Want to host a cryptoparty?
Here are some of our suggestions and ideas, based on DLINQ’s cryptoparty events:
Partner!
Identify a partner group, organization, or individuals to co-host the cryptoparty. Your partners can help you to understand the needs and goals of participants and can help with outreach and communications to participants. As much as possible, these partners should be equal partners, helping to shape the goals and plans for the cryptoparty and helping to lead the event. And, yes, these partners can be students and student groups!
Example: DLINQ partnered with the Cyber Security Student Working Group at the Middlebury Institute to host a crypto party for CSWG students (and other interested students). Throughout the planning process, CSWG leaders were able to highlight privacy concerns their student members were facing and we designed the event to address those specific concerns. During the event, CSWG leaders ran the threat modeling activities and led the breakout groups.
Establish goals / principles / foci!
Cryptoparties work best if they have specific goals and areas of focus—and if those goals and foci are tied to the needs of specific communities. As you plan your cryptoparty, you might identify a theme that guides the design of the event, or you might outline some guiding goals or principles (such as: Let’s help people regain some privacy agency in social media).
Example: DLINQ partnered with Middlebury’s Library and with undergraduate students to offer an Activists and Allies cryptoparty. This event was planned during a moment of political unrest in the United States and students expressed interest in learning about how to protect themselves during protests and political action. This focus shaped the approaches and activities we undertook in the cryptoparty.
Design!
Dedicate ample time in your planning process to the design of the cryptoparty event. How will you set the stage? What activities will take place? How will you organize people so that all feel welcome, included, and ready to participate? Who will lead parts of the event and what support will they need? DLINQ uses a Notion site to design each of our cryptoparty events. Each Notion page associated with an event outlines the flow of the event, explains how each activity will be run, and it links to related resources.
While cryptoparty activities are often shaped by the goals and partners/participants, there is one activity we consistently use across our crypto parties: Threat modeling. Threat modeling is an activity that helps each participant to examine specific privacy risks they may be facing, and how those risks might differ from others around them. With threat modeling activities, we introduce the ideas of positionality and intersectionality, and we highlight the ways in which attendees’ positionality may impact the privacy harms and impacts they face.
Example: In the Zoom Against the Machine cryptoparty, we showed participants several threat modeling personas to help them consider their own risks. Participants then answered a series of questions as they completed their own threat models.
Other cryptoparty activities suggestions:
Testing browsers with Panopticlick then installing safe browsing add-ons like Privacy Badger, HTTPS Everywhere, Ghostery, and DuckDuckGo Privacy Essentials
Cleaning up mobile device apps
Renovating social media accounts
Creating a strong password using dice
Exploring email encryption (How does email work?)
Run it!
Create a welcoming and inclusive event by sharing rules of engagement and by getting participants to talk with each other using ice breaker activities. We often use the following rules of engagement in our crypto parties (these are mostly copied from cryptoparty.in)
Be excellent to each other
No harassment will be tolerated
Permission to not know granted, ask questions courageously
Honor the vault of confidentiality
Move slowly and repair things
At some point during the event, we recommend using break out groups to engage participants more actively in the cryptoparty activities. Break out groups should focus on a particular activity and give participants hands-on experiences. As part of the breakouts, consider assigning a couple of facilitators (we sometimes call them Friends or Buddies) to be helpers and to answer questions. Think carefully about who your facilitators/buddies/friends will be–they should have knowledge and skills to be helpful but, more importantly, they should be kind, understanding, and welcoming.
Sample breakout topics: Device encryption, safer browsing, passwords and password management, encrypted communications, where is your data?, defusing the Zoom bomb, obfuscation techniques
Assess!
After your cryptoparty wraps up, evaluate how things went. It may be useful to collect survey responses from attendees and use that feedback as part of a team debrief meeting. The team debrief should include members of your partner group.
Additional suggestions
Door prizes & drawings can be helpful in drumming up excitement and interest in cryptoparty topics. As part of our cryptoparties, we have given away laptop stickers and privacy screens for device cameras. We have also done drawings for USB data blockers and faraday pouches for mobile devices.
If possible, provide refreshments for attendees, especially if the event is taking place in the evening.
Check your event space out carefully with an eye toward accessibility and inclusion. Is your space accessible? Are there gender neutral restrooms available? Is it a safe and welcoming space for BIPOC communities?
Additional information about DLINQ’s cryptoparties: https://tinyurl.com/DLINQcrypto
Additional cryptoparty suggestions can be found here: https://www.cryptoparty.in/organize/howto