World Library  
Flag as Inappropriate
Email this Article


Article Id: WHEBN0000037314
Reproduction Date:

Title: Cypherpunk  
Author: World Heritage Encyclopedia
Language: English
Subject: Four Horsemen of the Infocalypse, WikiLeaks, Cyberpunk, Technolibertarianism, John Gilmore (activist)
Collection: Cypherpunks, Internet Privacy, Punk
Publisher: World Heritage Encyclopedia


A cypherpunk is any activist advocating widespread use of strong cryptography as a route to social and political change. Originally communicating through the Cypherpunks electronic mailing list, informal groups aimed to achieve privacy and security through proactive use of cryptography. Cypherpunks have been engaged in an active movement since the late 1980s.


  • History 1
    • Before the mailing list 1.1
    • Cypherpunk mailing list 1.2
      • Early discussion of online privacy 1.2.1
  • Main principles 2
    • Privacy of communications 2.1
    • Anonymity and pseudonyms 2.2
    • Censorship and monitoring 2.3
    • Hiding the act of hiding 2.4
  • Activities 3
    • Software projects 3.1
    • Hardware 3.2
    • Expert panels 3.3
    • Lawsuits 3.4
    • Civil disobedience 3.5
    • Cypherpunk fiction 3.6
    • Legacy 3.7
  • Noteworthy cypherpunks 4
  • References 5
  • Further reading 6
  • External links 7


Before the mailing list

Until about the 1970s, cryptography was mainly practiced in secret by military or spy agencies. However, that changed when two publications brought it out of the closet into public awareness: the US government publication of the Data Encryption Standard (DES), a block cipher which became very widely used; and the first publicly available work on public-key cryptography, by Whitfield Diffie and Martin Hellman.

The technical roots of Cypherpunk ideas have been traced back to work by cryptographer David Chaum on topics such as anonymous digital cash and pseudonymous reputation systems, described in his paper Security without Identification: Transaction Systems to Make Big Brother Obsolete (1985).[1]

In the late 1980s, these ideas coalesced into something like a movement.[1]

Cypherpunk mailing list

In late 1992, Eric Hughes, Timothy C. May and John Gilmore founded a small group that met monthly at Gilmore's company Cygnus Solutions in the San Francisco Bay Area, and was humorously termed cypherpunks by Jude Milhon at one of the first meetings - derived from cipher and cyberpunk.[2]

The Cypherpunks mailing list was started in 1992, and by 1994 had 700 subscribers.[2] At its peak, it was a very active forum with technical discussion ranging over mathematics, cryptography, computer science, political and philosophical discussion, personal arguments and attacks, etc., with some spam thrown in. An email from John Gilmore reports an average of 30 messages a day from December 1, 1996 to March 1, 1999, and suggests that the number was probably higher earlier.[3] The number of subscribers is estimated to have reached 2000 in the year 1997.[2]

In early 1997, Jim Choate and Igor Chudov set up the Cypherpunks Distributed Remailer,[4] a network of independent mailing list nodes intended to eliminate the

  • A Cypherpunk's Manifesto written by Eric Hughes
  • The Crypto Anarchist Manifesto written by Timothy C. May
  • Assange 'The World Tomorrow' — Cypherpunks uncut version
  • The Cyphernomicon by Timothy C. May ("Cypherpunks FAQ and More" from 1994)
  • Archives of the first eight years of the mailing list (Zipped, 83MB)
  • "Warm Party for a Code Group" - Cypherpunks 10 year anniversary (article in Wired)
  • Crypto Rebels, Wired Magazine issue 1.02 (May/Jun 1993)
  • The Crypto Project, a revitalization of the Cypherpunk movement

External links

  • Andy Greenberg: This Machine Kills Secrets: How WikiLeakers, Cypherpunks, and Hacktivists Aim to Free the World's Information. Dutton Adult 2012, ISBN 978-0525953203

Further reading

  1. ^ a b Arvind Narayanan: What Happened to the Crypto Dream?, Part 1. IEEE Security & Privacy. Volume 11, Issue 2, March–April 2013, pages 75-76, ISSN 1540-7993
  2. ^ a b c d Robert Manne: The Cypherpunk Revolutionary - Julian Assange. The Monthly March, 2011, No. 65
  3. ^ Please title this page. (Page 2)
  4. ^ Jim Choate: "Cypherpunks Distributed Remailer". Cypherpunks mailing list. February 1997.
  5. ^ "Cypherpunk Mailing List Information". 
  6. ^ Setting Up a Filtering CDR Node for Cypherpunks
  7. ^ a b Riad S. Wahby: "back on the airwaves". Cypherpunks mailing list. July 2013.
  8. ^ Riad S. Wahby: "domain change". Cypherpunks mailing list. July 2013.
  9. ^ Re: POST: The Frightening Dangers of Moderation
  10. ^ Re: Re: Add To Your Monthly Income!!
  11. ^ Cypherpunks Date Index for 1997 04
  12. ^ Re: Sandy and the Doc
  13. ^ Newgroup - distributed mailing list on the way?
  14. ^ Switching to full traffic mode
  15. ^ "cryptography". 
  16. ^ a b c d e Hughes, Eric (1993), A Cypherpunk's Manifesto 
  17. ^ a b Levy, Steven (May 1993). "Crypto Rebels". Wired. 
  18. ^ Levy, Steven (2001). Crypto: How the Code Rebels Beat the Government – Saving Privacy in the Digital Age. Penguin.  
  19. ^  
  20. ^ a b May, Timothy C. (September 10, 1994). "The Cyphernomicon: Cypherpunks FAQ and More, Version 0.666". Retrieved February 28, 2011.  as well as Hughes's
  21. ^ John Gilmore, home page 
  22. ^ Matt Blaze (1994), Protocol failure in the escrowed encryption standard 
  23. ^ """Apple takes strong privacy stance in new report, publishes rare "warrant canary. Ars Technica. 
  24. ^ Electronic Frontier Foundation (1998), Cracking DES: Secrets of Encryption Research, Wiretap Politics, and Chip Design, Electronic Frontier Foundation,  
  25. ^ Blaze, Diffie, Rivest, Schneier, Shimomura, Thompson & Wiener (1996). "Minimal Key Lengths for Symmetric Ciphers to Provide Adequate Commercial Security". 
  26. ^  
  27. ^ Steven Bellovin, Matt Blaze, David Farber, Peter Neumann & Eugene Spafford, Comments on the Carnivore System Technical Review 
  28. ^  
  29. ^ "The Applied Cryptography Case: Only Americans Can Type!". 
  30. ^ Schneier, Bruce (1996). Applied Cryptography (2 ed.). John Wiley & Sons.  
  31. ^ Gilmore v. Gonzales 
  32. ^ Adam Back, export-a-crypto-system sig, web page 
  33. ^ Adam Back, post to cypherpunks list, RSA in six lines of Perl 
  34. ^ Vince Cate, ITAR Civil Disobedience (International Arms Trafficker Training Page) 
  35. ^ Zurko, Marie Ellen (1998-10-07). "Crypto policy costs the US a citizen". Electronic CIPHER: Newsletter of the IEEE Computer Society's TC on Security and Privacy (29). Retrieved 2013-10-11. 
  36. ^ Dawson, Keith (1996-05-05). "Become an international arms trafficker in one click".  
  37. ^ Neal Stephenson, Cryptonomicon cypher-FAQ 
  38. ^
  39. ^ "Warm Party for a Code Group". Wired. September 13, 2002. 
  40. ^
  41. ^ "Officers - Open Source Club at Ohio State University". 
  42. ^ Orlowski, Andrew. "Alice, Bob and Eve too". The Register. 
  43. ^ | On the fringes of the public sphere
  44. ^ Franchesci-Bicchierai, Lorenzo (20 September 2014). "Egypt's New Internet Surveillance System Remains Shrouded in Mystery". Retrieved 23 September 2014. 
  45. ^ Evans, Jon (13 January 2013). "Nadia Heninger Is Watching You". Retrieved 23 September 2014. 
  46. ^ Hastings, Sean (2007). God Wants You Dead (1st ed.). Vera Verba.  
  47. ^ "IFCA". 
  48. ^ Allnutt, Luke (27 November 2012). "The Woman Behind CryptoParty". Retrieved 23 September 2014. 
  49. ^ "Jillian York". Electronic Frontier Foundation. 
This article incorporates material from the Citizendium article "Cypherpunk", which is licensed under the but not under the .


* indicates someone mentioned in the acknowledgements of Stephenson's Cryptonomicon.

Julian Assange, a well-known cypherpunk who advocates for the use of cryptography to ensure privacy on the Internet
John Gilmore is one of the founders of the Cypherpunks mailing list, the Electronic Frontier Foundation, and Cygnus Solutions. He created the alt.* hierarchy in Usenet and is a major contributor to the GNU Project.

Cypherpunks list participants included many notable computer industry figures. Most were list regulars, although not all would call themselves "cypherpunks".[39]

Noteworthy cypherpunks

Cypherpunk achievements would later also be used on the Canadian E-Wallet, the MintChip, and the creation of Bitcoin. It was an inspiration for CryptoParty decades later to such an extent that the Cypherpunk Manifesto is quoted (see below) at the header of its Wiki,[38] and Eric Hughes delivered the keynote address at the Amsterdam, The Netherlands CryptoParty on 27 August 2012.


In Neal Stephenson's novel Cryptonomicon many characters are on the "Secret Admirers" mailing list. This is fairly obviously based on the cypherpunks list, and several well-known cypherpunks are mentioned in the acknowledgements. Much of the plot revolves around cypherpunk ideas; the leading characters are building a data haven which will allow anonymous financial transactions, and the book is full of cryptography. But, according to the author[37] the book's title is — in spite of its similarity — not based on the Cyphernomicon,[20] an online cypherpunk FAQ document.

Cypherpunk fiction

Vince Cate put up a web page that invited anyone to become an international arms trafficker; every time someone clicked on the form, an export-restricted item — originally PGP, later a copy of Back's program — would be mailed from a US server to one in Anguilla. This gained overwhelming attention. There were options to add your name to a list of such traffickers and to send email to the President of the United States registering your protest.[34][35][36]

#!/bin/perl -sp0777i

In 1995 Adam Back wrote a version of the RSA algorithm for public-key cryptography in three lines of Perl[32][33] and suggested people use it as an email signature file:

Cypherpunks encouraged civil disobedience, in particular US law on the export of cryptography. Until 1996, cryptographic code was legally a munition, and until 2000 export required a permit.

Civil disobedience

John Gilmore has sued US Attorneys General Ashcroft and Gonzales, arguing that the requirement to present identification documents before boarding a plane is unconstitutional.[31] These suits have not been successful to date.

Peter Junger also sued on similar grounds, and won.

Daniel J. Bernstein, supported by the EFF, also sued over the export restrictions, arguing that preventing publication of cryptographic source code is an unconstitutional restriction on freedom of speech. He won, effectively overturning the export law. See Bernstein v. United States for details.

Phil Karn sued the State Department in 1994 over cryptography export controls[29] after they ruled that, while the book Applied Cryptography[30] could legally be exported, a floppy disk containing a verbatim copy of code printed in the book was legally a munition and required an export permit, which they refused to grant. Karn also appeared before both House and Senate committees looking at cryptography issues.

Cypherpunks have filed a number of lawsuits, mostly suits against the US government alleging that some government action is unconstitutional.


Cypherpunks provided significant input to the 1996 National Research Council report on encryption policy, Cryptography's Role In Securing the Information Society (CRISIS).[28] This report, commissioned by the U.S. Congress in 1993, was developed via extensive hearings across the nation from all interested stakeholders, by a committee of talented people. It recommended a gradual relaxation of the existing U.S. government restrictions on encryption. Like many such study reports, its conclusions were largely ignored by policy-makers. Later events such as the final rulings in the cypherpunks lawsuits forced a more complete relaxation of the unconstitutional controls on encryption software.

Other papers were critical analysis of government schemes. The Risks of Key Recovery, Key Escrow, and Trusted Third-Party Encryption,[26] evaluated escrowed encryption proposals. Comments on the Carnivore System Technical Review.[27] looked at an FBI scheme for monitoring email.

One such paper was Minimal Key Lengths for Symmetric Ciphers to Provide Adequate Commercial Security.[25] It suggested 75 bits was the minimum key size to allow an existing cipher to be considered secure and kept in service. At the time, the Data Encryption Standard with 56-bit keys was still a US government standard, mandatory for some applications.

Cypherpunks also participated, along with other experts, in several reports on cryptographic matters.

Expert panels

The project leader was John Gilmore, and the goal of the project was to demonstrate beyond question that DES was insecure. As many cypherpunks saw it, this was necessary because the US government had been telling deliberate lies about the security of DES for some time.

In 1998, the Electronic Frontier Foundation, with assistance from the mailing list, built a $200,000 machine that finds a Data Encryption Standard key in a few days, creating a government conspiracy; details are in Cracking DES.[24] See DES for background.


Anonymous remailers such as the Mixmaster Remailer were almost entirely a cypherpunk development. Among the other projects they have been involved in were PGP for email privacy, FreeS/WAN for opportunistic encryption of the whole net, Off-the-record messaging for privacy in Internet chat, and the Tor project for anonymous web surfing.

Software projects

John Gilmore, whose site hosted the original cypherpunks mailing list, wrote:

As the Manifesto says, "Cypherpunks write code";[16] the notion that good ideas need to be implemented, not just discussed, is very much part of the culture of the mailing list.


An important set of discussions concerns the use of cryptography in the presence of oppressive authorities. As a result, Cypherpunks have discussed and improved steganographic methods that hide the use of crypto itself, or that allow interrogators to believe that they have forcibly extracted hidden information from a subject. For instance, Rubberhose was a tool that partitioned and intermixed secret data on a drive with fake secret data, each of which accessed via a different password. Interrogators, having extracted a password, are led to believe that they have indeed unlocked the desired secrets, whereas in reality the actual data is still hidden. In other words, even its presence is hidden. Likewise, cypherpunks have also discussed under what conditions encryption may be used without being noticed by network monitoring systems installed by oppressive regimes.

Hiding the act of hiding

Steven Schear created the warrant canary to thwart the secrecy provisions of court orders and national security letters which is gaining commercial acceptance.[23]

In particular, the US government's Clipper chip scheme for escrowed encryption of telephone conversations (encryption secure against most attackers, but breakable at need by government) was seen as anathema by many on the list. This was an issue that provoked strong opposition and brought many new recruits to the cypherpunk ranks. List participant Matt Blaze found a serious flaw[22] in the scheme, helping to hasten its demise.

Questions of censorship and government or police monitoring of various things were also much discussed. Generally, cypherpunks opposed both.

Censorship and monitoring

Arguably, the possibility of anonymous speech and publication is vital for an open society, an essential requirement for genuine freedom of speech — this was the position of most cypherpunks. A frequently cited example was that the Federalist Papers were originally published under a pseudonym.

The questions of anonymity, pseudonymity and reputation were also extensively discussed.

Anonymity and pseudonyms

This was a central issue for many cypherpunks. Most were passionately opposed to various government attempts to limit cryptography — export laws, promotion of limited key length ciphers, and especially escrowed encryption.

Such guarantees require strong cryptography, so cypherpunks are fundamentally opposed to government policies attempting to control the usage or export of cryptography, which remained an issue throughout the late 1990s.

A very basic cypherpunk issue is privacy in communications and data retention. John Gilmore said:

Privacy of communications

Documents exemplifying cypherpunk ideas include Timothy C. May's The Crypto Anarchist Manifesto (1992)[19] and The Cyphernomicon (1994),[20] A Cypherpunk's Manifesto.[16]

The term cypherpunk is mildly ambiguous. In most contexts it means anyone advocating cryptography as a tool for social change, social impact and expression. However, it can also be used to mean a participant in the Cypherpunks electronic mailing list described below. The two meanings obviously overlap, but they are by no means synonymous.

Later, Levy wrote a book, Crypto: How the Code Rebels Beat the Government – Saving Privacy in the Digital Age,[18] covering the crypto wars of the 1990s in detail. "Code Rebels" in the title is almost synonymous with cypherpunks.

The three masked men on the cover of that edition of Wired were prominent cypherpunks Tim May, Eric Hughes and John Gilmore.

The first mass media discussion of cypherpunks was in a 1993 Wired article by Steven Levy titled Crypto Rebels:

Some are or were quite senior people at major hi-tech companies and others are well-known researchers (see list with affiliations below). However, the "punk" part of the name indicates an attitude:

The basic ideas are in this quote from A Cypherpunk's Manifesto (Eric Hughes, 1993):

Main principles

To some extent, the cryptography list[15] acts as a successor to cypherpunks; it has many of the people and continues some of the same discussions. However, it is a moderated list, considerably less zany and somewhat more technical. A number of current systems in use trace to the mailing list, including Pretty Good Privacy, /dev/random in the Linux kernel (the actual code has been completely reimplemented several times since then) and today's anonymous remailers. continued to run with the existing subscriber list, those that didn't unsubscribe, and was mirrored on the new distributed mailing list, but messages from the distributed list didn't appear on[14] As the list faded in popularity, so too did it fade in the number of cross-linked subscription nodes.

The original cypherpunk mailing list, and the first list spin-off, coderpunks, were originally hosted on John Gilmore's, but after a falling out with the sysop over moderation, the list was migrated to several cross-linked mail-servers in what was called the "distributed mailing list."[12][13] The coderpunks list, open by invitation only, existed for a time. Coderpunks took up more technical matters and had less discussion of public policy implications. There are several lists today that can trace their lineage directly to the original Cypherpunks list: the Cryptography list (, the Financial Cryptography list (, and a small group of closed (invitation-only) lists as well.

Those wishing to understand the context of the list might refer to the history of cryptography; in the early 1990s, the US government considered cryptography software a munition for export purposes, which hampered commercial deployment with no gain in national security, as knowledge and skill was not limited to US citizens. (PGP source code was published as a paper book to bypass these regulations and demonstrate their futility.) The US government had tried to subvert cryptography (e.g. by requiring SkipJack and key-escrow). It was also not widely known that all communications were logged by government agencies (which would later be revealed during the NSA and AT&T scandals) though this was taken as an obvious axiom by list members.

The list was discussing questions about privacy, government monitoring, corporate control of information, and related issues in the early 1990s that did not become major topics for broader discussion until ten years or so later. At least some list participants were more radical on these issues than almost anyone else.

Early discussion of online privacy

Events such as the GURPS Cyberpunk raid lent weight to the idea that private individuals needed to take steps to protect their privacy. In its heyday, the list discussed public policy issues related to cryptography, as well as more practical nuts-and-bolts mathematical, computational, technological, and cryptographic matters. The list had a range of viewpoints and there was probably no completely unanimous agreement on anything. The general attitude, though, definitely put personal privacy and personal liberty above all other considerations.

The cypherpunks mailing list had extensive discussions of the public policy issues related to cryptography and on the politics and philosophy of concepts such as anonymity, pseudonyms, reputation, and privacy. These discussions continue both on the remaining node and elsewhere as the list has become increasingly moribund.

For a time, the cypherpunks mailing list was a popular tool with mailbombers,[9] who would subscribe a victim to the mailing list in order to cause a deluge of messages to be sent to him or her. (This was usually done as a prank, in contrast to the style of terrorist referred to as a mailbomber.) This precipitated the mailing list sysop(s) to institute a reply-to-subscribe system. Approximately two hundred messages a day was typical for the mailing list, divided between personal arguments and attacks, political discussion, technical discussion, and early spam.[10][11]

[7] The CDR architecture is now defunct, though the list administrator stated in 2013 that he was exploring a way to integrate this functionality with the new mailing list software.[8]

This article was sourced from Creative Commons Attribution-ShareAlike License; additional terms may apply. World Heritage Encyclopedia content is assembled from numerous content providers, Open Access Publishing, and in compliance with The Fair Access to Science and Technology Research Act (FASTR), Wikimedia Foundation, Inc., Public Library of Science, The Encyclopedia of Life, Open Book Publishers (OBP), PubMed, U.S. National Library of Medicine, National Center for Biotechnology Information, U.S. National Library of Medicine, National Institutes of Health (NIH), U.S. Department of Health & Human Services, and, which sources content from all federal, state, local, tribal, and territorial government publication portals (.gov, .mil, .edu). Funding for and content contributors is made possible from the U.S. Congress, E-Government Act of 2002.
Crowd sourced content that is contributed to World Heritage Encyclopedia is peer reviewed and edited by our editorial staff to ensure quality scholarly research articles.
By using this site, you agree to the Terms of Use and Privacy Policy. World Heritage Encyclopedia™ is a registered trademark of the World Public Library Association, a non-profit organization.

Copyright © World Library Foundation. All rights reserved. eBooks from Project Gutenberg are sponsored by the World Library Foundation,
a 501c(4) Member's Support Non-Profit Organization, and is NOT affiliated with any governmental agency or department.