| Random Page
A loose-knit group/movement that believes strongly in privacy and anonymity. Cypherpunks emphasize technology as a way to empower and protect individuals.
Key technologies include strong encryption and anonymous relays. Cypherpunks created the first secure remailer systems, and were a driving force for encryption tools like PrettyGoodPrivacy. The FreeNet project is an example of current work in the cypherpunk spirit.
Judith Milhon of Mondo 2000, also known by her handle St. Jude, coined the term "cypherpunk".
Eric Hughes' A Cypherpunk's Manifesto is among the most eloquent and best known creeds of the movement. Read the whole manifesto at http://www.cyberpunkproject.org/idb/cypherpunks_manifesto.html
Some notable excerpts:
- Privacy is necessary for an open society in the electronic age. Privacy is not secrecy. A private matter is something one doesn't want the whole world to know, but a secret matter is something one doesn't want anybody to know. Privacy is the power to selectively reveal oneself to the world. ...An anonymous system empowers individuals to reveal their identity when desired and only when desired; this is the essence of privacy.
- We cannot expect governments, corporations, or other large, faceless organizations to grant us privacy out of their beneficence... We must defend our own privacy if we expect to have any.
- Cypherpunks write code. We know that someone has to write software to defend privacy, and since we can't get privacy unless we all do, we're going to write it. We publish our code so that our fellow Cypherpunks may practice and play with it. Our code is free for all to use, worldwide... We know that software can't be destroyed and that a widely dispersed system can't be shut down.
There is a metaphor between strong cryptography and the gun laws of America. Some Americans believe they have the right to bear arms specifically to facilitate an armed uprising against the government, should that ever become necessary. Armed citizens can prevent the government doing what it wants to do. Cryptograpy is similar.
It's possible because encryption is light on atoms. There is very little need to acquire expensive physical resources. Only time and ingenuity are required. On the other hand, with the ability to build systems like Twinkle, the NSA has an advantage.
- There is general agreement among mathematicians and cryptologists that modern well-tested cryptosystems like PrettyGoodPrivacy (with a large key like 1024 bits) are unlikely to be broken by the NSA. Even if the NSA can break modern cryptography, they are likely to treat that knowledge as their greatest secret, and not reveal it for reasons less than vital "national security" concerns.
- The NSA is a useful measure for a cryptosystem, since it is likely the best at attacking such systems. Since there are several systems which appear secure against NSA-level resources, it seems foolish to invest much effort in less-secure alternatives.
- Most cypherpunks realize that their systems are insecure to various physical attacks such as tapping into keyboards or hidden video cameras. These "black bag" operations are relatively expensive (in time and trained people), so relatively few people are at risk. The NSA is unlikely to risk detection unless they have other convincing evidence.
- A common goal of the cypherpunks is to deny governments the ability for wide-ranging surveillance, by encouraging most people to encrypt their communications. One frequently-used analogy is using envelopes for mail rather than writing on postcards. These analogies often capture public attention, and have helped defeat measures like the "Clipper Chip" proposal (which would require a government backdoor for most encryption).
- As for the individual vs. the Army/NSA, the individual will probably lose in a direct battle. However, if a government is forced to declare martial law (or outlaw cryptography) they have also lost--they have been forced to recognize a serious problem that could not be handled by ordinary means. If a sufficient number of people join the resistance, the official government may lose recognition and/or it's military support.
Another reason for the encryption/guns metaphor is that the US government (and several other nations) treat encryption systems similar to other military technologies. They are regulated in the same way that conventional "munitions" are--mostly for export purposes, but some countries have internal controls on encryption. Recently the US regulations were greatly relaxed, but encryption software exports are still regulated. (The US regulations are by executive order, and can be changed at any time without legislative action.)
Those who are interested in cryptography but less interested in political arguments might like the "coderpunks" mailing list. It is dedicated to messages about practical implementation issues, not politics. (It is a very low-volume list, with perhaps 20 messages in a busy week.) I'll find the subscription address if anyone's interested.
Personally, I got involved with the CypherPunk
s because I wanted the US export laws changed. I was interested in DigitalSignature
s for authentication of UseNet
messages. Unfortunately, US export laws effectively prohibited distribution of digital-signature code. (One could only export signature code if it could not be modified to support encryption. This was effectively impossible for source code.)
After months of work the best I could get was binary object-code for a few kinds of systems. This was not acceptable for my needs, and I finally gave up on that part of the project. I stayed on the cypherpunks mailing list for awhile, but finally left when I didn't have time to read the huge list.
I'm glad to see that encryption regulations are loosening. I believe that individual misdeeds (which might be hidden by encryption) are less important than resisting various "big brother" total-surveillance scenarios. Actually, I'd rather have government transparency, as in DavidBrin's TransparentSociety. I'm not as optimistic as Brin, however. --CliffordAdams