Implementing a CryptoParty Oneself

There’s an important rule in the cryptography world: you should never implement it yourself. So much can go wrong in the implementation of a crypto-system that you’d better leave it up to experts. Funny, then, that exactly the opposite rule applies to planning CryptoParties.

Saturday I hosted the first CryptoParty SF at Mozilla’s San Francisco headquarters, where for a few hours a few dozen people got together and participated in lectures, discussions, and workshops about privacy, security, and cryptography. It was fun, and I think people enjoyed it, but there are a lot of things I plan to improve the next time around. Here are some of my thoughts about the event:

  • We had a limit on the size of the gathering because of the venue โ€” 100 people โ€” and we were able to hit that many registrations without much promotion at all. But in retrospect I realize that we needed to focus on not just hitting a certain number of participants, but also making sure the right people find out about it. In fact, it’s not much of a surprise that the people who find out about an event like CryptoParty without you doing outreach are crypto nerds. It’s great that they want to attend, but it would’ve been nice to get more people who were curious and not yet experts.
  • Building on that point: there’s a risk of making too onerous a registration process, but it would have been very nice to get an impression of how much background participants had in cryptography. Primarily to give that information to the speakers, who could have shaped their talks better. Unfortunately, several of the speakers expressed concern to me during and after Saturday’s event that the talk they prepared was too basic for the audience. I actually think every talk went smoothly, but it’s unfair to put the speakers in that position.
  • There’s no substitute for planning and preparing. Yes, this is a general event tip, but it applies here. I did a pretty poor job of lining things up in advance, and I was very lucky that things went as smoothly as they did. In large part, that smoothness was due to really talented and generous speakers who were willing to be flexible and work with me on short notice. But no matter how hard you work in the few days leading up to an event, you can’t beat talking with presenters well in advance and doing real event promotion for a few weeks or months.
  • That said, everybody in the room wanted the event to succeed. That’s a lifesaver. I really owe great thanks to not only the presenters but really the attendees, who were all on board and excited. It’s easy to get worried about an adversarial crowd โ€” fortunately that wasn’t what I was facing.

Had CryptoParty SF failed it would have been my fault, but that it was (more-or-less) successful really falls on many others. Thanks to Tom Lowenthal at Mozilla who helped with organization, motivation, and providing a venue; to my colleague Micah Lee who built the registration site and provided all kinds of support; to all of the fantastic speakers (aestetix, Marcia Hofmann, Morgan Marquis-Boire, Eva Galperin, Lee from the Guardian Project, Seth Schoen, starchy, and Quinn Norton) who gave such great presentations; to Asher Wolf for hatching a pretty wonderful idea for an event series; and of course to all the people who came out to participate in this crazy experiment.

I’m already buzzing on a follow-up event, which I think will take place in January. More details, as they say, to come.