8 April 2005

From: Lucky Green <shamrock at cypherpunks.to>
Sent: Friday, April 08, 2005 04:12
To: 'cypherpunks@al-qaeda.net'; 'cryptography@metzdowd.com'
Subject: CFP: What the Hack '05 and Blind Signature Expiration Party

[Please forward as appropriate]

Call for Participation: Cypherpunks at "What the Hack '05" and "Blind
Signature patent expiration party". 

As every four years, this year features "What the Hack (WTH)", a Dutch
outdoors security and hacker conference hosted in the tradition of HEU '93,
HIP '97, and HAL 2001. http://www.whatthehack.org/

HIP '97 and the Summer that surrounded it represented a pivotal event in my
and many other attendee's lives. 1997 was the peek of the Crypto Wars: while
strong cryptography was spreading rapidly throughout the world from authors
outside the U.S., most, if not all, I consider dear friends, the U.S.
Government continued to insist on imposing draconian export regulations.
3DES? 1024-bit RSA? Forget it.

In about May '97, PGP, Inc. released printed copies of the PGP 5 source code
in full compliance with the U.S. export regulations in effect at the time.
Electronic copy was illegal, but printed books were fine. Having attended
the source code release event, at a Cypherpunks meeting, I walked away with
two copies of the printed source. The source code books spanned many boxes.
I hurt my back lifting those heavy boxes into the trunk of my car. My back
to this day never fully recovered. Equally in compliance with the export
laws, I immediately fedexed those boxes at my own expense to individuals in
Europe standing by with scanners equipped with sheet feeders to OCR the

Three months later, the OCR effort had stalled. While most pages had been
OCR'ed, passing the per-page checksums, many pages remained unprocessed. In
some cases this was because one of the numerous proof readers failed to
return the result. In the more challenging cases it was because the checksum
differentiated between spaces and tabs. We learned that consumer-level OCR
programs are dismal at differentiating between 5 or 6 leading spaces. Or a

At HIP '97 on a camp ground near Amsterdam, many breakthroughs happened.

- I organized a industrial-size tent, complete with full (free) bar and DJ,
for Cypherpunks types.

- The all-night DJ, and at least in part the free bar, drew a number of
walk-ins, including some young smartcard hackers that pointed out to me that
the ISO 7816 smart card specifications required the card to report a
different error code depending on whether a file on the smart card file
system did not exist or was blocked from read access. And by the way, the
key space is only two bytes wide. It is this kind of crack in the armor into
which a cryptanalyst will find it irresistible to insert a crowbar. If it
weren't for this revelation over a glass of Single Malt and the much deeper
investigations that followed, COMP128 would still be considered to be a good
authentication and key generation algorithm and GSM would still be
considered secure from cloning and eavesdropping.

- The discussions on the Cypherpunks list in the preceding year or two had
made it clear to those paying attention that MIX-style remailer networks, as
promising as they appeared at first, are a dead end against a motivated
adversary. The better approach, and the only alternative known at the time,
was to apply the lessons learned from DC nets to establish mailbox servers
that used XOR chains to obtain the content dropped into public read-access
boxes. I gave a talk at HIP '97 that detailed a system that implemented this
concept (*). The concept I introduced at HIP '97 is by now well-know and
since has not just been given a name, but has turned into an entire field of
academic research: Private Information Retrieval (PIR).
(*) Credit for the ideas behind this presentation go to an individual that
so far has chosen to remain anonymous.

- With the attentative audience still mentally digesting the novel concept
of PIR, I took the opportunity to add a "Ceterum censeo Carthaginem esse
delendam". My precise words, if I recall correctly, were: "Come Hell or high
water, before HIP is over, the proofreading of the PGP source code *will* be
completed". Followed by a call for non-U.S. citizen volunteers to report to
the Cypherpunks tent to finish the job. And finish the job they did.
Visualize a scene most akin to "The Matrix", with a gaggle of volunteers
frantically working on a row of computers held up by beer crates, writing
scripts to brute force the OCR output past the checksums, while a raging
party with dancers literally hanging off the rafters took up the core of the
tent space, music blasting from the sound system in the early morning hours.
Special thanks go to Ian Grigg, who lead the team of volunteers.

On the last day of HIP, the last page of the PGP 5 source had passed the
last checksum. As the volunteers retired to bed after in most cases over 48
hours of straight work, one lone hold-out decided that now that the source
code had been legally exported and turned into electronic form, somebody
ought to compile it. He proceeded to compile the PGP 5 source on a PC that I
had hand-carried to HIP in my luggage. The source compiled without errors. I
was sound asleep at the time. By the time I woke up, cryptography had
entered a new era: the U.S. Government, and in fact the entire world, woke
up to a day from which on the only path remaing to stem the flow of strong
crypto out of the U.S. was to ban books. And even the staunchest advocates
of cryptographic export regulations knew that albeit the U.S. Supreme Court
Justices may perhaps be bamboozled by declarations of the dangers of this
new "Internet" thing, banning books was a proposal not in the least novel to
the Court, standing no chance of meeting with the Justices approval.

Cornered into an untenable position and with no help from the courts in
sight, the U.S. Government eventually acknowledged the inevitable and
relaxed the exports laws for strong cryptography to the point of
insignificance in January of 2000.

Eight years have passed since HIP '97, to be succeed by WTH '05 this year.
While I don't really need the distraction, I could be convinced to organize
another Cypherpunks, crypto, and security tent. Perhaps the most valuable
lesson I learned at HIP '97 was the value of education. I received
unexpected and invaluable education from two teenagers. I, and the many of
us that made up the Cypherpunks contingent, provided much valuable
educations to others. There exists an entire new generation that wasn't
around in 1997, hungering for education, that could benefit from our
knowledge. If we don't teach them, who will?

If you are interested in joining the "Cypherpunks" tent at WTH during July
28-31 2005, please email me. If there is enough interest, I will organize
another presence.


Sidebar: "Free at last. Oh Lord. We are fee at last" (Also known as the
"Blind Signature Patent Expiration Party")

Some of you may rememember the RSA patent. Yes, there was a time when you
couldn't use RSA inside the U.S. without paying licensing fees to RSA DSI.
Many that were around at that time were not too happy about this fact. But
at least you could pay somebody money to use RSA. If you had a valid
business model, paying licensing fees may have be unpleasant, but using RSA
was not insurmountable.

There is another patent that is every bit as significant as the RSA patent.
More so, perhaps. Unlike the RSA patent, this patent has not been available
for licensing at any price, stymieing an entire field of research and wide
swaths of commerce. This patent is U.S. Patent 4,759,063 "Blind Signature
Systems". http://www.pat2pdf.org

The Blind Signature patent is not just any patent. This is *the* patent.
Without the invention covered by this patent, there is no hope for online
privacy. With this technology, the opportunities not just for privacy, but
also for commerce, are endless. Countless visionaries have spent years of
their lives, in some cases decades, trying to make those opportunities a
reality only to run up against the fact that for reasons that would be
worthy of a book, the patent could not be licensed.

U.S. Patent 4,759,063 "Blind Signature Systems" will expire on July 19,
2005. A Tuesday. Since no patent litigator will consider litigating on a
Monday morning over patent infringement for a patent that expires the next
day, it appears safe to say that come the preceding Saturday, technologies
that make use of this patent can be displayed to the public. That Saturday
is July  16, 2005.

It took us 20 long years to get to this date. For those of us that tried to
use this technology, it was 20 very, very long years. Fortunately, the 20
years are over. Which is as much reason for celebration as I can imagine.
The expiration of the Blind Signature patent surely calls for a party. And
as I promised so many years go, I will take it upon myself to throw that
party. Anybody that knows what blind signatures are is welcome, no, make
that implored, to come to the expiration party at my house (or other venue
if there are too many people for my place) to celebrate the expiration of
the patent on Saturday, July 16. As for me, I am counting the days. Ping me
for details.

--Lucky Green <shamrock at cypherpunks.to>