In Tim May's eyes a digital tape is a weapon as potent and subversive as a shoulder-mounted Stinger missile. May (fortyish, trim beard, ex-physicist) holds up a $9.95 digital audio tape, or DAT. The cassette -- just slightly fatter than an ordinary cassette -- contains a copy of Mozart equivalent in fidelity to a conventional digital compact disc. DAT can hold text as easily as music. If the data is smartly compressed, one DAT purchased at K-Mart can hold about 10,000 books in digital form. One DAT can also completely cloak a smaller library of information interleaved within the music. Not only can the data be securely encrypted within a digital tape, but the library's existence on the tape would be invisible even to powerful computers. In the scheme May promotes, a computer hard disk's-worth of coded information could be made to disappear inside an ordinary digital tape of Michael Jackson's Thriller. The vanishing act works as follows. DAT records music in 16 binary digits, but that precision is beyond perception. The difference contained in the 16th bit of the signal is too small to be detected by the human ear. An engineer can substitute a long message -- a book of diagrams, a pile of data spreadsheets (in encrypted form) -- into the positions of the 16th bits of music. Anyone playing the tape would hear Michael Jackson crooning in the exact digital quality they would hear on a purchased Thriller tape. Anyone examining the tape with a computer would see only digital music. Only by matching an untampered-with tape with the encrypted one bit by bit on a computer could someone detect the difference. Even then, the random-looking differences would appear to be noise acquired while duping a digital tape through an analog CD player (as is normally done). Finally, this "noise" would have to be decrypted (not likely) to prove that it was something other than noise. "What this means," says May, "is that already it is totally hopeless to stop the flow of bits across borders. Because anyone carrying a single music cassette bought in a store could carry the entire computerized files of the stealth bomber, and it would be completely and totally imperceptible." One tape contains disco music. The other tape contains disco and the essential blueprints of a key technology. Music isn't the only way to hide things, either. "I've done this with photos, " says May. "I take a digitized photo posted on the Net, download it into Adobe Photoshop, and then strip an encrypted message into the least significant bit in each pixel. When I repost the image, it is essentially indistinguishable from the original." The other thing May is into is wholly anonymous transactions. If one takes the encryption methods developed by military agencies and transplants them into the vast terrain of electronic networks, very powerful -- and very unbreakable -- technologies of anonymous dealing become possible. Two complete strangers could solicit or supply information to each other, and consummate the exchange with money, without the least chance of being traced. That's something that cannot be securely done with phones and the post office now. It's not just spies and organized crime who are paying attention. Efficient means of authentication and verification, such as smart cards, tamper-proof networks, and micro-size encryption chips, are driving the cost of ciphers down to the consumer level. Encryption is now affordable for the everyman. The upshot of all this, Tim believes, is the end of corporations in their current form and the beginning of more sophisticated, untaxed black markets. Tim calls this movement Crypto Anarchy. "I have to tell you I think there is a coming war between two forces," Tim May confides to me. "One force wants full disclosure, an end to secret dealings. That's the government going after pot smokers and controversial bulletin boards. The other force wants privacy and civil liberties. In this war, encryption wins. Unless the government is successful in banning encryption, which it won't be, encryption always wins." A couple of years ago May wrote a manifesto to alert the world to the advent of widespread encryption. In this electronic broadside published on the Net, he warned of the coming "specter of crypto anarchy": ...The State will of course try to slow or halt the spread of this technology, citing national security concerns, use of the technology by drug dealers and tax evaders, and fears of societal disintegration. Many of these concerns will be valid; crypto anarchy will allow national secrets to be traded freely and will allow illicit and stolen materials to be traded. An anonymous computerized market will even make possible abhorrent markets for assassinations and extortion. Various criminal and foreign elements will be active users of CryptoNet. But this will not halt the spread of crypto anarchy. Just as the technology of printing altered and reduced the power of medieval guilds and the social power structure, so too will cryptologic methods fundamentally alter the nature of corporations and of government interference in economic transactions. Combined with emerging information markets, crypto anarchy will create a liquid market for any and all material which can be put into words and pictures. And just as a seemingly minor invention like barbed wire made possible the fencing-off of vast ranches and farms, thus altering forever the concepts of land and property rights in the frontier West, so too will the seemingly minor discovery out of an arcane branch of mathematics come to be the wire clippers which dismantle the barbed wire around intellectual property. The manifesto was signed: Timothy C. May, Crypto Anarchy: encryption, digital money, anonymous networks, digital pseudonyms, zero knowledge, reputations, information markets, black markets, collapse of government. I asked Tim May, a retired Intel physicist, to explain the connection between encryption and the collapse of society as we know it. May explained, "Medieval guilds would monopolize information. When someone tried to make leather or silver outside the guilds, the King's men came in and pounded on them because the guild paid a levy to the King. What broke the medieval guilds was printing; someone could publish a treatise on how to tan leather. In the age of printing, corporations arose to monopolize certain expertise like gunsmithing, or making steel. Now encryption will cause the erosion of the current corporate monopoly on expertise and proprietary knowledge. Corporations won't be able to keep secrets because of how easy it will be to sell information on the nets." The reason crypto anarchy hasn't broken out yet, according to May, is that the military has a monopoly on the key knowledge of encryption -- just as the Church once tried to control printing. With few exceptions, encryption technology has been invented by and for the world's military organizations. To say that the military is secretive about this technology would be an understatement. Very little developed by the U.S. National Security Agency (NSA) -- whose mandate it is to develop crypto systems -- has ever trickled down for civilian use, unlike technologies spun off from the rest of the military/industrial alliance. But who needs encryption, anyway? Only people with something to hide, perhaps. Spies, criminals, and malcontents. People whose appetite for encryption may be thwarted righteously, effectively, and harshly. The ground shifted two decades ago when the information age arrived, and intelligence became the chief asset of corporations. Intelligence was no longer the monopoly of the Central Intelligence Agency, but the subject of seminars for CEOs. Spying meant corporate spying. Illicit transfer of corporate know-how, rather than military plans, became the treasonous information the state had to worry about. In addition, within the last decade, computers became fast and cheap; enciphering no longer demanded supercomputers and the superbudgets need to run them. A generic brand PC picked up at a garage sale could handle the massive computations that decent encryption schemes consumed. For small companies running their entire business on PCs, encryption was a tool they wanted on their hard disks. And now, within the last few years, a thousand electronic networks have blossomed into one highly decentralized network of networks. A network is a distributed thing without a center of control, and with few clear boundaries. How do you secure something without boundaries? Certain types of encryption, it turns out, are an ideal way to bring security to a decentralized system while keeping the system flexible. Rather than trying to seal out trouble with a rigid wall of security, networks can tolerate all kinds of crap if a large portion of its members use peer-to-peer encryption. Suddenly, encryption has become incredibly useful to ordinary people who have "nothing to hide" but their privacy. Peer-to-peer encryption, sown into the Net, linked with electronic payments, tied into everyday business deals, becomes just another business tool like fax machines or credit cards. Just as suddenly, tax-paying citizens -- whose dollars funded the military ownership of this technology -- want the technology back. But the government (at least the U.S. government) may not give encryption back to the people for a number of antiquated reasons. So, in the summer of 1992, a loose federation of creative math hackers, civil libertarians, free-market advocates, genius programmers, renegade cryptologists, and sundry other frontier folk, began creating, assembling, or appropriating encryption technology to plug into the Net. They called themselves "cypherpunks." On a couple of Saturdays in the fall of 1992, I joined Tim May and about 15 other crypto-rebels for their monthly cypherpunk meeting held near Palo Alto, California. The group meets in a typically nondescript office complex full of small hi-tech start-up companies. It could be anywhere in Silicon Valley. The room has corporate gray carpeting and a conference table. The moderator for this meeting, Eric Hughes, tries to quiet the cacophony of loud, opinionated voices. Hughes, with sandy hair halfway down his back, grabs a marker and scribbles the agenda on a whiteboard. The items he writes down echo Tim May's digital card: reputations, PGP encryption, anonymous re-mailer update, and the Diffie-Hellmann key exchange paper. After a bit of gossip the group gets down to business. It's class time. One member, Dean Tribble, stands up front to report on his research on digital reputations. If you are trying to do business with someone you know only as a name introducing some e-mail, how can you be sure they are legit? Tribble suggests that you can buy a reputation from a "trust escrow" -- a company similar to a title or bond company that would guarantee someone for a fee. He explains the lesson from game theory concerning iterated negotiation games, like the Prisoner's Dilemma; how payoffs shift when playing the game over and over instead of just once, and how important reputations become in iterated relationships. The potential problems of buying and selling reputations online are chewed on, and suggestions of new directions for research are made, before Tribble sits down and another member stands to give a brief talk. Round the table it goes. Arthur Abraham, dressed in heavy studded black leather, reviews a recent technical paper on encryption. Abraham flicks on an overhead projector, whips out some transparencies painted with equations, and walks the group through the mathematical proof. It is clear that the math is not easy for most. Sitting around the table are programmers (many self -- taught), engineers, consultants -- all very smart -- but only a single member is equipped with a background in mathematics. "What do you mean by that?" questions one quiet fellow as Abraham talks. "Oh, I see, you forgot the modulus," chimes in another guy. "Is that 'a to the x' or 'a to the y'? The amateur crypto-hackers challenge each statement, asking for clarification, mulling it over until each understands. The hacker mind, the programmer's drive to whittle things down to an elegant minimum, to seek short cuts, confronts the academic stance of the paper. Pointing to a large hunk of one equation, Dean asks, "Why not just scrap all this?" A voice from back: "That's a great question, and I think I know why not." So the voice explains. Dean nods. Arthur looks around to be sure everyone got it. Then he goes on to the next line in the paper; those who understand help out those who don't. Soon the room is full of people saying, "Oh, that means you can serve this up on a network configuration! Hey, cool!" And another tool for distributed computing is born; another component is transferred from the shroud of military secrecy to the open web of the Net; and another brick is set into the foundation of network culture. The main thrust of the group's efforts takes place in the virtual online space of the Cypherpunk electronic mailing list. A growing crowd of crypto-hip folks from around the world interact daily via an Internet "mailing list." Here they pass around code-in-progress as they attempt to implement ideas on the cheap (such as digital signatures), or discuss the ethical and political implications of what they are doing. Some anonymous subset of them has launched the Information Liberation Front. The ILF locates scholarly papers on cryptology appearing in very expensive (and very hard-to-find) journals, scans them in by computer, and "liberates" them from their copyright restrictions by posting the articles anonymously to the Net. Posting anything anonymously to the Net is quite hard: the nature of the Net is to track everything infallibly, and to duplicate items promiscuously. It is theoretically trivial to monitor transmission nodes in order to backtrack a message to its source. In such a climate of potential omniscience, the crypto-rebels yearn for true anonymity. I confess my misgivings about the potential market for anonymity to Tim: "Seems like the perfect thing for ransom notes, extortion threats, bribes, blackmail, insider trading, and terrorism." "Well," Tim answers, "what about selling information that isn't viewed as legal, say about pot growing, do-it-yourself abortion, cryonics, or even peddling alternative medical information without a license? What about the anonymity wanted for whistleblowers, confessionals, and dating personals?" Digital anonymity is needed, the crypto-rebels feel, because anonymity is as important a civil tool as authentic identification is. Pretty good anonymity is offered by the post office; you don't need to give a return address and the post office doesn't verify it if you do. Telephones (without caller ID) and telegrams are likewise anonymous to a rough degree. And everyone has a right (upheld by the Supreme Court) to distribute anonymous handbills and pamphlets. Anonymity stirs the most fervor among those who spend hours each day in networked communications. Ted Kaehler, a programmer at Apple Computer, believes that "our society is in the midst of a privacy crisis." He sees encryption as an extension of such all-American institutions as the Post Office: "We have always valued the privacy of the mails. Now for the first time, we don't have to trust in it; we can enforce it." John Gilmore, a crypto-freak who sits on the board of the Electronic Frontier Foundation, says, "We clearly have a societal need for anonymity in our basic communications media." A pretty good society needs more than just anonymity. An online civilization requires online anonymity, online identification, online authentication, online reputations, online trust holders, online signatures, online privacy, and online access. All are essential ingredients of any open society. The cypherpunk's agenda is to build the tools that provide digital equivalents to the interpersonal conventions we have in face-to-face society, and hand them out for free. By the time they are done, the cypherpunks hope to have given away free digital signatures, as well as the opportunity for online anonymity. To create digital anonymity, the cypherpunks have developed about 15 prototype versions of an anonymous re-mailer that would, when fully implemented, make it impossible to determine the source of an e-mail message, even under intensive monitoring of communication lines. One stage of the re-mailer works today. When you use it to mail to Alice, she gets a message from you that says it is from "nobody." Unraveling where it came from is trivial for any computer capable of monitoring the entire network -- a feat few can afford. But to be mathematically untraceable, the re-mailers have to work in a relay of at least two (more is better) -- one re-mailer handing off a message to the next re-mailer, diluting information about its source to nothing as it is passed along. Eric Hughes sees a role for digital pseudonymity -- your identity is known by some but not by others. When cloaked pseudonymously "you could join a collective to purchase some information and decrease your actual cost by orders of magnitude -- that is, until it is almost free." A digital co-op could form a private online library and collectively purchase digital movies, albums, software, and expensive newsletters, which they would "lend" to each other over the net. The vendor selling the information would have absolutely no way of determining whether he was selling to one person or 500. Hughes sees these kinds of arrangements peppering an information-rich society as "increasing the margins where the poor can survive." "One thing for sure," Tim says, "long-term, this stuff nukes tax collection." I venture the rather lame observation that this may be one reason the government isn't handing the technology back. I also offer the speculation that an escalating arms race with a digital IRS might evolve. For every new avenue the digital underground invents to disguise transactions, the digital IRS will counter with a surveillance method. Tim pooh-poohs the notion. "Without a doubt, this stuff is unbreakable. Encryption always wins." And this is scary because pervasive encryption removes economic activity -- one driving force of our society -- from any hope of central control. Encryption breeds out-of-controllness. continue...