Here are the two short sidebars that accompany the Village Voice article on Cypherpunks et al. Posted by and with the permission of the author. The first contains some of the more practical information that Tim May was wondering about, though it does not point anyone towards ftp sites, mailing lists, or anything as concrete as that. I didn't know whether you all would appreciate an influx of "left-biased" :-) crypto-naifs flooding in here as a result of my posting the list address, so I refrained. Also didn't think advertising locations for PGP was a good idea, given the legal hassles that might result to people doing the distribution. But if any of you think I was being overscrupulous, I encourage you to write the Voice with further information and I will do my best to see the letter gets published. BUILDING A BETTER MONKEY WRENCH Contrary to the conventional wisdom of an age gone cuckoo for ``smart'' technology, Luddism is neither dead nor beside the point -- it's just gotten smarter. The Cypherpunks and other cryptography hackers are model practitioners of a new, techno-savvy Luddism, implementing and popularizing sophisticated gadgets that could short-circuit the awesome surveillance capabilities built into cyberspace without harming its equally awesome power to connect individuals. Long-term, these brave new tools will do more to keep Big Brother out of your business than any legislation can, so you owe yourself at least a cursory understanding of how they work. The following primer should jump-start you. Read it and get smart. PUBLIC-KEY CRYPTOGRAPHY: Most encryption schemes require sender and receiver to agree on a secret encoding number, or key, before communication. This increases vulnerability, since that first message establishing the key can't itself be encrypted. Public-key systems, invented in 1975 by Ur-cypherpunk Whitfield Diffie along with Martin Hellman, have no such requirement, making them ideal for the highly snoopable channels of computer networks. In public-key crypto, everybody creates two keys, one published for all the world to read, and one kept absolutely secret. Whatever's encrypted with the first can only be unlocked with the second. Thus, if you want to send someone a secret message there's no need to make prior contact -- you just look up that person's public key and use it to encrypt the text. Current usage: The free public-key encryption program PGP is one of the most popularly deployed crypto tools in the on-line world, with PGP public keys rapidly becoming the electronic superhighway's equivalent of vanity plates. ANONYMOUS REMAILERS: These systems aim to conceal not the contents of a message but its source. A remailer is a network-connected computer that takes in e-mail, then sends it on to a destination specified in attached, encrypted instructions, thus placing a veil between sender and receiver. If the message is sent through a chain of even a few remailers, the veil quickly becomes rock solid, guaranteeing the sender's anonymity. Current usage: The Cypherpunks maintain a working anonymous remailer chain, but the most active are the one-hop systems used by participants in public on-line discussions of bondage, foot worship, and assorted other predilections they might not want their computer-literate boss/parents/neighbors to know about. DIGITAL SIGNATURES: In the fluid world of digital info, how do you verify that a message is really from whom it claims it's from? Turn public-key cryptography inside out, that's how. Have the sender encrypt the message with her private key, then let the receiver try to decrypt it with the sender's public key. If the decryption comes out clear, then the sender's identity is confirmed -- without revealing her private key or even, if the public key is attached to a pseudonymous but otherwise trustworthy on-line persona, her physical identity. This is more or less how digital signatures work. Current usage: mainly in corporate and bureaucratic settings, though all good Cypherpunks try to make a habit of e-signing their e-mail. ELECTRONIC CASH: Imagine the convenience of credit cards combined with the anonymity of cash. Imagine a microchip-equipped debit card that instantly deducts transactions from the user's bank account, yet does so without revealing the payer's identity to the payee or linking payer and payee in the bank's records. Imagine these mechanisms set loose in the world's computer nets, converting great chunks of money supply into fast, loose, digital e-cash. The wizardry of public-key crypto can make all this happen and probably will. Current usage: experimental, mostly. Denmark, however, is gearing up to implement an encrypted smart-card system, based on the ideas of crypto-hacker David Chaum, who holds patents on most e-money applications. -- TALE FROM THE CRYPTO WARS The high weirdness of the military's code-busting censorship moves peaked in World War II, but didn't end there. It was during the Gulf War, in fact, that military censors made one of the strangest additions to their already strange list of banned communications: the Navajo language. A small number of Navajos, it seems, wanted to send broadcast greetings in their native tongue to loved ones stationed overseas, but Armed Forces Radio refused to pass the messages along. Once again, the mere possibility of enemy signals lurking in the noise was too much for the censors to bear. ``We have a responsibility to control what's on the radio,'' said the lieutenant colonel in charge, ``and if I don't know what it says then I can't control it.'' In the ripest of ironies, however, it turns out that the only nation ever known to have used Navajo as a cover for secret communications was the United States itself. Throughout World War II's Pacific campaign, the Marine Corps made heavy and effective use of its Navajo codetalker units--teams of Navajo radiomen who spoke a slangy, cryptic patois difficult even for uninitiated Navajos to grasp, and ultimately impossible for the Japanese to decode. Today the codetalkers remain legendary figures on the rez and beyond -- legendary enough indeed that New Mexico congressman Bill Richardson, wielding the memory of their exploits, finally shamed Armed Forces Radio into lifting its ban and letting Navajo greetings reach the Gulf. It's a familiar story. Prized and feared for its impenetrable otherness, Navajo has met the same uneasy fate reserved for all true difference in a country that both prides itself on cultural diversity and insistently suppresses it. But in its blurring of the lines between language and secret code, Navajo's passage through the belly of the military beast hints at one way out of America's terminal cultural ambivalence. As arch-Cypherpunk John Gilmore has argued, committing to universally accessible encryption is one way for our society to finally take the ideal of diversity seriously -- backing it up ``with physics and mathematics, not with laws,'' and certainly not with the lip service it's traditionally honored with. Cryptography could guarantee us each a language of our own, which no censor, military or otherwise, could hope to silence. -- ********************************************************************* Julian Dibbell julian@panix.com *********************************************************************