June 17, 2008
Historical copy of PGP 5.0i for sale -- reminder of the war we lost
Back in the 1990s, a group called the cypherpunks waged the crypto wars with the US government. They wanted easy access to crypto, the US government didn't want them to have it. RAH points to Sameer's blog:
The solution for my company, C2Net Software, Inc., was to develop an offshore development team and have them develop the software there. Other companies developed different strategies. Most opted to sell broken products to their overseas customers. One other company cared about the security of their customers. That company was PGP.PGP chose a different strategy however. They published their source code as a book. The book was then exported, the contents of that book were then scanned in, and then a completely legal international version of PGP was born.
Sameer is selling his copy of PGP 5.0i, the book that was printed in the USA and exported in boxes to the international scanning project.
PGP 5.0i, on the other hand, was compiled from source code that was printed in a book (well, actually 12 books - over 6000 pages!). The books were exported from the USA in accordance with the US Export Regulations, and the pages were then scanned and OCRed to make the source available in electronic form.This was not an easy task. More than 70 people from all over Europe worked for over 1000 hours to make the PGP 5.0i release possible. But it was worth it. PGP 5.0i was the first PGP version that is 100% legal to use outside the USA, because no source code was exported in electronic form.
The last 1% was done at HIP 1997, or hacking-in-progress, a Dutch open-air festival conducted once every 4 years. (You can see an early attempt at blogging here and here and a 2004 post.)
Lucky Green turned up with a box and ... left it lying around, at which point the blogging stopped and the work started. A team of non-Americans then spent around 2 days working through the last, unscanned and broken pages. There were about 20 at the peak, working in teams of 2 and 3 across all of HIP, swapping their completed files back at the cypherpunks tent. Somewhere around is a photo of the last file being worked through, with three well-known hackers on one keyboard.
It was uploaded around 3 in the morning, Sunday if I recall, as the party was winding down; some brave souls waited around for the confirmed download, but by 5am, only Sameer was still up and willing to download and compile a first international PGP 5.0.
The story has a sad ending. In the last months of 1999, the US government released the controls on exporting free and open cryptography. Hailed by all as a defeat, it was really a tactical withdrawal from ground that wasn't sustainable. The cypherpunks lost more: with the departure of their clear enemy, they dispersed over time, and emerging security and financial cryptography entrepreneurs lost our coolness factor and ready supply of cryptoplumbers. Lots of crypto projects migrated back to the US, where control was found by other means. The industry drifted back to insecure-practice-by-fiat. Buyers stopped being aware of security, and they were setup for the next failure and the next and the next...
Strategic victory went to the US government, which still maintains a policy of keeping the Internet insecure by suppressing crypto where and when it can. Something to remember if you ever get offered a nice public relations job in the DHS, or if you ever get phished.
Posted by iang at June 17, 2008 03:39 AM | TrackBackIt is not a lack of crypto that enables phishing. Hence, what do you mean by the last 6 words?
Hi Toby,
It is a lack of good crypto and good security that enables phishing. The lack of good crypto and security traces back to government interference in the marketplace, perhaps best viewed as a successful attempt to trample competition because of policy desires to control it.
Posted by: Iang at June 17, 2008 05:51 AMThanks for the great historical tidbit about the cryptowars!
> Strategic victory went to the US government, which still maintains a policy of keeping the Internet insecure by suppressing crypto where and when it can.
Can you elaborate on this? How do you feel the USG is keeping the Internet insecure?
Posted by: Brenden at June 17, 2008 10:11 AMArcheological email about proposal for doing pgp-like public key (from 1981):
http://www.garlic.com/~lynn/2006w.html#email810515
The internal network was larger than the arpanet/internet from just about the beginning until sometime summer of '85. Corporate guidelines had become that all links/transmission leaving corporate facilities were required to be encrypted. in the '80s this met lots of link encryptors (in the mid-80s, there was a claim that the internal network had over half of all the link encryptors in the world).
A major crypto problem was with just about every link that crossed any national boundary created problems with both national governments. Links within national boundaries would usually get away with argument that it was purely internal communication within the same corporate entity. Then there was all sorts of resistance encountered attempting to apply that argument to links that cross national boundary (from just about every national entity).
For other archeological lore ... old posting with new networking activity from 1983 http://www.garlic.com/~lynn/2006k.html#8
Above posting includes listing of locations (around the world) that had one or more new network links (on the internal network) added sometime during 1983 (large precentage involved connections requiring link encryptors).
more recent post http://www.garlic.com/~lynn/2008h.html#87 mentioning coming to the realization (in the 80s) that there were three kinds of crypto.
Posted by: Lynn's archelogical pgp-like proposal at June 17, 2008 05:17 PMHi Ian-- I actually agree with you. I didn't want to say that on my ebay ad because if I make people depressed maybe they won't want to spend money. (On the other hand, I spend more money when depressed. So...)
Posted by: Sameer Parekh at June 17, 2008 07:20 PMI don't think we lost because the US government made a successful strategic retreat, thought that is part of it.
Rather, the plan is harder to carry out than we thought.
As I write in http://jim.com/security/cypherpunk_program.html
The plan is to strike at the state from the jungle of complexity, to strike at the state from beyond the state’s intellectual and temporal horizons.
Cryptography alone is insufficient to implement crypto-anarchy. Correct understanding and implementation of cryptography has proven to be hard, as numerous embarrassing failures have demonstrated, but correct understanding and implementation of cryptography turned out to be only the beginning of what was needed.
Often secure cryptographic algorithms have been used to construct insecure cryptographic protocols, but worse than that, correct cryptographic protocols, such as SSL, have resulted in insecure behavior.
Successfully designing such systems requires a whole system viewpoint – cryptographic protocols and user interface and business models and accounting principles and economic understanding and understanding of computer mediated social networking.
The cypherpunk movement collapsed in the realization that the problem was harder than it seemed, that mere cryptography was insufficient.
The cypherpunk movement produced a lot of cryptographic tools, among them by own Crypto Kong, only to realize that no one wanted cryptographic tools. To use a cryptographic tool, you have to understand and think about what it is doing, understand and think about the cryptographic primitives involved every time you use it. Unfortunately, even committees of experts tend to screw up when they attempt to specify correct use of cryptographic primitives. No way can end users be expected to burden themselves with such a task. Rather, cryptography needs to be embedded invisibly in tools that do user tasks, and make those tasks secure without the end user ever thinking about cryptography. SSH is the best example of a tool that works like this. You never see a dialog box that relates to cryptographic matters. It is just secure. It acts the way people expect it to act, and they don’t need to think about the messy details of how it ensures that hostile adversaries cannot meddle and make things fail in unexpected ways. Similarly, Skype's encryption is invisbly embodied in a utility that people use to communicate with each other, and no one should ever be aware of it.
If people use secure tools to mediate cooperation, and the storage and creation of value, to do business, then those tools will not only be secure against ordinary criminals, but against governments – wherupon it becomes hard for governments to collect taxes or regulate business, hard for governments to intrude themselves in honest peaceful activities.
As soon as we produced the first not very satisfactory versions of such tools, and early adopters came to use them, we hit the second problem. The cypherpunk program requires heavy reliance on value, exchange, and promises to pay and deliver being computer mediated. But computers are extremely insecure. One’s computer is apt to come under the control of hostile criminals. The computer virus and trojan problem makes it impractical to keep large amounts of value on a computer. Similarly, the phishing problem makes it difficult to have internet mediate relationships of economic value. The anonymity that gives protection against governments makes it alarmingly easy for people to pretend to be what they are not. And then we discovered that net centric anonymous or weakly nymous money was violently unpopular because of criminals flocking to it, provoking governments to shut it down.
Facing these problems, the cypherpunk movement collapsed. The remaining cypherpunks patiently studied solutions to these problems, and, by and large, solutions have been discovereds, though these solutions are not yet implemented, or the implementations are not yet widely adopted, perhaps not yet ready for wide adoption.
The problems that shut down the cypherpunk movement are
1. Cryptography is hard, cryptographic protocols that actually work are harder, and embedding those protocols invisibly in utilities that do useful things without the end user needing to know or think about cryptography considerably harder still: To solve this we need higher level tools which automatically apply known sound protocols to the particular case, so that good cryptography can be a routine and invisible part of good applications, without requiring as much thought as it now does.
2. Computer insecurity, trojans and malware: To solve this, we need to restrict programs using the powerbox software pattern
3. Phishing
4. Violently unpopular criminal misuse of net centered money