True Names and the Opening of the Cyberspace Frontier (4 page)

I cannot help but feel ambivalent at the prospect of this brave new world, in which I will be a small part of a symbiotic organism that I can barely comprehend. But then, I am a product of another kind of society, one that celebrates the individual. My sense of identity, my very sense of survival, is based on a resistance to becoming something else. Just as one of my hunting-gathering ancestors would surely reject my modern city life, so do I feel myself rebelling at this metamorphosis. This is natural. I imagine that caterpillars are skeptical of butterflies.

As frightened as I am by the prospect of this change, I am also thrilled by it. I love what we are, yet I cannot help but hope that we are capable of turning into something better. We humans can be selfish, foolish, shortsighted, even cruel. Just as I can imagine these weaknesses as vestiges of our (almost) discarded animal past, I can imagine our best traits—our kindness, our creativity, our capacity to love—as hints of our future. This is the basis for my hope.

I know I am a relic. I am a presymbiotic kind of person, born during the time of our transition. Yet, I feel lucky to have been given a glimpse of our promise. I am overwhelmed when I think of it … by the sweet sad love of what we were, and by the frightening beauty of what we might become.

True Nyms and Crypto Anarchy

Timothy C. May

One of the biggest issues in cyberspace these days, one that will continue to be an issue as long as there is such a venue as the Internet, is the safety of communication from prying eyes. In the detailed and persuasive essay that follows, Tim May, formerly a physicist at Intel and one of the founding members of the Cypherpunks, discusses the big issues involved—invasion of privacy, the specter of government interference in personal affairs, the use of electronically forwarded information by a variety of people, entities, and organizations for purposes other than those intended by the forwarder … these are all issues of tremendous importance to anyone who uses the Internet—and that means just about everyone, in one way or another.

In a previous age, these issues were not of such great importance, for there was never the possibility that anyone could find and gather enough information to do harm to others in the ways that are now possible with the Internet. Today, however … Read Tim May's essay and you'll never feel quite as safe as you did a moment before you read these pages. This article was written in 1996.

 

 

 

The Impact of
True Names

“True Names” came to my attention in 1986, when a friend of mine gave me a dog-eared Xerox copy and said “You need to read this.” But before I even started reading this samizdat edition, the Bluejay Books trade paperback edition appeared and that's what I read, saving my eyesight and giving Vernor Vinge his proper cut of the action.
True Names
certainly riveted me, and it fit with other developments swirling around in computer circles at the time. Namely, digital money, anonymous e-mail, and all of the other issues connected with “strong cryptography” and “public key cryptography.”

Some friends were setting up a company to develop “information markets” for the Net, though this was half a dozen years before the World Wide Web and wide public access to the Internet. It was clear to me that the ideas of anonymous interaction, reputation-based systems, digital pseudonyms, digital signatures, data havens, and public-key encryption in general would all be important for these markets in cyberspace. The work of Holland-based David Chaum, an American cryptographer who developed most of the early ideas about digital money and untraceable e-mail, looked to be of special relevance. Chaum's work on untraceable electronic cash, reported in a 1985 “Communications of the ACM” cover story (November 1985), sparked the realization that a digital economy could be constructed, with anonymity, untraceability, and ancillary anarcho-capitalist features, such as escrow agents to hold money for completion of services, reputation rating services and tools, and “persistence” for various kinds of constructs. In other words, a cryptographically based version of Vinge's
True Names,
and even of Ayn Rand's “Galt's Gulch” in
Atlas Shrugged.

The full-blown, immersive virtual reality of
True Names
may still be far off, but the technologies of cryptography, digital signatures, remailers, message pools, and data havens make many of the most important aspects of
True Names
realizable today, now, on the Net. Arguably, Mr. Slippery is already here and, as Vernor predicted, the Feds are already trying to track him down. In 1988 these ideas motivated me to write and distribute on the Net “The Crypto Anarchist Manifesto,” a section of which is quoted here:

“A specter is haunting the modern world, the specter of crypto anarchy.

“Computer technology is on the verge of providing the ability for individuals and groups to communicate and interact with each other in a totally anonymous manner. Two persons may exchange messages, conduct business, and negotiate electronic contracts without ever knowing the True Name, or legal identity, of the other. Interactions over networks will be untraceable, via extensive re-routing of encrypted packets and tamper-proof boxes which implement cryptographic protocols with nearly perfect assurance against any tampering. Reputations will be of central importance, far more important in dealings than even the credit ratings of today. These developments will alter completely the nature of government regulation, the ability to tax and control economic interactions, the ability to keep information secret, and will even alter the nature of trust and reputation.”

These ideas have evolved over the years since this was written, but the basic ideas remain unchanged. The Cypherpunks group has been instrumental in implementing many of the concepts.

In this article I'll be exploring some of the implications of strong cryptography and crypto anarchy and the connections with
True Names.
Because this article will be in a book, with presumably a shelf life of many years, I'm avoiding giving specific article citations and URLs to Web sites, as they tend to change quickly. Searching on the names of authors should be a more reliable way of finding current locations and information.

Cypherpunks

The time was right in 1992 to deploy some of these new ideas swirling around in the cryptography and computer communities and reify some of these abstractions. Eric Hughes and I gathered together some of the brightest folks we knew from the annual Hackers Conference and from the Bay Area computer community to discuss the implications of these ideas, and to look into translating some of the academic work on cryptography into real-world programs. The initial meeting led to larger, monthly meetings, and to an active mailing list. Jude Milhon suggested the pun “Cypherpunks,” a play on “cyberpunk” and on the British spelling “cypher.” The name stuck, and the Cypherpunks mailing list has been active ever since. It was on this list that several of the most important security breaches in Netscape and other Internet programs were revealed, and the Cypherpunks list has played an important role in the ongoing cryptography debate, including fruitful discussions of the Clipper chip, key escrow, export laws, private access to strong cryptography, the implications of digital money, and other issues. We were also fortunate that Phil Zimmermann's Pretty Good Privacy, or PGP, appeared in a usable form just as we were getting started. PGP is the leading user-friendly encryption program, available on nearly all platforms, and it was used as a building block for many of the cryptographic tools we and others developed.

The Cypherpunks group is also a good example of a “virtual community.” Scattered around the world, communicating electronically in matters of minutes, and seemingly oblivious of local laws, the Cypherpunks group is indeed a community; a virtual one, with its own rules and its own norms for behavior. Some members use pseudonyms, and use anonymous remailers to communicate with the list, using PGP to digitally sign posts. These digital pseudonyms are in some sense their true names, their “true nyms.” On the Cypherpunks list, a number of well-respected nyms have appeared and are thought of no less highly than are their “real” colleagues. The whole subject of digitally authenticated reputations, and the reputation capital that accumulates or is affected by the opinions of others, is one that combines economics, game theory, psychology, and expectations. Reputations play a critical role in how anonymity and pseudonyms work in cyberspace; many of the predicted problems with nyms vanish when reputations are taken into account.

There were several books we frequently recommended to new members:
True Names
led the list, along with John Brunner's
Shockwave Rider,
Orson Scott Card's
Ender's Game,
Neal Stephenson's
Snow Crash,
Hakim Bey's
TAZ,
and, of course, various cryptography and computer references, notably Bruce Schneier's
Applied Cryptography.
At our first meeting, in fact, we simulated some of the notions out of “True Names,” using cryptographic protocols. Most of the issues about pseudonyms, digital personas, and anonymity have since been explored directly using “Cypherpunks remailers” and related technologies.

Anonymous Remailers

Anonymous remailers, also called digital mixes, provide an excellent example of the possibilities inherent in cryptographic technology. David Chaum originally developed most of the important ideas in a 1981 paper on “Untraceable E-Mail,” years before e-mail achieved the wide prominence it now has. And he later refined the ideas in a paper on so-called “DC-Nets,” an interesting topic a bit beyond the scope of this article.

There are many reasons people may wish to occasionally communicate without being traced or identified. A digital pseudonym is obviously useless if e-mail programs identify the origin of e-mail. People may wish to be anonymous for many reasons: privacy, fear of reprisal by employers or other groups, avoidance of profiles of their activities and interests, posting to controversial newsgroups or support groups (such as “alt.recovery” or rape and incest recovery groups), whistleblowing, and floating of controversial ideas. Writers have long used pseudonyms for some of the same reasons. (And the U.S. Supreme Court ruled in 1956 that writers may not be compelled to put their true names on their writing.)

To see how anonymous remailers work, imagine a person—call her Alice—trying to avoid being followed by someone—call him Bob. Wherever she goes, Bob follows. As she enters a store, Bob waits outside and watches for her to leave, and picks up the tail. However, suppose she enters a large department store, along with many others, and emerges some time later with many others, wearing different clothes and generally not being recognizable. Bob has no idea of which person leaving the store is Alice, and so he must either give up the tail, or follow all of the people leaving the store. She repeats this process many times, each time becoming more and more “mixed” with others. With even a small number of such mixings, the number of paths Bob must follow can become astronomically high. Alice has thus used department store mixes to shake her tail.

This is the way anonymous remailers or digital mixes work. An e-mail message is sent to a remailer, encrypted to the public key of the remailer operator or his machine. The contents of the message look essentially random to any observer (who might be tapping the lines, for example). The remailer operator decrypts the message, holds it for some period of time or until sufficient other messages have accumulated, adds any needed padding to make the message size not a correlatable factor, and sends the accumulated messages out to their next destinations. Very importantly, the messages he remails are usually encrypted by the originator to the
next
remailer's public key, so any given remailer cannot read the contents of any message. Nor can any remailer in the chain modify the messages, or tag them in any way (as any modifications would make the message unreadable, undecipherable, by the next remailer in the chain). Using encryption at each stage completely obscures the mapping between origin and destination, to both the final recipient and to all of the remailers. The recipient receives only the “innermost” message, with all of the earlier stages progressively stripping off headers. Any given remailer can only open the envelope “addressed” (encrypted) to him, and cannot read the messages that remain in the text block he does see … all he can do is read the next destination, which is included in the clear. Think of envelopes within envelopes, each addressed to a particular remailer.

The originator of a message decides on a chain of remailers he plans to use, encrypts and addresses his messages in reverse order, and then sends the resulting message to the first remailer, who decrypts it and sends the result to the next remailer in the chain, and so forth. If, for example, the originator picks five remailers, and each remailer waits until ten messages have been accumulated before forwarding the accumulated batch, then in theory there are upward of one hundred thousand possible routings to be followed. There are not usually this many messages, so the correlation problem is not quite this hard. But any attempt at tracing the message is still effectively thwarted, unless the various remailers collude or are instructed by authorities to report all of the mappings between arriving and departing messages. Using some offshore remailers is an effective bar to this latter attack. And some people publish regular lists of remailers, with the results of ping tests, latency time measurements, reliability, etc.

The first Cypherpunks remailers were initially written in Perl and C by Eric Hughes and Hal Finney. They allowed e-mail to be sent to a remailer, have its origin stripped off, and then be remailed to a selected destination, including other remailers. They were first deployed in 1992, and by 1996 several dozen existed. These were used to anonymously publish (“liberate”) ciphers that had not previously been published, to publish secrets of the Church of Scientology, to disclose a few military and security secrets, and, not surprisingly, for flames, insults, and anonymous attacks. Ideally, no mapping is kept of who sent what mail, so court orders and lawsuits are ineffective in revealing the identities of those sending mail. Further, hardware-based digital mixes, i.e. sealed modules with a public key present only inside the module and unreadable by outsiders, will mean no human is even involved in the process, even as a system administrator. Long chains of such mixes, operating quickly on highspeed networks, should make the task of tracing messages even more intractable. A commercial implementation of a digital mix, called MixMaster, is available; users can install such “instant mixes” on their Internet boxes and become remailers. This turns out to be a good example of what a simple application of strong cryptography, using PGP, can do. The Perl and C code is short and simple, and the security of the entire chain depends solely on the unbreakability of encrypted messages, on the number of hops, and on the unlikelihood of collusion between the various remailers. (If all of the remailers were to get together and compare notes, the system would of course be broken. But as the number of remailers increases, this strategy becomes less and less effective. Also, one can always remail messages through oneself, thus defeating most collusion or tapping efforts.)

Other books

Pinky Pye by Eleanor Estes
A Montana Cowboy by Rebecca Winters
A Sword for a Dragon by Christopher Rowley
The Alpha's Cat by Carrie Kelly
House of Memories by Taylor, Alice;
Stripped Down by Anne Marsh
Desperate Choices by Kathy Ivan
Dragon Awakened by Jaime Rush