to think about. I still have some doubts about safety from tempest attacks and the like, but my basic claim that you can stop cryptoanarchy without full deployment of a police state is looking weak to me right now. Peter Hendrickson ph@netcom.com
Once you've bootstrapped to your cryptoanarchists toolkit, you can have anything you want, even a virtual TCP/IP layer, a hidden level of TCP/IP in stego data. TCP/IP itself is a likely candidate for a stego carrier. Non-predictable sequence nos are required to stop things like the spoofing attack, and so are perfectly plausible.
Once we get to everyone having enough bandwidth, lots of people with permanent connections, lots of people using video conference software, audio, downloading feature length films, etc. there's no stopping crypto anarchy. The LSbits in that lot would make a fairly responsive subliminal channel by todays standards.
I am finding this all very persuasive, although I am still suspicious of stegonagraphy.
The above presumes that you can plausibly use good quality random number generators. You need to because that is the problem specification: you need the TCP sequence nos to be unpredictable. However, playing along with possible LE avenues of attack, one avenue of attack might be to require strong PRNG seeds to be handed over to the Feds. Or more specifically they might require that anything computer generated which was unpredicatable to be made predicatable for the government. Still it seems unlikely that all subliminal channels could be blocked, and you still have inherently noisy text, audio, and image files.
It would be cool to have an exact specification and working machine.
This might even be easy enough to operate that non-technical people could learn how to do it, which implies that there could be large numbers of practicing cryptoanarchists.
A very good idea. There was some discussion of this kind of thing a while back about doing this for Singapore. The suggestion at the time was not to do it perfectly, but rather to arrange something simple to allow people to circumvent the censorship enforced through their compulsory use of a government censored web proxy.
What we need is an experiment. Let's pick a country with a near police state and design a system so that people in that country can freely and securely communicate with each other and the outside world with minimal chance of arrest. Once the system is available, we can see if it succeeds in the field. I'll leave others to suggest the target.
I would suggest starting with remailers, rather than interactive traffic such as web traffic would be the easier target. Might even present a positive spin in the press for anonymity and remailers for a change. So what good stego techniques are there for text. Do singaporeans use a non ascii character set? (As the Chinese use things like Big5 encoding). Anyone know of any features of the character set that Singaporeans use which could be used for a subliminal channel?
However there are two ways to get anonymous electronic cash, either you start with anonymous electronic cash, or you add the anonymity afterwards via `privacy brokers', once there are a few dozen systems, and trillions flowing around using these systems, it's going to be hard to keep track of it all.
I still think the eventual payoff is a weak point, but it does make me think that in order to stop cryptoanarchy, foreign travel and foreign communication would have to be tightly controlled.
Lets give a simple example of a way to create an anonymous payment system from a fully traced payment system. Say that an anonymous privacy broker started a privacy club. In this club, the participants place into the pot $100 traceable ecash. The privacy broker shuffles the $100 payments, and hands them out. The privacy brokers reputation, or the algorithms ensure that the broker can't cheat and abscond with money.
While payment is a weak point, there are many cryptoanarchic activities that don't involve payment, such as participating in mailing lists, which people may like to do even when their governments disapprove.
Sure, if you keep cypherpunks list going even after crypto discussions have been outlawed, you can keep discussions, and then the ammount of ecash usage, and bandwidth may be more condusive to working out anonymous payment systems. Adam -- print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`
participants (2)
-
Adam Back -
ph@netcom.com