16.28.1. first and foremost, the incredible bandwidth, the bits
sloshing around the world's networks...tapes being exchanged,
PCs calling other PCs, a variety of data and compression
formats, ISDN, wireless transmission, etc.
16.28.2. in the coming years, network traffic will jump a thousand-
fold, what with digital fax, cellular phones and computers,
ISDN, fiber optics, and higher-speed modems
- and these links will be of all kinds: local, private,
corporate, business, commercial, bootleg (unrecorded),
cellular radio, etc.
16.28.3. corporations and small groups will have their own private
LANs and networks, with massive bandwidth, and with little
prospects that the government can police them-there can be no
law requiring that internal communications be readable by the
government!
- and the revelations that Ultra Black has been used to read
messages and use the information will be further proof to
corporations that they need to adopt very strong security
measures
+ and "partnerships" can be scattered across the country, and
even internationally, and have great lattitude in setting
up their own communication and encryption systems
- recall Cargill case
- and also remember that the government may crack down on
these systems
16.28.4. AMIX-like services, new services, virtual reality (for games,
entertainment, or just as a place of doing business) etc.
+ many users will encrypt their links to VR servers, with a
decryption agent at the other end, so that their activities
(characters, fantasies, purchases, etc.) cannot be
monitored and logged
+ this will further increase the bandwidth of encrypted
data and will complicate further the work of the NSA and
similar agencies
- attempts to force "in the clear" links will be doomed
by the welter of PC standards, compression utilities,
cellular modems, and the like...there will be no
"cleartext" that can be mandated
16.28.5. steganography
+ in general, impossible to know that a message contains
other encypted messages
- except in stings and setups, which may be ruled illegal
+ the LSB method, and variants
+ LSB of DAT, DCC, MD, etc., or even sound bites (chunks of
sampled sounds traded on bulletin boards)
- especially of live or analog-dubbed copies (the noise
floor of a typical consumer-grade mike is much higher
than the LSB of DAT)
+ of images, Adobe Photoshop images, artwork, etc.
+ imagine an "Online Art Gallery" that is used to store
messages, or a "Photo Gallery" that participants post
their best photos to, offering them for sale
- Sturges case
- LSB method
+ gets into some theoretical nitpicking about the true
nature of noise, especially if the entire LSB channel is
uncharacteristic of "real noise"
- but by reducing the bandwidth somewhat, the noise
profile can be made essentially undistinguishable from
real noise
- and a 2 GB DAT produces 130 MB of LSB, which is a lot
of margin!
+ what could the government do?
- stings and setups to catch and scare off potential
users
- an attempt to limit the wide use of digital
data-hopeless!
+ a requirement for government-approved "dithering"?
- this would be an enforcement nightmare
+ and would only cause the system to be moved into
higher bits
- and with enough error correction, even audible
dithering of the signal would not wipe out the
encrypted signal
+ variants: text justification, word selection
- bandwidth tends to be low
- but used in Three Days of the Condor
+ virtual reality art may further enable private
communications
- think of what can be encrypted into such digital images!
- and user has total privacy and is able to manipulate the
images and databases locally
16.28.6. in the sense that these other things, such as the governments
own networks of safe houses, false identities, and bootleg
payoffs, will tend to hide any other such systems that emerge
+ because investigators may think they've stumbled onto yet
another intelligence operation, or sting, or whatever
- this routinely cripples undercover investigations
- scenario: criminals even float rumors that another agency
is doing an operation....?
16.28.7. Government Operations that Resemble Cryptoanarchy will
Confuse the Issues
- various confidential networks already exist, operated by
State, DoD, the services, etc.
+ Witness Protection Program (or Witness Relocation Program)
- false IDs, papers, transcripts
- even money given to them (and the amounts seem to be
downplayed in the press and on t.v., with a sudden spate
of shows about how poorly they do in the middle of middle
America-sounds like a planted story to me)
- cooperation with certain companies and schools to assist
in this aspect
+ Payoffs of informants, unofficial agents
- like agents in place inside defense contractors
- vast amount of tips from freelancers, foreign citizens,
etc.
- operators of safe houses (like Mrs. Furbershaw)
+ Networks of CIA-funded banks, for various purposes
- a la the Nugan-Hand Bank, BCCI, etc.
- First American, Bank of Atlanta, Centrust Savings, etc.
- these banks and S&Ls act as conduits for controversial or
secret operations, for temporary parking of funds, for
the banking of profits, and even for the private
retirement funds of agents (a winked-at practice)
+ Confidential networks over computer lines
- e.g., encrypted teleconferencing of Jasons, PFIAB, etc.
+ these will increase, for many reasons
- concerns over terrorism
- demands on time will limit travel (especially for
groups of non-fulltime committee members)
- these suspected government operations will deter
investigation
16.28.8. Encrypted Traffic Will Increase Dramatically
- of all kinds
- mail, images, proposals, faxes, etc.
- acceptance of a P-K mail system will make wide use of
encryption nearly automatic (though some fraction, perhaps
the majority, will not even bother)
+ there may even be legal reasons for encryption to increase:
- requirements that employee records be protected, that
medical records be protected, etc.
- "prudent man" rules about the theft of information (could
mean that files are to be encrypted except when being
worked on)
- digital signatures
- echoes of the COMSEC vs. SIGINT (or PROD) debate, where
COMSEC wants to see more encryption (to protect American
industry against Soviet and commercial espionage)
+ Selling of "Anonymous Mailers"?
- using RSA
+ avoiding RSA and the P-K patent morass
- could sell packets of one-time pads
+ no effective guarantee of security, but adequate for
many simple purposes
+ especially if buyers swap them with others
- but how to ensure that copies are not kept?
- idea is to enable a kind of "Democracy Wall"
+ prepaid "coins," purchased anonymously
- as with the Japanese phone cards
- or the various toll booth electronic tokens being
developed
16.28.9. Games, Religions, Legal Consultation, and Other "Covers" for
the Introduction and Proliferation of Crypto Anarchy
- won't be clear what is real encryption and what is game-
playing
- imagine a game called "Cryptoanarchy"!
+ Comment on these "Covers"
- some of these will be quite legitimate, others will be
deliberately set up as covers for the spread of CA
methods
- perhaps subsidized just to increase traffic (and
encrypted traffic is already expected to increase for a
variety of reasons)
- people will have various reasons for wanting anonymity
+ Games
+ "Habitat"-style games and systems
- with "handles" that are much more secure than at
present (recall Chip's comments)
+ behaviors that are closely akin to real-world illegal
behaviors:
- a thieves area
- an espionage game
- a "democracy wall" in which anything can be posted
anonymously, and read by all
+ MUDs (Multi-user Domains, Multi-User Dungeons)
- lots of interest here
- topic of discussion at a special Cypherpunks meeting,
early 1994.
+ interactive role-playing games will provide cover for the
spread of systems: pseudonyms will have much more
protection than they now have
- though various methods may exist to "tag" a transaction
(a la barium), especially when lots of bandwidth is
involved, for analysis (e.g., "Dark Dante" is
identified by attaching specific bits to stream)
+ Dealing with Barium Tracers
- code is allowed to simmer in an offsite machine for
some time (and with twiddling of system clock)
- mutations added
+ Shared Worlds
- authors, artists, game-players, etc. may add to these
worlds
- hypertext links, reputation-based systems
+ hypothesize a "True Names" game on the nets, based
_explicitly_ on Vinge's work
- perhaps from an outfit like Steve Jackson Games, maker
of similar role-playing games
- with variable-resolution graphics (a la Habitat)
- virtual reality capabilities
+ a game like "Habitat" can be used as a virtual Labyrinth,
further confusing the line between reality and fantasy
- and this could provide a lot of bandwidth for cover
- the Smalltalk "Cryptoids" idea is related to this...it
looks like a simulation or a game, but can be used by
"outsiders"
+ Religions
+ a nearly ironclad system of liberties, though _some_
limits exist
- e.g., a church that uses its organization to transport
drugs or run a gambling operation would be shut down
quickly (recall the drug church?)
- and calls for tax-break limitations (which Bill of
Rights says nothing about)
- still, it will be _very_ difficult for the U.S.
government to interfere with the communications of a
"religion."
+ "ConfessionNet"
+ a hypothetical anonymous system that allows confessions
to be heard, with all of the privileges of privacy that
normal confessions have
- successors to 900 numbers?
+ virtually ironclad protections against government
interference
- "Congress shall make no law..."
+ but governments may try to restrict who can do this, a
la the restrictions in the 70s and 80s on "instant
Reverends"
- Kirby J. Hensley's Univeral Life Church
- various IRS restrictions, effectively establishing
two classes of religions: those grandfathered in and
given tax breaks and the like, and those that were
deemed invalid in some way
+ Scenario: A Scientology-like cult using CA as its chief
communications system?
- levels of initiation same as a cell system
- "clearing"
- New Age garbage: Ascended Masters, cells, money flowing
back and forth
- blackballing
+ Digital Personals
- the "personals" section of newspapers currently requires
the newspaper to provide the anonymity (until the parties
mutually agree to meet)
- what about on AMIX or similar services?
- a fully digital system could allow self-arranging systems
+ here's how it could work:
- Alice wants to meet a man. She writes up a typical ad,
"SWF seeks SWM for fun and walks on the beach..."
- Alice encloses her specially-selected public key, which
is effectively her only name. This is probably a one-
time deal, unlinkable to her in any way.
- She encrypts the entire package and sends it through a
remailing chain (or DC-Net) for eventual posting in a
public place.
- Everyone can download the relevant area (messages can
be sorted by type, or organized in interest groups),
with nobody else knowing which messages they're
reading.
- Bob reads her message and decides to repond. He
digitizes a photo of himself and includes some other
info, but not his real name. He also picks a public key
for Alice to communicate with him.
- Bob encrypts all of this with the public key of Alice
(though remember that he has no way of knowing who she
really is).
- Bob sends this message through a remailing chain and it
gets posted as an encrypted message addressed to the
public key of Alice. Again, some organization can
reduce the total bandwidth (e.g., an area for
"Replies").
- Alice scans the replies and downloads a group of
messages that includes the one she can see-and only she
can see!-is addressed to her.
- This has established a two-way communication path
between Alice and Bob without either of them knowing
who the other one is or where they live. (The business
about the photos is of course not conducive to
anonymity, but is consistent with the "Personals"
mode.)
- If Alice and Bob wish to meet in person it is then easy
for them to communicate real phone numbers and the
like.
+ Why is this interesting?
- it establishes a role for anonymous systems
- it could increase the bandwidth of such messages
+ Legal Services (Legitimate, i.e., not even the bootleg
stuff)
+ protected by attorney-client privileges, but various Bar
Associations may place limits on the use of networks
- but if viewed the way phones are, seems unlikely that
Bars could do much to limit the use of computer
networks
- and suppose a Nolo Press-type publishing venture started
up on the Nets? (publishing self-help info under
pseudonyms)
- or the scam to avoid taxes by incorporating as a
corporation or nonprofit?
+ Voting Systems
- with and without anonymity
+ Board of Directors-type voting
- with credentials, passwords, and (maybe) anonymity
(under certain conditions)
+ Blackballing and Memberships
- generally anonymous
- blackballing may be illegal these days (concerns about
racism, sexism, etc.)
- cf. Salomaa for discussion of indistinguishability of
blackballing from majority voting
+ Consumer Ratings and Evaluations
- e.g., there may be "guaranteed anonymous" evalution
systems for software and other high-tech items (Joe
Bluecollar won't mess with computers and complicated
voting systems)
+ Politically Active Groups May Have Anonymous Voting
- to vote on group policies, procedures, leadership
- or on boycott lists (recall the idea of the PC-Card
that doesn't allow politically incorrect purchases)
+ this may be to protect themselves from lawsuits (SLAPP)
and government harassment
- they fear government infiltrators will get the names
of voters and how they voted
+ Official Elections
- though this is unlikely for the barely-literate
majority
- the inevitable fraud cases will get wide exposure and
scare people and politicians off even more
- unlikely in next decade
+ Journal Refereeing
- some journals, such as Journal of Cryptology,
appropriately enough, are already using paper-based
versions of this
+ Xanadu-like systems may be early adopters
- there are of course reasons for just the opposite:
enhanced used of reputations
- but in some cases anonymity may be preferred
+ Groupware
- anonymous comment systems (picture a digital blackboard
with anonymous remarks showing up)
- these systems are promoted to encourage the quiet to have
an equal voice
- but they also provide another path to anonymous and/or
reputation-based systems
+ Psychological Consultations
- will require the licensing of counselors, of course
(under U.S. laws)
- what if people call offshore counselors?
+ and various limitations on privacy of records exist
- Tarisoff [spelling?]
- subpoenas
- record-keeping required
+ may be used by various "politically correct" groups
- battered women
- abused children
- perhaps in conjunction with the RU-486-type issues,
some common ground can be established (a new kind of
Underground Railroad)
+ Advice on Medicine (a la AIDS, RU 486)
- anonymity needed to protect against lawsuits and seizure
- NOW and other feminist groups could use crypto anarchy
methods to reduce the risks to their organizations
+ Anonymous Tip Lines, Whistleblower Services
+ for example, a newspaper might set up a reward system,
using the crypto equivalent of the "torn paper" key
- where informant holds onto the torn off "key"
- even something like the James Randi/Yuri Geller case
reveals that "anonymous critics" may become more common
+ corporate and defense contractor whistleblowers may seek
protection through crypto methods
- a "Deep Throat" who uses bulletin boards to communicate
with DS?
+ this presumes much wider use of computers and modems by
"average" people...and I doubt "Prodigy"-type systems
will support these activities!
- but there may be cheap systems based on video game
machines, a la the proposed Nintendo computers
- environmentalists set up these whistleblower lines, for
people to report illegal logging, spraying, etc.
+ Online, "Instant" Corporations
+ shell companies, duly incorporated in Delaware or
wherever (perhaps even foreign sites) are "sold" to
participants who wish to create a corporate cover for
their activities
- so that AMIX-like fees are part of the "internal
accounting"
+ Anonymous collaborative writing and criticism
- similar to anonymous voting
16.28.10. Compressed traffic will similarly increase
- and many compression algortithms will offer some form of
encryption as a freebie
- and will be difficult to decypher, based just on sheer
volume
- files will have to at least be decompressed before key word
searches can be done (though there may be shortcuts)
By Tim May, see README
HTML by Jonathan Rochkind