It is difficult to know when humans first started securing or “encrypting” messages to hide them from unwanted readers; the practice must be almost as old as written language, although examples are sparse. We know, for example, that Julius Caesar used a simple form of letter substitution to communicate with his generals, shifting each character three steps down the alphabet in order to scramble it.
Tales of the Greco-Persian Wars are full of secret messages, not least the story of Histiaeus, a commander who, according to Herodotus, shaved the head of his favourite slave and had it tattooed with a message urging revolution in the Anatolian city of Miletus. When the slave’s hair grew back he was dispatched to the city, with the instructions that the recipient should shave his head again to read the message.
Such extreme measures were taken due to the fear of government surveillance. From the very beginning, cryptography has been both a military technology and a tool for undermining existing powers.
Cryptography’s military value is double-edged, of course. Like other weapons, its effectiveness depends on the ability of one side to outgun the other. For a long time, this balance mostly held, with efforts to crack the secrets of the enemy forming long-running and fascinating backstories to many conventional conflicts. It was an act of decryption that brought the United States into the First World War, when British intelligence services decoded the infamous Zimmermann Telegram of January 1917 proposing an alliance between Germany and Mexico. In the closing months of the war, the cracking of Germany’s ADFGVX cipher enabled the Allies to stave off a final German offensive on Paris.
Cryptography was first mass-manufactured in the Second World War, in the form of the Third Reich’s Enigma machines, and then digitised in the form of the Colossus, the world’s first programmable electronic computer, which was developed at Bletchley Park to break the German military’s Lorenz cipher. The wild invention and ultimate success of the Bletchley code-breakers over their Nazi adversaries can be read as the first of many instances of the digital overcoming the physical; the German’s Lorenz SZ42 machine was a massive, complex contraption of rotating cogs and wheels that defied code-breakers for years. By the end of the war, it was completely readable by the Colossus, an electronic machine.
The secrecy around the Colossus itself meant that its existence had little influence on future computer design, but it marks the point at which cryptography changed radically in nature – because what is digital is ultimately distributable.
In 1991, a US-based computer security researcher called Phil Zimmermann created a programme called Pretty Good Privacy (PGP), which enabled users of home computers to strongly encrypt email messages using a combination of numerous well-known algorithms. What turned PGP from another home-made software product into one of the most contentious artefacts of the decade wasn’t how it was made, but how it was distributed. Since the Second World War, the US and its allies had legally defined cryptography as a weapon; in the US it was therefore subject to something called the Arms Export Control Act.
At the time of PGP’s release, any cryptosystem that used keys – the strings of randomly generated numbers that secured hidden messages – longer than 40 bits required a licence for export. PGP used keys which were 128 bits long and almost impossible to crack at the time, and this made it precisely the kind of technology that US authorities wanted to prevent falling into foreign hands. Zimmermann never intended to export PGP, but, fearing that it would be banned outright, he started distributing it to friends. Shortly after that, PGP found its way on to the internet and then abroad. In 1993, the US government started a formal investigation into Zimmermann – for exporting munitions without a licence.
As knowledge of the case spread, it became a flashpoint for early digital activists who insisted on the rights of everyone to protect their own secrets and their own private lives. Zimmermann had the software’s source code printed as a hardback book, allowing anyone to purchase a copy and type up the software themselves. As he was fond of pointing out, export of products commonly considered munitions – bombs, guns and planes – could be restricted, but books were protected by the First Amendment. Variants on the RSA algorithm – the 128-bit process at the heart of PGP – were printed on T-shirts bearing the message “This shirt is classified as a munition”. Some went further, having lines of code tattooed onto their arms and chests.
The Crypto Wars, as they became known, galvanised a community around the notion of personal – rather than national – security, which tied into the utopian imagination of a new, more free, more equal and more just society developing in cyberspace. By the late Nineties, the case against Zimmermann was dead. The hackers and privacy activists declared victory.
Yet what’s often regarded as a triumph against government overreach can also be read as a terrifying moment when the state’s most powerful weapons escaped government control and fell into the hands of anyone who wanted to use them.
Today, thanks to the rise in digital communications, cryptography is everywhere, not least in banking systems, protecting the billions of electronic transactions that flow around the planet every day.
Even more than in the Nineties, the idea that anyone would deliberately make it easier for someone to steal money seems like an attack on the basic functions of society. And so it should come as no surprise that a technology best known for – but by no means limited to – the distribution of currency should be the focus of a new Crypto Wars, as well as a full flood of individualist, utopian thinking like that which accompanied the first round. There’s something about money that focuses the mind.
When Marco Polo first encountered paper money on his travels to China in the 13th century, he was astounded. In his Book of the Marvels of the World, he spends a great length of time explaining, and wondering at, the monetary system established by the Great Khan. Until recently, and as was still the case in Europe, the Chinese had used a range of value-bearing commodities to settle commerce and taxation: copper ingots, iron bars, gold coins, pearls, salt, and the like. In 1260, Kublai Khan, the ruler of the Mongol empire, decreed that instead his subjects would use apparently valueless paper, printed and certified by a central mint, and, writes Polo, “the way it is wrought is such that you might say he has the secret of alchemy in perfection, and you would be right”. Through a carefully choreographed process of manufacture, design and official imprimatur, “all these pieces of paper are issued with as much solemnity and authority as if they were of pure gold or silver”.
The process was alchemical in the truest sense, as it did not merely transform material, but also elevated the Khan himself to even more unassailable heights of power: the only arbiter of finance. Those who refused to accept the new currency were punished with death, and all trade flowed through the state’s coffers. The Khan had realised that controlling traffic – in commerce and in information – was the way to situate oneself at the true heart of power.
The processing and accounting of money – fiat money, created by decree rather than having inherent value – is essentially the manipulation of symbols. Money, then, is a belief system backed by state infrastructure which, for a long time, assured centralised power. But in the late 1990s, as computational technologies, long the sole province of the state, became less about asserting government power than asserting individual freedom – in other words, as the weapons forged in the crucible of the Second World War were made increasingly available to the common citizen – it became clear to the veterans of the Crypto Wars how they might make other adjustments to ancient power dynamics.
The idea for digital money and virtual currencies had been floating around for some time before the Crypto Wars. Money has been tending towards the virtual for some time, from the first ATMs and cards in the Sixties, to the spread of digital networks and connections between retailers and banks in the Eighties and Nineties.
Josh Edelson/AFP/Getty Images
For those concerned with privacy and individual sovereignty, it was a worrying development. Digital money, significantly, has none of the advantages of cash; it can’t be stored and exchanged outside of the system of banks and third parties, such as credit card companies, which can regulate and impede its flow. To a cryptographer, or anyone who has imbibed cryptography’s lessons on the potential to separate oneself from overbearing powers, this arrangement appears a kind of enslavement. So what would digital cash actually look like?
The first quality of digital cash is that it needs to be private, in the sense that no one other than the spender and receiver should be party to the transaction: no bank or security agency should know who is spending the money, who is receiving it, what it is for, or at what time and place the exchange is taking place. Because no physical assets, such as notes or coins, are being exchanged, it should also be secure.
The receiver should be able to verify they were paid and the spender that they have paid – a two-way receipt. This gives digital cash all the privacy of physical cash, with the added benefit of the participants being able to prove that a transaction has actually taken place.
One of the earliest proponents of digital cash was an American computer scientist called David Chaum. He believed that both the privacy and the security problems of digital currencies could be solved by using cryptography: encoding messages between the two parties, the sender and the receiver, in such a way that nobody else can read them. Chaum’s solution to this problem, conceived during the Eighties, involved both parties digitally signing the transaction with a private key, akin to an unforgeable and unguessable digital signature. In this way, both parties validate the transaction. In addition, they communicate through encrypted channels, so that nobody else can see that the transaction has occurred.
Chaum’s system worked, and was implemented by a number of companies and even one bank, but it never took off. Chaum’s own company, DigiCash, went bankrupt in 1998 and there was little incentive to compete against the growing power of credit card companies. Chaum felt that people didn’t understand what they were losing as digital networks and the money that flowed across them became more centralised: “As the web grew, the average level of sophistication of users dropped. It was hard to explain the importance of privacy to them,” he said in 1999.
Yet some people, including those radicalised by the Crypto Wars of the early Nineties, did understand the value of privacy. A group that came to be known as the Cypherpunks gathered first in San Francisco, and then online, with the intent of picking up from Chaum’s work the tools that could be used to disempower governments.
Tim May, a member of the Cypherpunks group and a former chief scientist at Intel, wrote in the The Crypto Anarchist Manifesto (1988): “The State will of course try to slow or halt the spread of this technology, citing national security concerns, use of the technology by drug dealers and tax evaders and fears of societal disintegration… But this will not halt the spread of crypto-anarchy. Just as the technology of printing altered and reduced the power of medieval guilds and the social power structure, so too will cryptologic methods fundamentally alter the nature of corporations and of government interference in economic transactions.”
Throughout the Nineties and into the 2000s, the Cypherpunks elaborated on the principles that would bring their utopia of encryption into being, as well as the technical innovations required. One of the biggest hurdles was the double-spending problem. Physical cash can only be spent once; when a banknote is handed over to a merchant, the buyer can’t at the same time use the same note at another shop round the corner. Virtual currencies face the problem that while encryption can guarantee that this specific piece of data is a form of money belonging to this specific person, it can’t say whether that data has been copied and is also in circulation elsewhere.
In other words, it can’t say whether or not someone is trying to spend the same coin twice at the same time. The need to have a central register to check each transaction was what forced David Chaum to partner with banks. This necessitated routing all electronic transactions through credit card companies, and reintroduced the Cypherpunks’ worst enemies: loss of privacy and the need to trust some hierarchical organisation, a government, bank or corporation, with the authority to verify and, if necessary, roll back transactions.
The solution to the double-spending problem appeared quite suddenly in October 2008, with a link appearing on the Cryptography Mailing List to a paper entitled “Bitcoin: A Peer-to-Peer Electronic Cash System”. Citing several forerunners in the field, the author of the paper, the previously unknown Satoshi Nakamoto, proposed one innovation that solved the double-spending problem while preserving anonymity and preventing the need for trusting third parties. This was called the “blockchain”: a distributed ledger, or record of transactions, which would be maintained by everyone participating in the system.
It’s called the blockchain because groups of transactions are gathered together into “blocks” as they occur, and as each block is turned out it is added to the “chain” of all transactions. That’s it. It’s simply a list of things that happened.
If everyone can see every transaction, then there is no need to hand over control to banks or governments, and if everyone follows the encryption practices of the Cypherpunks, there is no way to know who is spending the money.
Of course, if everyone has a copy of this ledger, we need to know it hasn’t been forged or tampered with in any way. So in order to extend the blockchain, in other words to write in the ledger, a certain amount of computational “work” has to be done: the computer doing the writing has to solve a particularly complex mathematical problem. The fact that it’s relatively easy for everyone else’s computers to check if this problem really has been solved makes it very difficult – in fact, practically impossible – for anyone to create a fake version of the ledger.
In a particularly clever twist, participants are incentivised to help maintain the ledger by receiving a small amount of bitcoins when they do solve the mathematical problem. This is where the notional value of Bitcoin comes from: someone has to put in an amount of time and energy to produce it, which is why this process is known as “mining”. Over time, more and more coins are produced, to an eventual total of 21 million some time in or around 2140.
The crypto-economy is currently valued in excess of a hundred billion dollars, with tens of thousands of different types of digital currency and tokens in existence, all of which are derived from Satoshi Nakamoto’s original white paper. News headlines fixate on the volatility of the market – in May this year, Bitcoin more than doubled in price before falling precipitously once more – and the notion that the currency is exclusively used for illicit and clandestine activities on the “dark web”.
However, these stories distract us from the reality of the adoption of blockchain technologies. A Deloitte report this year stated that 86 per cent of global business leaders anticipate blockchain technology achieving mainstream adoption in the near future. Governments such as Dubai’s are talking about moving all official documents to blockchain platforms to increase bureaucratic efficiency, while Facebook has launched its own blockchain-based digital currency, Libra, the value of which is tied to a number of national currencies in order to protect against fluctuations in value. All this is a far cry from the crypto-anarchist roots of the technology.
The technology is also being applied across a vast array of different industries, from purchase ledgers in commercial supply chains to anonymous payments for sex work. Accompanying this is a huge environmental cost, as the processing power required to “mine” Bitcoins, mostly powered by cheap Chinese coal, approaches a total power consumption equivalent to a small country.
Why did Bitcoin succeed where previous cryptocurrencies had failed? Satoshi’s paper had the good fortune to appear at a particular time. Encoded into the very first block on the Bitcoin chain is a time stamp, the kind of time stamp more familiar from ransom demands: a proof of life. The phrase embedded forever into the beginning of the blockchain is “The Times 03/Jan/2009 Chancellor on brink of second bailout for banks”, a reference to the front page headline of the Times newspaper on that date. On one level, it’s a simple proof that no valid coins were mined before that date. On another, it’s an ironic comment on the state of the standard economic system that Bitcoin set out to replace. It is also, for those fascinated by such things, one of the earliest clues to the identity of Satoshi Nakamoto.
Satoshi Nakamoto appeared in the world, as far as anyone is aware, with the publication of the Bitcoin white paper. There is no trace of the name before that date, and after a few months of interacting with other developers on the project, Satoshi Nakamoto disappeared just as abruptly from public view at the end of 2010.
With the exception of a couple of private emails (indicating that the developer had “moved on to other things”), and a forum post disavowing an attempt to “out” the individual in 2014, Satoshi Nakamoto has not been heard from since.
Perhaps instead, more accurately, we might say that the entity referring to itself as Satoshi Nakamoto has not been heard from since. For in the Bitcoin white paper, Satoshi outlines the privacy model of the system. In the traditional banking model, the flow of money through an exchange is anonymised by the third party administering the transactions; they hide what they know from everyone else. However, on the blockchain, where all transactions are public, the anonymity happens between the identity and the transaction; everyone can see the money moving, but nobody knows whose money it is.
A necessary part of software development is the use of the technology in real-life situations for the purposes of testing. This is often done by the developers themselves in a process known as “eating your own dog food”. While the developers of Bitcoin could test mining and transacting coins between them, the real “product” of Bitcoin was a decentralised, deniable identity. Satoshi Nakamoto is an exercise in dog-fooding.
When Satoshi Nakamoto disappeared into the ether, the developers left on the blockchain, unspent, the piles of bitcoins they’d personally mined in the early days of the project – over a million of them, valued at $4bn in late 2018. These bitcoins are still there, and only someone who holds Satoshi’s private keys can access them.
Today, Satoshi “exists” only to the extent someone can prove to be that individual – the only proof of which is possession of those private keys. There is no “real” Satoshi. There is only a set of assets and a key. “Satoshi Nakamoto” is creator, product and proof of Bitcoin, all wrapped up in one – a $4bn pledge that the system works. Once again, the creation of money is the creation of a myth.
“The White Paper” by Satoshi Nakamoto, with an introduction by James Bridle, is published by Ignota Books