Posts

On the intellectual origin of blockchain (II). Recent forerunners

In the first post in this series on the intellectual origin of blockchain technology, I talked about two figures I consider to be early forerunners: Alan Turing and John von Neumann. In this second installment, I will look at two more recent figures: Tim May and David Chaum (and in a third post, I will touch on Nick Szabo and Wei Dai).

After the gloomy years of World War II and the Cold War, we now turn to the 1980s and 1990s, with its very different political, socio-economic and technological context. After the fall of the Berlin Wall and the break-up of the Eastern Block, the buzzwords became the “end of history” (in the sense that Marxist utopias had been left behind) and globalization. In the technology field, we were seeing increasingly powerful microprocessors, the internet and mobile phones.

As readers may remember, when internet first came on the scene, many heralded that it would bring about massive cultural, social and political changes. The lofty ideals of the Age of Enlightenment seemed closer than ever before: thanks to this new technology, a world compartmentalized into aggressive nation-states and under the thumb of large multinationals could give way to a true universal human community, united through communication, the free and direct flow of information and easy access to knowledge. Of course, this cyberspace-based community would have its economic facet as well: universal trade, which would spread prosperity throughout the planet.

However, while internet and mobile communications have indeed drastically reshaped our social customs, it didn’t take long to see that new technologies were not engendering the political changes some people hoped for. Nation-states are not a thing of the past; rather, they have found digital technologies useful as weapons for controlling their citizens, citing dangers from radicalism and globalized terrorism, which, in turn, have also co-opted technology for their own purposes, the polar opposite of the enlightened ideals internet was supposed to bring with it. On the economic side, we have seen that globalization does not in fact mean global prosperity. Different multinationals have come and gone, but, far from the expected distribution of wealth, economic power is even more tightly concentrated in the hands of a few. Today, a handful of companies born from new technologies, namely Apple, Microsoft, Google, Facebook and Amazon, have attained unprecedented popularity, wielding more power to control and influence users than ever seen before.

This situation, which first started to take shape in the 1990s, has pushed the somewhat visionary and utopian mindset of the internet’s early days into a type of resistance movement characterized by activism and an anti-establishment and anti-system ideology. The difference is that, this time, the insurgents are striking from within, using digital tools for their own purposes. This includes groups such as hackers (who, like all pirates and rebels, are rather romanticized), cyberpunks and the topic of this article, the cypherpunks and cryptoanarchists leading an ideological movement to put cryptography and information encryption techniques in the hands of individuals and to thwart national security agencies’ attempts to monopolize the use of this technology.

 

The cryptography I am referring to in this post is modern cryptography, heavily based on mathematical theory, computer science and the application of electronics to computing, i.e., something that only began to be developed in the 1950s. Before then, encryption techniques were much more rudimentary: from the simplest codes like the substitution cipher Julius Caesar used for military messages to the electro-mechanical encryption of telegraph and radio messages by German military intelligence services during World War II, using a series of Enigma machines creating polyalphabetic substitution through variable-position rotors. By placing the rotors of the deciphering machine in the same positions as in the cyphering machines, the recipient could decode messages. This was a symmetric-key mechanics-based encryption system, where letter substitutions changed every so often, but the problem was that the system only worked if the sender had previously given the recipient the key (i.e., the specific placement of the rotors) to be used at a certain time. Yet this information could be intercepted by the enemy and potentially used to decode messages if it also had the same model Enigma machine. In contrast, mathematical cryptography is based on arithmetic operations or mathematic calculations applied to digitalized messages, that is, messages that have been previously converted into numbers. Thanks to computers – machines that operate at electronic speed, close to the speed of light – practical use can be made of encryption and decryption techniques that require making highly complex numeric calculations very quickly (generally involving very large prime numbers, the product of which is difficult to factorize).

 

Initially, governments, in particular the United States through its National Security Agency (NSA), attempted to keep the knowledge and use of this technology – so critical during wartime – to themselves, standing in the way of commercial use and use by the general public. However, in the mid-1970s, following an embittered battle with the NSA, IBM registered its Data Encryption Standard (DES) algorithm with the National Bureau of Standards. This algorithm was later made available to financial sector companies, who needed it to develop their automatic teller machine networks. Knowledge and public release of this algorithm sparked a growing interest in modern mathematical cryptography beyond the closed field of national security. In that same decade, the public also learned about revolutionary asymmetric (or public-key) cryptography: the Diffie-Hellman algorithm, followed by the RSA (Rivest, Shamir and Adleman) algorithm, first developed in 1977. Asymmetric cryptography resolved the formidable vulnerability issue I mentioned above, namely that, in traditional symmetric cryptography systems, private keys must be shared between sender and receiver. This development was absolutely vital for enabling secure communications between parties that do not know one another, which in turn is essential for carrying out financial transactions via internet.

 

By the 1990s, the crypto-libertarian movement was beginning to take real shape thanks to Timothy C. May, better known as Tim May. In the early digital days of 1992, this California hippie-techie, a well-respected electronic engineer and scientist at Intel, wrote The Crypto Anarchist Manifesto, a short text heralding that computer technology was “on the verge of providing the ability for individuals and groups to communicate and interact with each other in a totally anonymous manner. Two persons may exchange messages, conduct business, and negotiate electronic contracts without ever knowing the True Name, or legal identity, of the other. Interactions over networks will be untraceable, via extensive re- routing of encrypted packets and tamper-proof boxes which implement cryptographic protocols with nearly perfect assurance against any tampering. Reputations will be of central importance, far more important in dealings than even the credit ratings of today. These developments will alter completely the nature of government regulation, the ability to tax and control economic interactions, the ability to keep information secret, and will even alter the nature of trust and reputation (…) The methods are based upon public-key encryption, zero-knowledge interactive proof systems, and various software protocols for interaction, authentication, and verification. The focus has until now been on academic conferences in Europe and the U.S., conferences monitored closely by the National Security Agency. But only recently have computer networks and personal computers attained sufficient speed to make the ideas practically realizable…

 

In the ensuing years, Tim May was the force behind, and the main contributor to, the cryptography and cryptoanarchy internet forum known as the Cypherpunks electronic mailing list and its document The Cyphernomicon. He is one of the leading intellectual references among the designers of the first cryptocurrencies, such as Nick Szabo and Wei Dai.

The next figure we look at, also from California, had a less political, and more technical and business, focus: David Lee Chaum, a brilliant mathematician and computer scientist who from the 1980s on created novel cryptographic protocols applicable in online commerce, payments and even voting. He is credited with the cryptographic protocol known as the blind signature, which is the digital equivalent of the physical act of a voter enclosing a completed anonymous ballot in a special envelope that has the voter’s credentials pre-printed on the outside.

Chaum’s motivation for creating this type of protocol was his concern for privacy of financial transactions, which was being eroded as electronic payment means were becoming more widely used. One of the essential properties of traditional cash bills and coins is their anonymous nature, as money simply held by the bearer. In contrast, all the new ways of sending money represented in bank accounts (bank transfers, credit cards, web-based payment gateways, etc.) allowed for tracking of who paid what amount to whom, and why. This meant that an increasing amount of data revealing a lot about a consumer’s preferences and spending habits and, in short, they type of person they are, was being recorded and stored in digital databases completely beyond the consumer’s control.

In this blog post, I will not go into a detailed technical explanation of the blind signature protocol invented by Chaum, which he presented at a 1982 conference under the title “Blind signatures for untraceable payments.” In a nutshell, however, it involves a person or authority verifying, with their electronic signature, a specific digital item generated by another person. The authority knows the identity of the sender and what type of item is involved, but it does not know the content of the signed item. This technology has many uses. It is crucial when a third party verifier is needed, such as an election authority certifying that the person casting an online vote is allowed to vote and only submits one ballot, but where, to safeguard the secrecy of ballots, this authority must not know the content of the validated vote. In the case of electronic money, the third party verifier is the bank that holds the account of the person wishing to generate a digital monetary item, or token, because it is the bank that must verify that the sender has sufficient funds and then debit the corresponding amount from the account to avoid double-spending. The blind signature protocol is very useful in this case. Once the bank has verified that the sender (the payer) is indeed authorized to make the payment, it can sign the digital token without knowing the specific serial number individually identifying the payer, while still monitoring the transaction. Accordingly, when the recipient (the payee) presents a given digital token with the specific serial number to that same bank to exchange it for cash money, the bank does not know which of its clients sent the token and, consequently, who made the payment in question.

 

How can a bank sign a digital monetary token without knowing its individual serial number? This is where Chaum’s mathematical ingenuity came into play: the payer (i.e., the bank client wishing to make a payment with electronic cash) generates a random serial number x and, prior to sending it to the bank with its payment order, disguises it by multiplying it by a factor C known only to the payer. Put differently, the payer gives the bank a serial number encrypted using a commutative algorithm or function C(x), which can be reversed by performing the inverse arithmetic operation, in this case, dividing C’ by the same factor. After verifying the payer’s standing to make the payment, the verifying bank electronically signs that same encrypted serial number with its private key S’ and returns the result, S’(C(x)), to the payer. The payer then applies inverse division to the prior multiplication through which the serial number was encrypted, C’(S’(C(x))), and obtains S’(x), that is, the original serial number now electronically signed by the bank. The payment can now be made without the bank knowing who generated that specific note. This is clearly analogous to issuing bank notes against cash deposits, but in a digital environment.

 

In 1989, David Chaum attempted to put this idea into practice with the creation of the Amsterdam-based electronic money corporation DigiCash, but the business did not flourish. In fact, only two banks supported DigiCash systems, the Missouri-based Mark Twain Bank and Deutsche Bank. The business only had 5,000 clients and total payment volume never passed $250,000. Chaum later explained that it was hard to get enough merchants to accept the payment method so enough consumers would use it, or vice versa. Although David Chaum became a hero for cryptoanarchists, the problem was that the average consumer was not that concerned about the privacy of his transactions. In the end, in 1998 DigiCash filed for bankruptcy and sold off all its assets.

What I find most interesting about this attempt is that the electronic cash David Chaum invented still depended on ordinary legal tender (because the process always started and ended at a bank account in dollars, euros or another national currency), and the accounting control that avoided double-spending was still in the hands of the traditional banking system, given that it was a bank that verified the sender’s ability to pay and then debited the amount of electronic money sent from the traditional account.

Bitcoin, to appear later along, was a radical departure from this model.

(The pioneering works about mathematical cryptography are Claude Shannon’s article “Communication Theory of Secrecy Systems” published in the Bell System Technical Journal in 1949 and the book by Shannon and Warren Weaver titled “Mathematical Theory of Communication.”

An explanation of how the Enigma machine worked and stories of the adventures and exploits on the cryptographic front of WWII can be found in a book cited in a previous post: “Alan Turing. Pioneer of the Information Age,” by B. Jack Copeland, published in Spain by Turner Noema (Madrid), 2012, pages 51 and thereafter.

For more on the battles between the first cryptoanarchists and the NSA, see “Crypto: How the Code Rebels Beat the Government Saving Privacy in the Digital Age,” by Steven Levy, published in Spain by Alianza Editorial, 2001.)