Tell HN: Tim May, Author of “The Crypto Anarchist Manifesto”, Has Died
Tim May - Cypherpunks co-Founder, Discoverer of Radiation-Induced Single Event Upsets in Integrated Circuits, Uncompromising Firearms Proponent
Word has reached me that my dear friend, co-conspirator in many things and for many years, fellow Freedom Fighter Tim May passed away earlier this week at his home in Corralitos, California.
Death appears to be from natural causes pending autopsy. I.e. Tim did not die in a hail of bullets as so many who didn’t know Tim all that well and largely from his public writings had predicted.
(...)
Tim’s realization that any Manifesto, Constitution, or Bill of Rights wasn’t worth the paper it was written on absent a broadly armed (and heavily armed) population left many of his critics and admirers alike confused. As with so many of his assertions, Tim was correct in this analysis, though his assertion that “private ownership of firearms is a public good” will likely not be as soon widely accepted as his assertion that “private ownership of strong crypto is a public good” was. As such, Tim leaves behind a very large firearms collection.
Please raise a glass of Bourbon, can be any brand, doesn’t have to be the expensive stuff, it didn’t have to be for Tim, to Tim May!
Ad Astra, Tim!
45 comments
[ 2.7 ms ] story [ 110 ms ] threadR.I.P. Tim May.
https://activism.net/cypherpunk/crypto-anarchy.html
a tenative good riddance from me lol
"Crypto anarchy will alter completely the nature of government regulation, the ability to tax and control economic interactions, the ability to keep information secret, and will even alter the nature of trust and reputation." -Tim May, 1988
I would add that limiting the ability of the govermment to tax and control economic interactions does not imply eliminating the government's ability to collect taxes. It would instead mean governments shifting from taxing people's private transactions, which properly belong in the private sphere, to taxing immovable property within their jurisdictions, like land, which properly belongs in the public sphere.
Always sad to lose deep thinkers.
He looked into it - and eventually realized the problem was the ceramic/clay semiconductor packaging was slightly radioactive, causing single event upsets. Intel switched to less alpha-heavy packaging, plastic, and the problem went away. That's impressive debugging!
I knew him more from his cryptography and privacy work (and his curmudgeonly Usenet posts on how downtown Santa Cruz was going down the drain, in his opinion), but this feat always impressed me.
https://sci-hub.tw/10.1109/IRPS.1978.362815
A New Physical Mechanism for Soft Errors in Dynamic Memories
Onion routing being a good example... it's taken longer to get there and it's still not going to be the default for a long long long time.
(a) informal approach to cryptography, the entire applied cryptography from late 1990s to the early 2000s suffered from this problem, we are still working hard to correct them since Post-Snowden. TLSv1.3 is the most recent effort to pay our debt.
We should understand that, even we can create lots of clever things by mixing and meshing different cryptographic primitives, if the cryptosystem is fundamental enough that you need to use them in serious systems, they must be formally designed and analyzed. Linux’s /dev/random works by gathering various sources of entropy and mixing them, sounds extremely secure, right? But it doesn’t have the rigorous security properties as shown by formal analysis.
One may argue the design is practically secure, but for something fundamental like this, formal approach should be used to keep it robust in all possible and impossible circumstances, just like a good symmetric cipher should resist all forms of known cryptanalysis, to ensure a strong fallback security — that even the adversary can ask you to encrypt any data of their choice, the cipher is still unbreakable.
Empiricism works well in many cases, and you can surely design cryptographic protocols and applications in this way, but it should know when it is needed to stop and call a true cryptographer. The Signal Protocol is a good example of well-designed, and formally analyzed protocol, while Telegram is a bad one.
(b) Overemphasize of Technical Possibilities, But Not Usability. The Cypherpunks were fascinated by cryptography’s endless possibilities. As a result, they create systems which there are hundreds of user adjustable parameters and options.
Do you want AES? TwoFish? 3DES? The first one is the U.S. national standard, well-reviewed, fast hardware implementation, but it has a relatively weak key schedule and may have a small risk of related-key attack in 256-bit mode, but related-key is not a real issue in proper encryption, and… the second one is the security guru Schneier’s cipher, years of cryptanalysis didn’t discover any flaws, and the pure software implementation is typically faster than 256-bit AES, but… Do you want SHA-1? RIPEMD-160? SHA-256? SHA-512? SHA-3? BLAKE2e? SHA-1 and RIPEMD-160 is not recommended for new systems, SHA-256 is the best practice, but why don’t you use SHA-512 for additional protections? By the way, SHA-3 is not vulnerable to length-extension attacks as it’s not a Merkle–Damgård construction, and BLAKE2e is the state-of-art by utilizing Daniel J. Bernstein’s ChaCha20 stream cipher…and so on, and so on, and so on…
You can see this in GnuPG, almost every aspect of encryption can be adjusted. Another example is Mixmaster remailer, which has more than 20 parameters to control the behavior of mail forwarding.
These designs are clearly from the desires to fit the personal preferences by different professional Cypherpunks, but has little actual security benefits. Instead, it greatly complicates the entire protocol, and expose a large surface for attackers. On the other hand, WireGuard, an execellent VPN protocol, doesn’t allow the user to change anything. It is hard-coded to only use state-of-art, and proven algorithms, such as ChaCha20 and Curve25519.
Dreaming about the endless use-cases is another related issue, Cypherpunks spent too much time discussing them, such as trustless key management, etc. However, to bring real changes, we must have systems designed for ordinary people. An less-than-ideal encryption protocol that is simple enough for mass adoption, is superior to a completely trustless protocol, but only usable by a handful of Cypherpunk.
Cypherpunk may disregard these protocols for its imperfections by Cypherpunk’s standard, but it’s still essential to develop them as mass adoption is crucial for Cypherpunks to succeed.
(c) Unrealistic Overconfidence in Cryptography
In Tim May’s The Crypt...
+ Money and payments as locus of power
+ Naming and identity as locus of power
+ Access to cryptography as locus of power
+ Governments' appetite for electronic surveillance
+ Anonymity enabling otherwise impossible interactions
and some things that they got wrong were
- Vanguardism
- Sybils and models of public discourse
- Adaptability and resources of state actors
- Software vulnerability
- Decentralization is consistently expensive (in many different ways) and few people have agreed that they need it
- Extreme technical fragility of anonymity (deanonymization, correlations, uniqueness of items in high-dimensional datasets, stylometry and behavioral uniqueness)
(This is not meant to suggest that the cypherpunks didn't talk or think about these issues, just that they tended to underestimate how big a challenge they would represent.)
I would like further to say, as I said in another comment, Cyphernomicon is one of the most valuable document worth to read, an amazing collecting of farseeing ideas. The widespread of data breach, privacy-invading computer systems and software, tendency of authoritarianism and mass surveillance in the digital world, how Internet will change whistleblowing, and even cryptographic ransomware were predicted.
They got a lot of things correct. But many great ideas are still not implemented. I'm listing a few that I really want to see and use today...
* In Tim May's Cyphernomicon, two concepts are of great significance: anonymity, AND reputation. The most common argument today against anonymity is, "how can you trust these people", but the problem has been answered early: you build a system and community based on reputation. Unfortunately, nowadays, only the first part of the vision, anonymity, is partially implemented, but there is almost no deployed reputation/identity system.
There are some of them, e.g. Web-of-Trust based, blockchain-based, Reddit/Hacker News karma, but I think we still don't have figure out a system that implements May's vision. I really want to see something similar to the Cyberspace in True Names or Ender's Game... Currently the best approximation is just 4chan + Reddit + Second Life + Tor, or perhaps OpenBazaar and BitNation?, which is not very interesting.
And of course, there are reasons. If you attach an identity to anonymity, it downgrades to pseudonymity. Having a long-term pseudonymity is very dangerous, once you have leaked ~30 bit of entropy, your anonymity is basically finished. Another hard problem of reputation is Sybil Attack.
* Dining cryptographers, or DC-net, a revolutionary anonymous network by David Chaum, which eliminates correlation attacks and information-theoretic secure. Cypherpunks saw the Onion Routing of Cypherpunk Remailing can be written in an afternoon of Perl hacking, it shouldn't be hard to perfect the system and move to DC-net within the next 5 years.
But the hard problems of DC-net has been overlooked, one non-cooperative participant can DoS the entire network. The solution is the construction of a BLAME protocol for kicking out malicious nodes out. I think we just managed to solve most of the problem with a functional prototype, DISSENT, in 2015 (20 years later!!). Until a practical network has been engineered, DC-net is still like One-Time Pad, good on paper but not useful in practice.
https://mailing-list-archive.cryptoanarchy.wiki/
RIP, Tim.
Cypherpunk Movement, leaded by Tim May is an established ideology and movement since the late 80s. At the time, they were the most prominent supporters of individual privacy and digital liberty. It was them, who helped to build the EFF DES cracker to expose the lies of FBI about DES’s security, and forced the U.S government moving to the 128-bit encryption standard. It was them, who successfully stopped the NSA’s plan to install mandatory encryption backdoor on the telephone system. And it was also them, who fought against the regulation of cryptography through various means, and effectively ended it.
They were also the earliest researchers on practical technology to defend privacy. The very idea of an anonymous communication system was purposed by David Chaum in 1981, and implemented as Type I Cypherpunk Anonymous Remailer. By purely coincidence, the syntax used in the control messages allows the user to chain multiple remailers, and hence the concept of Onion Routing was discovered. Cypherpunks also recognized the importance of cash — an anonymous payment system in the past 3000 years, urgently needed a electronic version to stop the enablement of a surveillance state in the digital age. The original vision was also purposed by David Chaum, but it faced various difficulties, especially the problem of consensus and double-spending (Chaum's own centralized payment processor was good, but did not succeed commercially, but check GNU/Taler!), so it was under constant discussion throughout the entire 90s, until Satoshi Nakomoto, presumably a Cypherpunk, purposed a workable, but perhaps less-favorable solution 10 years later. The inventor of computer firewall, Steven Bellovin, and the first developer of a commercial firewall, Marcus Ranum, were also cypherpunks. The entire concept of deniable cryptography was also invented by the cypherpunks, specifically, first implemented in a Linux Full-Disk Encryption program by Julian Assange.
Yes, the original mailing list was a victim of its own success — it disintegrated in 2000 because the entire fields of privacy, cryptography the movement kickstarted, turned to be too diverse to be contained in a single mailing list.
>“The main reason the list doesn’t seem to have the center of gravity anymore is the topic has gotten so big and gone in so many directions,” Wayner says. “It used to be you could read maybe (the newsgroup) comp.risks and Cypherpunks and you had read all there was. Now there are so many things going on it can’t be the center of gravity, it can’t be the center of all things.”
You don't have to agree Tim May's Anarcho-Capitalist position or everything he has said, but I think we can all agree that the victory of the First Crypto War is our timeless legacy and his largest contributions (as a leader) to the Internet.
I recommend everyone who is interested in cryptography, privacy and Cypherpunk to read A Cypherpunk’s Manifesto (https://www.activism.net/cypherpunk/manifesto.html), and The Crypto Anarchist Manifesto (https://activism.net/cypherpunk/crypto-anarchy.html) for the starter, both are very short and concise.
After reading the Manifesto, everyone should read Tim May’s Cyphernomicon, the most important document - the only comprehensive and the only documentation of the entire Cypherpunk movement.
https://nakamotoinstitute.org/static/docs/cyphernomicon.txt
Yes, it’s ten thousand lines of plaintext in a list format, and obviously not easy to read. It may be difficult to start, but it is surely an amazing collecting of ideas. You should download it to your disk, open your favorite text editor, and choose a nice color scheme, to read the entire document, line-by-line, as if you are reading some source code. In my opinion, this is the most comfortable way to read. You may need two weeks to a month to finish the reading, use the bookmark feature of your text editor to mark your progress. Another useful note is that, Tim May’s documentation is heavily leaning towards Anarcho-Capitalism, but as he said, the house of Cypherpunk has many room.
[1] https://ipfs.io/ipfs/QmbhG99r1PQGxAhuMMMFnvBiJ1voxBccYxe6QfQ... [2] https://nakamotoinstitute.org/static/docs/cyphernomicon.txt
For any of you younger folks who don't have much context for cypherpunks, here's a couple of good articles: https://medium.com/@bruces/the-blast-shack-f745f5fbeb1c http://projects.csmonitor.com/cypherpunk
I'm still trying to get my head around the idea Lucky Green has a Facebook account.
Goodbye Tim
I admire Tim's writing on crypto and what it could do. I deplore his violent racism. They both came together in one person.
(I register new nyms occasionally for this reason)