Cryptography, Anonymity, and their Roles in a Free Society
We need the ability to lose ourselves in the crowd. The ability to become nameless and faceless is an essential human experience. Further, I would assert that anonymity is essential to a free society. In the digital age, this is more important than ever.
Don’t believe me? Did you know that the Federalist Papers, and “Common Sense”, were both published anonymously? In fact, the Federalist Papers were published under a pseudonym! Both were essential to the founding of America, the eventual formation of its Constitution and Bill of Rights.
Anonymity and pseudo-anonymity are critical to expressing dangerous ideas freely (as I’m doing here, now). If your boss, or your partner, or your friends, found out about the potentially harmful ideas you’re putting forth, experimenting with, playing with, you probably wouldn’t try them in the first place.
Of course, this freedom comes at a terrible price: letting nazi filth, or pedophiles, or fascists, or any manner of horrible people, speak their minds, share encrypted messages, and spread propaganda with wild abandon. There is no price to pay, for them, if they’re anonymous, faceless, nameless.
One could argue that this is an essential cost of liberty. If speech is free, people will say things you don’t like. If there’s a right to privacy, people will do things behind closed doors you don’t like. Naturally, we would never say the police should carry keys to every door to come and go as they please, so why do it in the digital age?
I say we can have our cake and eat it too.
How? With digital trust and reputation systems.
A nameless, faceless entity that puts forth a conspiracy theory is lambasted, laughed off of the stage (by most; I’ll get back to that later). However, if CNN promoted the theory that, say, humans never landed on the moon, it would be given credence. Why?
Because we trust CNN. The sane among us, anyway. Why do we trust them?
Because they have a reputation to uphold. They have people to answer to. If they push a theory that’s fundamentally false, they lose trust. As they say, “trust is gained in drops and lost in buckets”.
This is all well and good, but how does this translate to the digital age? With cryptography, of course!
The simplest approach to this is “key signing”. It goes like this: Alice and Bob are partners. They know that each holds the private key corresponding to the public key they know, so they digitally “sign” the public key, essentially saying “yeah, that’s Alice”, or “yeah, that’s Bob”.
Eventually, you can build a giant system of trust, called a “web of trust”, which tells you that a given public key is likely to be associated with a given person; the more signatures a key has, the more likely the key is to be authentic.
But of course, this has a ton of holes.
For one, this is an absolute system of trust. We might say “I trust you with my life” or “I don’t trust them as far as I can throw them”, but trust is rarely absolute. It’s more granular, more relative, like “I trust you not to go on a killing spree, but I don’t trust you to house-sit for me”.
This also doesn’t handle revocation of signatures. If the person whose key you signed turns out to have their identity stolen (let’s say they were coerced into giving up their private key), there’s no way in the system I described to take back your trust, as we so often do in real life.
This is brushing aside reputation, as there’s no way I know of to have a reputation system in the “web of trust” model.
There might be ways to handle these cases in GnuPG, but GPG is such a clusterfuck, I really don’t care. When’s the last time you said, “let’s use GPG to encrypt emails!”? Never ever in your life have you said that to a non-techie friend.
What we need is a system that reflects the real world. We need a system that’s easy to use. We need a system that real, actual people can use, not just tech weirdos (and I say that as a proud tech weirdo).
What would this system look like?
I’ve often thought about “circles” of friends. I might have one circle of friends who I trust with general information about my life, but not my secrets. Then in another circle, I might trust people with some secrets. Then there would be a circle of two, with my partner, where no information leaves that circle. Finally, there’s a circle with me and myself alone, with secrets I never let out.
I swear, I came up with this concept of circles in 2008–2009, before Google+. You’ll have to trust me on that one.
So we have this concept of circles, levels, layers of trust in which someone might be a friend; or they might be a friend, a confidant, and a coworker; or they might simply be someone you do business with and nothing more.
How does this get us to reputation?
Well, if a user builds up a following within their circles, they might get “promoted” from one circle to another. They might gain trust! This is a simple concept that maps to real life. We can quantify this with the sheer volume of information going through that circle of people. There are more complex methods, but this gets us most of the way there.
This raises the question that I alluded to earlier on: what if nazis gain a following and start pushing propaganda outside their network, or pedophiles create circles and start sending encrypted messages to each other?
Let’s focus on the nazi case, for now. In the case where a group of nazis decides to try to extend their tendrils beyond their little echo chamber, ideally, they’ll be seen as an echo chamber and treated as such. A true circle is one that has connections everywhere. Six degrees of separation from any other node in the network, in theory (like the “six degrees of Kevin Bacon”, or the “six degrees of Wikipedia” game).
What about the circle of perverts, sharing messages with each other? In an ideal case, they wouldn’t have any trust between each other because they can’t extend their network beyond their circle of immediate contacts.
Ultimately, it comes back to the closed doors question; how much privacy are you willing to sacrifice for security? Are you willing to let the cops kick the door in to any house, to make sure the perverts don’t have a chance? Probably not. No matter what, though, the creeps won’t be able to gain trust because they can’t share outside of that tiny little circle.
So this begs many questions, including favorites such as “how do we quantify trust and reputation?” and “how do we ‘out’ bad actors?”. But I’m getting tired, this is getting long-winded, and the scotch is kicking in. Til next time, this is Mister Fahrenheit, signing off and wishing you some much-needed time away, awash in the mass of nameless, faceless pedestrians of the city.
Originally published at https://community.hackernoon.com on May 31, 2019.
