The Cryptopian Fallacy
Misconceptions and Unintended Consequences
By Christian Smith
Thanks to BakerHostetler and Blockchain at UCLA for inviting me to talk at Genesis Blockchain Summit on October 25th, 2018. This post is an edited transcript.
“Madness is rare in individuals — but in groups, parties, nations, and ages it is the rule” — Friedrich Nietzsche
Most of what people believe about blockchain is delusional and has little basis in reality. In some ways this is harmless, like when your mom conflates her web browser with the internet.
When it comes to privacy and data protection, however, misunderstanding is significant. We’re already in hot water with social media and the web. They weren’t designed to protect us from the threats we face today. Here’s the thing: neither was blockchain. It’s become fashionable to think of blockchain as a fountain of trust. But that’s very dangerous if it’s not true.
The problem is not technology. It’s that too much of the discourse has been on the same level as medicinal tobacco. Seriously, doctors used to think you could cure drowning by blowing tobacco smoke into uncomfortable places.
I point this out to illustrate two things:
- we’re all vulnerable to believing things that aren’t true
- we really need to be more critical of claims that aren’t substantiated.
Even good ideas need this. Weeding the garden helps it bear fruit. These shiny new cryptographic toys we’re all playing with have very sharp edges. If we don’t quickly learn what not to do with them, Cambridge Analytica and the “data industrial complex” Tim Cook described to European privacy commissioners this week are going to look like spilt milk compared to what comes next.
“Falsehood flies, and truth comes limping after it” — Jonathan Swift
Let’s talk about misconceptions. For starters, there’s been some troubling historical revisionism. Many — if not most — of the concepts that blockchain takes credit for have decades of history in computing.
Hash functions, tamper-evident logs, state machine replication, gossip protocols, even proof of work… these were all conceived of and even put into practice between the 1950s and 1990s. “Smart contracts” came along 15 years before anyone used the word blockchain.
The contribution of Bitcoin — and it is pure genius — was using Proof of Work for consensus. Not to detract from that, but the only reason it was even possible is that Nakamoto stood on the shoulders of these giants.
It’s also worth noting that Bitcoin made its debut before the term blockchain was coined. Confusing this might seem harmless. I’d argue it’s had a disastrous impact. It tricks people into thinking well established principles no longer apply. It encourages a broad misunderstanding of other causal relationships. And it short-circuits the kind of inquiry that keeps everyone honest.
The German linguist Poerksen seemed to be predicting blockchain in the 90s when he wrote about Plastic Words: they “become the building blocks for plans and solutions that may seem utopian but end up impoverishing the world.”
This brings us to the next major fallacy. We’re calling it Cryptopia.
This is a rite of passage for anyone that gets into cryptography — and by extension — blockchain. You don’t have to take my word for it. One of the best known computer security experts on the planet fell for it. In 1994, Bruce Schneier wrote a book called Applied Cryptography.
In it, he described “a mathematical utopia”. Cryptography was to be “the great technological equalizer.” He wrote “[it’s] insufficient to protect ourselves with laws; we need to protect ourselves with mathematics.”
As Bruce himself discovered, this kind of thinking is unrealistic. Several years later, he wrote another book called Secrets and Lies. In the preface, he called himself out. He says he wrote the book partly to correct this very mistake. Here are a few excerpts (emphasis mine):
“It’s just not true. Cryptography can’t do any of that.
It’s not that cryptography has gotten weaker since 1994, or that the things I described in that book are no longer true; it’s that cryptography doesn’t exist in a vacuum.
Mathematics is perfect; reality is subjective. Mathematics is defined; computers are ornery. Mathematics is logical; people are erratic, capricious, and barely comprehensible.
The error of Applied Cryptography is that I didn’t talk at all about the context. I talked about cryptography as if it were The Answer™. I was pretty naïve.
The result wasn’t pretty. Readers believed that cryptography was a kind of magic security dust that they could sprinkle over their software and make it secure.“
20 years after Bruce Schneier started to figure this out, the mainstream blockchain movement is having deja vu all over again. Here’s an example:
Early this year, some friends of mine published this glossy whitepaper. In big bold type, it says “Blockchain replaces trust in humans with trust in mathematics.” These are very smart and talented people. Their hearts are in the right place and they’re trying to do good things.
But this kind of thinking is going to get us into a lot of trouble. The misconceptions less experienced people develop from statements like this take on a life of their own.
And there’s no easy way out. Exotic techniques like homomorphic encryption and zero knowledge proofs are brilliant in theory. But they don’t eliminate that need for context. For every foolproof invention, there’s a new and improved fool.
Which brings us to the subject of false analogy in blockchain, or as I like to call it, Satoshi’s Hammer.
Analogy is one of the most remarkable tools of mind we have. It helps us be creative and adapt to completely novel situations. Our intuition suggests analogies, but it doesn’t validate them. And our intuition is wrong a shocking amount of the time.
If you don’t believe me, read a book called Thinking, Fast and Slow by Daniel Kahneman:
“… a plausible answer comes to mind immediately. Overriding it requires hard work — the insistent idea “it’s true, it’s true!” makes it difficult to check the logic, and most people do not take the trouble to think through the problem.”
When precise thinking matters analogy falls short. In the book Mental Leaps: Analogy in Creative Thought, Keith Holyoak and Paul Thagard write:
“Unmapped differences are likely to lead to unexpected failures of analogy-based inferences”.
That’s quite an academic statement. In other words, analogy helps invent the locomotive and then analogy derails it too. Seasoned cryptographers know about this very well. In A Logic of Authentication, Burrows, Abadi, and Needham write:
“… protocol designers often misunderstand the available techniques, copying features from existing protocols inappropriately. As a result, many of the protocols found in the literature contain redundancies or security flaws.”
You can’t copy and paste a cryptographic protocol from one problem onto another one. Those little differences that don’t quite line up are disproportionately important. It is notoriously hard to design secure and privacy preserving systems. It’s completely hopeless if you want to believe a marketing buzzword magically solves it.
Analogy gets us part way there. But when stakes are very high, we need bottom-up thinking and reasoning from first principles. It’s harder and it takes longer, but there’s no substitute.
Let’s talk about a high stakes problem: privacy. Specifically blockchain privacy. This phrase is an oxymoron. Your first assumption should always be that anything you record in public is no longer private. Period.
Encryption is not a solution to this, its a clunky timebomb. Ask the US government. They’ve had some seriously consequential breaches involving encrypted data. It’s not the ciphers that fail, it’s the rest of the context. Exactly what Bruce wrote about in Secrets and Lies. The OPM hack is a perfect example.
Correlation and inference are also quite easy. Over time, maintaining pseudonymity in public is a lot harder than it sounds. It only takes one unhappy correlation to re-identify someone from anonymized data. Even aggregated query results are vulnerable to this. With all the data companies are collecting, blockchain pseudonymity will quickly degenerate into a sham.
Bitcoin and Ethereum use public transparency as part of how they preserve integrity. IPFS was designed for censorship resistance and high availability. The goals they can’t compromise on directly conflict with what’s needed for privacy. You can’t start from there and effectively solve for privacy after the fact.
There may be ways to limit the risks of unwanted observation and correlation. But they are not guarantees. Please remember that. We can save everyone a lot of unnecessary pain and suffering.
Now let’s consider some unintended consequences.
The government line used to be that we had to sacrifice personal privacy to national security. Then the Office of Personnel Management, Ashley Madison, and Equifax all got hacked. Now it’s easy to find people with security clearance who have dirty secrets and financial problems. This has definitely been exploited already. And it’s starting to change how government thinks about privacy and security. They’re perhaps not so directly opposed or mutually exclusive.
Here’s another one. Enough people have submitted their DNA that you don’t need to be in a genealogy database yourself to be identified using it. How does the legal notion of consent fit into this scenario? Recently a serial killer was caught this way. And that’s a good thing. What happens when genocidal despots are able to lift some of our DNA off a blockchain? This is not hypothetical. People are working on insanely dangerous ideas like this right now.
The most challenging and valuable problems to solve have these built in contradictions. The openness of the web is necessary to it’s vision. But it also creates its own intractable security problems.
The immutability of blockchain and IPFS give us integrity and censorship resistance. But they conflict with the right to be forgotten. They also create a more disturbing problem: illegal content that you can’t delete and may not even know you have. Now combine that with the legal concept of strict liability. In theory, you could go to jail for running a bitcoin node.
Facebook connects everyone together, but it also enables exploitation and manipulation at population scale.
It’s hell if you do and stifled progress if you don’t.
“The first principle is that you must not fool yourself — and you are the easiest person to fool.” — Richard Feynman
Our inventions are giving us unprecedented power. But increasingly, we’re not mature enough to know how to use them wisely. We need more healthy skepticism and forethought.
Be precise about the scope and context of issues you’re considering. Be careful about haphazard generalizations. Look for contradictions and keep tradeoffs in mind. Most important, don’t be afraid to challenge the herd. It might need saving from itself.
