Why is cryptoanarchy irreversible?

Adam Back aba at dcs.ex.ac.uk
Wed Nov 13 12:05:50 PST 1996 


> > Once you've bootstrapped to your cryptoanarchists toolkit, you can
> > have anything you want, even a virtual TCP/IP layer, a hidden level of
> > TCP/IP in stego data.  TCP/IP itself is a likely candidate for a stego
> > carrier.  Non-predictable sequence nos are required to stop things
> > like the spoofing attack, and so are perfectly plausible.
> 
> > Once we get to everyone having enough bandwidth, lots of people with
> > permanent connections, lots of people using video conference software,
> > audio, downloading feature length films, etc. there's no stopping
> > crypto anarchy.  The LSbits in that lot would make a fairly responsive
> > subliminal channel by todays standards.
> 
> I am finding this all very persuasive, although I am still suspicious
> of stegonagraphy.

The above presumes that you can plausibly use good quality random
number generators.  You need to because that is the problem
specification: you need the TCP sequence nos to be unpredictable.

However, playing along with possible LE avenues of attack, one avenue
of attack might be to require strong PRNG seeds to be handed over to
the Feds.  Or more specifically they might require that anything
computer generated which was unpredicatable to be made predicatable
for the government.

Still it seems unlikely that all subliminal channels could be blocked,
and you still have inherently noisy text, audio, and image files.

> It would be cool to have an exact specification and working machine.
> 
> This might even be easy enough to operate that non-technical people
> could learn how to do it, which implies that there could be large
> numbers of practicing cryptoanarchists.

A very good idea.  There was some discussion of this kind of thing a
while back about doing this for Singapore.  The suggestion at the time
was not to do it perfectly, but rather to arrange something simple to
allow people to circumvent the censorship enforced through their
compulsory use of a government censored web proxy.

> What we need is an experiment.  Let's pick a country with a near
> police state and design a system so that people in that country
> can freely and securely communicate with each other and the outside
> world with minimal chance of arrest.  Once the system is available,
> we can see if it succeeds in the field.  I'll leave others to
> suggest the target.

I would suggest starting with remailers, rather than interactive
traffic such as web traffic would be the easier target.  Might even
present a positive spin in the press for anonymity and remailers for a
change.

So what good stego techniques are there for text.  Do singaporeans use
a non ascii character set?  (As the Chinese use things like Big5
encoding). Anyone know of any features of the character set that
Singaporeans use which could be used for a subliminal channel?

> > However there are two ways to get anonymous electronic cash, either
> > you start with anonymous electronic cash, or you add the anonymity
> > afterwards via `privacy brokers', once there are a few dozen systems,
> > and trillions flowing around using these systems, it's going to be
> > hard to keep track of it all.
> 
> I still think the eventual payoff is a weak point, but it does make
> me think that in order to stop cryptoanarchy, foreign travel and
> foreign communication would have to be tightly controlled.  

Lets give a simple example of a way to create an anonymous payment
system from a fully traced payment system.  Say that an anonymous
privacy broker started a privacy club.  In this club, the participants
place into the pot $100 traceable ecash.  The privacy broker shuffles
the $100 payments, and hands them out.  The privacy brokers
reputation, or the algorithms ensure that the broker can't cheat and
abscond with money.

> While payment is a weak point, there are many cryptoanarchic activities
> that don't involve payment, such as participating in mailing lists,
> which people may like to do even when their governments disapprove.

Sure, if you keep cypherpunks list going even after crypto discussions
have been outlawed, you can keep discussions, and then the ammount of
ecash usage, and bandwidth may be more condusive to working out
anonymous payment systems.

Adam
--
print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`

More information about the cypherpunks-legacy mailing list