Cryptoanarchy
From Telecomix Crypto Munitions Bureau
Crypto anarchism, cryptoanarchy and crypto-anarchism are three words that can mean a wide variety of different things.
Crypto-anarchism is a branch of anarchist philosophy that focuses on the use of technology to protect privacy as a means to assert autonomy from government and non-state actors interference with applications in communications, currency, commerce, and information security.
A crypto-anarchist is a person who consciously uses cryptographic methods for bringing about a more anarchist (meaning decentralized and decoupled form of political power) society. A crypto-anarchist may have one or more interests in cryptography, communications, computers, software, social causes, online rights, and the ability of technology to solve some of the problems humans face.
Many crypto-anarchists ascribe to the anarcho-capitalist or free market economic point of view that encourages individual entrepreneurship. There is little or no reference in the available literature of crypto-anarchists subscribing to the view of disavowing the profit motive for a humane and libertarian society typical in anarchist and communist literature. They are also universally in support of freedom of speech.
Cryptography itself can be used with suitable communications protocols (e.g., RSA, Diffie-Hellman protocol, perfect forward secrecy, etc) makes it possible to communicate privately and securely.
In general crypto-anarchists view government laws as a cynical expression of corporate influence yet the laws of mathematics that make modern cryptography possible is what describes our reality. We can proceed to exploit this difference in order to undermine corrupt authorities. Software that uses public key cryptography makes it very difficult for unintended persons to monitor what people say to each other. This provides a platform for freedom of expression and anonymity.
Being able to communicate securely is the foundation that Internet commerce and modern business was created on. The first papers discussing the possibility of a crypto-anarchism were published by David Chaum in the 1980's and later by Tim May, people began thinking through the ramifications of new systems where the influence of state authorities wanes or no longer exists. Such systems can span anything from computer networks that do not rely on a centralized computer network like DNS servers (e.g., I2P), cryptography-based monetary systems that do not rely on any bank or authority for it to function (e.g., bitcoin), marketplaces for trade, and other services. All such decentralized and distributed systems rely on self-organization.
[edit] Primary goals of crypto-anarchism
- Promote the existence of "cipherspace," fully encrypted communication channels or systems.
- To encourage the public to utilize private communication between two or more parties for a long enough time period to be irrelevant to any third-parties when the information is extracted from the messages.
- To promote free markets without government auditors, regulations, and taxes.
- Encourage the growth of open source and decentralized communication projects (such as Operation Meshnet).
- Promote cryptographic education and raise privacy awareness.
- Discourage the use of known insecure systems and ciphers.
The goals listed above are tightly coupled with each other. Anonymity, pseudonymity and privacy are the keys to ensure freedom of communication.
[edit] Side-effects of crypto-anarchism
- Successful prosecution of crimes decrease due to the use of cryptography.
- Whistleblowing becomes easier.
- Copyright becomes more difficult to enforce, since it is not possible to prove that someone even has sent a copyrighted file to anyone else. It thus becomes pointless to have a political discussion about it. '
- A variant of anarcho-capitalism. It is possible to exchange some digital currencies with other people (or software agents), resulting in a new economic model. The largest project in this area is a crypto-currency called bitcoin. Markets that do not follow national laws exist, most notably silkroad (requires TOR).
- Governments receive less tax revenue due to transactions taking place with crypto-currency.
- Political opposition groups are less under threat from having their plans monitored or seized.
[edit] Software
In general, crypto-anarchists only advocate the use of open source software. Not being able to review the source code of software for malicious code makes closed source applications and operating systems a completely unacceptable position. There are various kinds of "free" software that vary by license but the best for crypto-anarchist purposes is the GPL.
Sample programs used by crypto-anarchists:
GPG
Tor and I2P are probably the most joyful algorithms out there. Just download and install. And maybe read the documentation. Or ask the pseudonymous helpdesk.
cjdns
TOR
TorChat
OTR
LUKS
Truecrypt
Bitlocker
FileVault
OpenVPN
Dovecot
[edit] Very short history of crypto-anarchism
1976 -- Diffie and Hellman published "New directions in cryptography". The paper begins with the words: "We stand today at the brink of a revolution in cryptography." The Diffie-Hellman protocol that is described in the paper is a simple key-exchange protocol that allows two persons to exchange a secret over an insecure channel. Their paper pretty much creates the science needed to enable crypto-anarchism.
1978 -- The RSA crypto was published. RSA can be used to verify the identity (signature) of a pseudonym, as well as encrypt data so that only the intended receiver is able to decrypt it. RSA was secretly invented by the UK GCHQ a few years earlier but was never made available to the public.
1981 -- David Chaum published a paper describing anonymous remailers. Within years, the theory had resulted in a group of practically usable systems for anonymous and pseudonymous communications via e-mail. These systems were called Chaum Mixes and are the foundation of the later communication systems.
The Cypherpunk movement briefly had its famous moments during the 80ies and early 90ies, as they were the first to start experimenting with the systems. The cypherpunks came up with the word crypto-anarchism, and described it as a form of anarcho-capitalism since they figured that it would be possible to transmit digital money anonymously using these technologies.
1992 Cypherpunks become well known
1994 SSL 1.0 gets released
2009 Bitcoin white paper is released by Satoshi Nakamoto
During the 1990's a series of other systems emerged that expanded David Chaums ideas to also include real-time communication: TOR was created by the US Navy and later made into an open source project hosted by the Electronic Frontier Foundation. I2P originally came from the Inivisible Internet Project as some sort of continuation of their privacy-enhanced IRC network. A series of other systems was also invented during this time. Among them was Freenet, Gnunet, Entropy and a bunch of other communication networks.
Up until 1992, munitions export control laws in the US defined cryptography among products such as cruise missiles and nerve gas that was prohibited to leave the country without government permission. Pretty Good Privacy (PGP) helped to undermine these laws, until they were finally repealed. The Telecomix Crypto Munitions Bureau borrowed its name from the munitions export laws.
The 1990-2000ies had a number of centralized anonymous banking solutions. Yodelbank was probably the largest and longest running bank. It publicly stated on its web page that it did not follow any laws, but instead referred to a libertarian manifesto. Yodelbank operated on top of a group of semi-anonymous banks and digital gold currencies. It is impossible to know, but there seems to have been almost no one using these banks. One large problem was that it was impossible to stop whoever owned the bank to just disappear with all the money. There was some experimentation with decentralized monetary systems that did not rely on an authority and in 2009 a paper proposing the Bitcoin protocol was made available and shortly afterwords made into a working currency system.
From a historical perspective, crypto-anarchism prior to 2009 was largely a theoretical set of possibilities these days we have moved beyond that into actually practicing it.
[edit] Key technologies
- Key-exchange protocols
- Public-key cryptography (for privacy and to manufacture pseudonyms)
- Chaum-Mixes (making it difficult to trace who is communicating with whom)
- Onion routing (extends chaum mixes, making it real-time)
- Garlic routing (extends onion routing, making it even more difficult to trace peoples identities)
- Distributed hash tables (for creating decentralized, distributed and self-organizing networks)
[edit] Why is it named crypto-anarchism?
Because the main focus of crypto-anarchism is modern cryptography used in an anarchist context.
[edit] More information
- the Wikipedia page on crypto-anarchism
- #cryptoanarchy @ irc.telecomix.org
- Apocryphia - The Apocryphal Machinery of Ciphernautics
- Anarplex - Anarplex crypto-anarchist collective anarplex.net
- Agorist Radio
- Cryptoparty - an informal gathering to drink and learn about crypto programs.
[edit] Films, Games, and Literture
The crypto-anarchist genre is closely related to interest in subject matter in hackers, cyberpunk, steampunk, and science fiction.
Alongside Night 1977
A Cypherpunk's Manifesto Eric Hughs 1992
Snow Crash Neal Stephenson
The Diamond Age Neal Stephenson
Cryptonomicon Neal Stephenson
The Crypto Anarchist Manifesto Tim May 1992
Second Realm
The Matrix
Deus Ex Human Revolution
Cryptograms- pen and paper cipher riddles.
[edit] Crypto-anarchist Problems and caveats
Anything written, spoken, or done in a cipherspace can still be retained and used as evidence of wrong doing in a court of law, no amount of cryptography can protect you from courts or lawyers but cryptography can help limit the consequences. Bear in mind that if you are being investigated, knowingly destroying evidence is also illegal.
Crypto-anarchism is largely concerned with digital communications and as such has not been much concerned about analog (radio, ham operators) and offline communication systems, such as pen and paper cryptosystems that are useful for prisoners.
People are still vulnerable to "rubber hose crypt-analysis," a macabre reference to being beaten with a rubber hose until revealing the keys of an encrypted message or system. There is a point when anyone will talk given enough torture persuasion.
Some countries (UK, US civil court) have passed laws requiring suspects to hand over login information to encrypted devices or face long jail time. As long as it is in their interests to do so countries will send your encrypted system to a forensics professional who will use very effective means to crack your system.
Some cryptographic tools are hard to use or a pain to setup (gpg protected email or Public Key Infrastructure, for example) and ease of use problems have all but stopped adoption by anyone except those required to do so by law or for work.
Also, since all cryptographic systems exhibit weaknesses to analysis over time, a message for example encrypted with the industry standard enciphering methods of 2012 may be completely readable by a third party at some point in the future. The advent of new technologies like quantum computers will also require big changes to cryptographic ciphers people use.
Many are unaware of the tools needed to protect their communications. It is perceived as simpler to use facebook than to use a forum at I2P or TOR. Lack of publicly available solutions that make it really simple for everyone to use crypto-anarchist tools is a big problem.
There are hardly any known crypto-anarchist collectives in 2012. This lack of visibility and the seemingly advanced level of technical expertise needed to become a crypto-anarchist has made the crypto-anarchist current a fringe philosophical outlook largely relegated to disparate online web sites. This is beginning to change with the launch of social gatherings called #cryptoparty's but much more work has to be done to move crypto from a largely academic and professional setting into the everyday lives of most people.
More work needs to be done to move modern cryptography standards away from government agencies (NSA, NIST) and into non-profit foundations and from centralized and easily undermined public key infrastructure of Certificate Authorities that online commerce is based on.
[edit] Known Crypto-Anarchist Groups
Telecomix
Anarplex
Anonymous (arguable)
[edit] Allies
Although not crypto-anarchist specific, organizations known to be aligned with the spirit and goals of crypto-anarchy include the Electronic Frontier Foundation, The P2P Foundation, Free Software Foundation, Gentoo Foundation.
[edit] The Four Horsemen of the Infocalypse
The following section does not have to do with crypto-anarchism proper but is an example of how the enemies of privacy evoke fear to suppress the use of modern cryptography.
The four horsemen of the infocalypse was a phrase invented back in the 80s to describe the threats to Internet freedom used by politicians to curtail online privacy. Whenever a politician references any of these four horsemen, it seems that just about any law will get passed without further discussion.
The four horsemen of the infocalypse are
- Child pornography
- Drug dealers
- Organized crime
- Money laundering
Other horsemen that did not belong to the original 1980s definition
- Anti-abortion/pro-abortion
- Profit losses for media companies
- National security
- Online gambling
- Terrorism
- Gun control
It does not really matter which horsemen we have listed, the purpose of discussing the horsemen is that they seem to cause instant moral panic, which can be used to justify just about any form of surveillance and censorship. Few people are prepared to publicly defend free speech when confronted with politicians that use child pornography as their main argument. Because of peoples fears to publicly speak out against this behavior, the four horsemen of the infocalypse is sometimes thought of as the largest threats to crypto-anarchism.
Examples of politicians using the four horsemen:
- SMILE29, accepted by the EU parliament in 2010.
- Italian MEP Tiziano Motti proposes mandatory surveillance of all digital communications. 2011.