wallet/docs/cypherpunk_program.html

<!DOCTYPE html>
<html lang="en"><head>

	<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
	<style>
		p.center {
			text-align:center;
		}
	</style><title>The Cypherpunk Program</title></head><body>

<p><a href="./"> To Home page</a> </p>

<h1>The Cypherpunk Program</h1><p>

Timothy C. May summarized the plan as</p>
<blockquote><p>

“Crypto Anarchy: encryption, digital money, anonymous
networks, digital pseudonyms, zero knowledge,
reputations, information markets,  black markets,
collapse of government.&nbsp; </p></blockquote><p>

Which is intentionally obscure.&nbsp; The plan is to strike
at the state from the jungle of complexity, to strike at
the state from beyond the state’s intellectual and
temporal horizons.&nbsp; The evil minions of the state will
not be coming after cypherpunks, because they will not
understand what cypherpunks are doing, and because when
things start going bad for them the will not be able to
link cause and effect.&nbsp; </p><p>

Cryptography alone is insufficient to implement
crypto-anarchy.&nbsp; Correct understanding and
implementation of cryptography has proven to be hard, as
numerous embarrassing failures have demonstrated, but
correct understanding and implementation of cryptography
turned out to be only the beginning of what was
needed.&nbsp; </p><p>

Often secure cryptographic algorithms have been used to
construct insecure cryptographic protocols, as for
example the wifi protocol WPA personal, but worse than
that, correct cryptographic protocols, such as SSL, have
resulted in insecure behavior, because the protocol flow
failed to fit the user’s task flow. </p><p>

Successfully designing such systems requires a whole
system viewpoint – cryptographic protocols <em>and</em>
user interface <em>and</em> business models <em>and</em>
accounting principles <em>and</em> economic understanding
<em>and</em> understanding of computer mediated social
networking.&nbsp; </p><p>

The cypherpunk movement collapsed in the realization that
the problem was harder than it seemed, that mere
cryptography was insufficient.&nbsp; </p><p>

The cypherpunk movement produced a lot of cryptographic
tools, among them by own Crypto Kong, only to realize
that no one wanted  <em>cryptographic</em> tools.&nbsp; To
use a <em>cryptographic</em> tool, you have to
understand and think about what it is doing, understand
and think about the cryptographic primitives involved
every time you use it.&nbsp; Unfortunately, even committees
of experts tend to screw up when they attempt to
specify correct use of cryptographic primitives.&nbsp;  For
example the Wifi consortium got it badly wrong, then
having discovered their error as large numbers of
people started freeloading on other people’s wifi,
proceeded to get it wrong again.&nbsp;  Then they yet
another try, and proceeded to get it wrong all over
again.&nbsp;  The latest incarnation of Wifi, as I write this,
is WPA personal which is vulnerable to offline
dictionary attack, an attack that has been well known,
well understood, and the solutions to it well known for
a very long time.&nbsp; Similarly for DNSSEC, and IPSEC,
where time after time they got the cryptography correct,
unlike Wifi, but managed every time to produce non
solutions that no one could use or would use.&nbsp; </p><p>

No way can end users be expected to burden themselves
with such a task, when the experts fail over and over.&nbsp;
Rather, cryptography needs to be embedded invisibly in
tools that do user tasks, and make those tasks secure
without the end user ever thinking about cryptography.&nbsp;
SSH is the best example of a tool that works like this.
You never see a dialog box that relates to cryptographic
matters.&nbsp;  It is just secure.&nbsp; It acts the way people
expect it to act, and they don’t need to think about
the messy details of how it ensures  that hostile
adversaries cannot meddle and make things  fail in
unexpected ways.&nbsp; Similarly, Skype’s encryption is
invisibly embodied in a utility that people use to
communicate with each other, and no one should ever be
aware of it.&nbsp; </p><p>

If people use secure tools to mediate cooperation, and
the storage and creation of value, to do business, then
those tools will not only be secure against ordinary
criminals, but against governments – whereupon it becomes
hard for governments to collect taxes or regulate business,
hard for governments to intrude themselves in honest
peaceful activities.&nbsp; </p><p>

As soon as we produced the first not very satisfactory
versions of such tools, and early adopters came to use
them, we hit the second problem.&nbsp; The cypherpunk
program requires heavy reliance on value, exchange, and
promises to pay and deliver being computer mediated.&nbsp;
But computers are extremely insecure.&nbsp; One’s
computer is apt to come under the control of hostile
criminals.&nbsp; The computer virus and Trojan problem
makes it impractical to keep large amounts of value on
a computer.&nbsp; Similarly, the phishing problem makes it
difficult to have internet mediate relationships of
economic value.&nbsp; The anonymity that gives protection
against governments makes it alarmingly easy for people
to pretend to be what they are not.&nbsp; And then
we discovered that net centric anonymous or weakly
nymous money was violently unpopular because of
criminals flocking to it, provoking governments to shut
it down.&nbsp; </p><p>

And so, the cypherpunk movement collapsed.&nbsp; The remaining cypherpunks patiently
studied solutions to these problems, and, by and large,
solutions have been discovered, though these solutions
are not yet implemented, or the implementations are
not yet widely adopted, perhaps not yet ready for
wide adoption.&nbsp; </p><p>

The problems that shut down the cypherpunk movement are

</p><ol><li>Cryptography is hard, cryptographic protocols
that actually work are harder, and embedding those
protocols invisibly in utilities that do useful things
without the end user needing to know or think about
cryptography considerably harder still: To solve this we
need <a href="replacing_TCP.html">higher level tools
which automatically apply known sound protocols to the
particular case</a>, so that good cryptography can be a
routine and invisible part of good applications, without
requiring as much thought as it now does.</li>

<li>Computer insecurity, Trojans and malware: To
solve this, we need to restrict programs using the
<a href="./safe_operating_system.html">powerbox software
pattern</a></li>

<li>Phishing</li>

<li>Violently unpopular criminal misuse of net centered
money</li> </ol><p>

Few people use encryption technology today, because few
people have real need of it. </p><p>

Few people have real need of it, because there is no
reasonably liquid net money. People are not making, spending,
transferring, and promising, money through the net, so they
have little need to encrypt their messages or care for the
reputation of their nyms. </p><p>

And that is the big remaining battle and design issue: <a
href="net_money.html">net money</a> though even if we
designed and deployed a satisfactory net money, it would not
come to be widely used for large value transactions until
a <a href="safe_operating_sytem.html">secure operating
system</a> is created and deployed, it can still be created
and deployed for low value transactions such as file
sharing and spam control – one message client would charge
a very small amount to accept messages from people not one one’s white
list. The fee would be refunded if one does not classify
the message as spam.</p>

</body></html>