Cypherpunk

A cypherpunk is someone advocating widespread use of strong cryptography as a route to social and political change, as in this quote from the Cypherpunk Manifesto:

Many cypherpunks are technically quite sophisticated; they do understand ciphers and are capable of writing software. However, the "punk" part of the name indicates an attitude:

Cypherpunks are fundamentally opposed to government policies attempting to control the usage or export of cryptography. See politics of cryptography for discussion. The same Manifesto has:

Some cypherpunks make an analogy with gun laws. Widespread use of strong cryptography is desirable for exactly the same reason that an armed citizenry is; it limits the power of a repressive government.

Many cypherpunks were quite active in the intense political and legal controversies around cryptography of the 90s, and most have remained active into the 21st century. Steven Levy's Crypto: How the Code rebels Beat the Government &mdash; Saving Privacy in the Digital Age covers the "crypto wars" of the 90s in detail. "Code Rebels" in the title is almost synonymous with "cypherpunks".

The term "cypherpunk" is mildly ambiguous. In most contexts in means anyone advocating social change via cryptography. However, it can also be used to mean a participant in the cypherpunk mailing list described below. The two meanings obviously overlap, but they are by no means synonymous.

Documents exemplifying cypherpunk ideas include the Crypto Anarchist Manifesto, Cypherpunk Manifesto , and the Declaration of the Independence of Cyberspace.

Cypherpunk projects
Cypherpunks are by no means just a bunch of people chatting about ideas. "Cypherpunks write code" ; the notion that good ideas need to be implemented, not just discussed, is very much part of the culture.

John Gilmore, whose site hosted the original cypherpunks mailing list, wrote:

Cypherpunks have built and deployed quite a bit of code. Anonymous remailers such as the Mixmaster Remailer were almost entirely a cypherpunk development. Among the other projects they have been involved in were PGP for email privacy, FreeS/WAN for opportunistic encryption of the whole net, Off-the-record messaging for privacy in Internet chat, and EFF's  TOR project for anonymous web surfing.

Cypherpunk issues
The mailing list had extensive discussions of the public policy issues related to cryptography and on the politics and philosophy of concepts such as anonymity, pseudonyms, reputation, and privacy.

In at least two senses, people on the list were ahead of more-or-less everyone else. For one thing, the list was discussing questions about privacy, government monitoring, corporate control of information, and related issues in the mid-90s that did not become major topics for broader discussion until ten years or so later. For another, at least some list participants were more radical on these issues than almost anyone else.

The list had a range of viewpoints and there was probably no completely unanimous agreement on anything. The general attitude, though, definitely put personal privacy and personal liberty above all other considerations.

Of course these discussions are continuing elsewhere since the list shut down.

Privacy
A whole set of issues around privacy and the scope of self-revelation were perennial topics on the list.

Consider a young person who gets "carded" when he or she enters a bar and produces a driver's license as proof of age. The license includes things like full name and home address; these are completely irrelevant to the question of legal drinking. However, they could be useful to a lecherous member of bar staff who wants to stalk a hot young customer, or to a thief who cleans out the apartment when an accomplice in the bar tells him you look well off and are not at home. Is a government that passes a drinking age law morally obligated to create a privacy-protecting form of ID to go with it, one that only shows you can legally drink without revealing anything else about you? In the absence of that, is it ethical to acquire a bogus driver's license to protect your privacy? For most cypherpunks, the answer to both those questions is "yes, obviously".

What about a traffic cop who asks for your driver's license and vehicle registration? Should there be some restrictions on what he or she learns about you? Or a company that issues a frequent flier or other reward card, or requires registration to use its web site? Or cards for toll roads that potentially allow police or others to track your movements? Or phone company and Internet records? In general, how do we manage privacy in an electronic age?

Financial privacy
Questions of privacy in financial matters were another perennial topic.

Cash is almost anonymous; if I pay for dinner with a few bills, then the restaurant (short of doing an analysis of DNA traces on the bills) learns almost nothing about me and my menu choices are not in any record tied to my identity. However, if I pay with a credit card, the bank and the restaurant get more data. This might be used to my disadvantage, perhaps by a data-trolling marketer or a divorce lawyer wondering who my dinner companion was. Various government bodies may also use financial records &mdash; the tax department, efforts to seize gangsters' assets or deny funding to terrorists, the related effort to trace "money laundering" schemes, or some countries' controls on currency exchange.

Can we combine the anonymity of cash with the convenience of electronic payment? Technically, the answer is almost certainly yes (see digital cash), but what are the social implications? In particular, what happens to the tax system, or other government controls, if anonymous financial transactions become commonplace? The more radical cypherpunks would say those controls would be destroyed, and that would clearly be a good thing.

Anonymity and pseudonyms
The questions of anonymity, pseudonymity and reputation were also extensively discussed.

Arguably, the possibility of anonymous speech and publication is vital for an open society, an essential requirement for genuine freedom of speech &mdash; this was the position of most cypherpunks. A frequently cited example is that some of the leaders of the American Revolution published anonymously. On the other hand, the possibility of anonymity may facilitate various forms of criminal activity, notably conspiracy and libel.

On the net, one can use a pseudonym. This has some of the advantages and problems of anonymity, but adds its own complications. A pseudonym can be tied to a public key so that only an authorised person can use the nym. Several people might share a pseudonym, as for the mathematician Nicolas Bourbaki who published a number of papers but never actually existed. One person might have multiple nyms. A pseudonym can acquire a reputation &mdash; if clever things often appear under the pseudonym, then a new message using that name will be taken seriously. On the other hand, if many messages from a nym are idiotic, a new one may not even be read and will certainly not be accepted without caution.

Censorship and monitoring
Questions of censorship and government or police monitoring of various things were also much discussed. Generally, cypherpunks opposed both.

In particular, the US government's Clipper chip scheme for escrowed encryption of telephone conversations was seen as anathema by many on the list. This was an issue that provoked strong opposition and brought many new recruits to the cypherpunk ranks.

List participant Matt Blaze found a serious flaw in the scheme, helping to hasten its demise.

Cypherpunk history
Until about the 1970s, cryptography was mainly done in secret by military or spy agencies. However, in the 70s, there were two publications that brought it out of the closet, into public awareness. One was the US government publication of the Data Encryption Standard, a block cipher which became very widely used. The other was the publication by Whitfield Diffie and Martin Hellman of the first publicly available work on public key cryptography. From that time on, cryptography was openly discussed and people began to examine its political and social consequences. There are substantial issues there; cryptography can be used to protect personal privacy or government and corporate secrets, but it can also be used by criminals to hide their schemes or their profits. Should strong cryptography be widely used or strictly limited?

From the beginning, some of the speculations and some of the arguments were along lines we would now call cypherpunk. Sometime in the late 80s, these ideas coalesced into something like a movement, and Wired magazine writer Jude Milhon coined the term "cypherpunk", derived from cipher and cyberpunk. The Oxford English Dictionary added "cypherpunk" in 2006.

The cypherpunks mailing list
Through most of the 90s, cypherpunks communicated largely through the cypherpunks mailing list. There were also cypherpunk "physical meetings" and parties.

The list was set up in 1992 and shut down around 2001; its heyday was in the late 90s. At that time, it was a very active list; for several years traffic averaged about 200 messages a day, divided between personal arguments and attacks, political discussion, and technical discussion ranging over mathematics, cryptography, and computer science, with some spam thrown in. There were well over a thousand subscribers at the peak.

An obituary written when the list shut down summarised:

The original cypherpunks list, and the spin-off coderpunks, were hosted on John Gilmore's toad.com. Later there was a distributed cypherpunks list, hosted on several sites.

A coderpunks list, open by invitation only, existed for a time. Coderpunks took up more technical matters and had less discussion of public policy implications.

To some extent, the cryptography list is a successor to cypherpunks; it has many of the people and continues some of the same discussions. However, it is a moderated list, considerably less zany and somewhat more technical.

Well-known list participants
Cypherpunks list participants included many notable computer industry figures. Not all would call themselves "cypherpunks".


 * Steven Bellovin (Bell Labs researcher, later Columbia professor)
 * Matt Blaze (Bell Labs researcher, later professor at U of Pennsylvania)
 * Jon Callas (Technical lead on Open PGP specification and Chief Technical Officer of PGP Corporation)
 * Hugh Daniel (Former Sun Microsystems' employee, manager of the FreeS/WAN project)
 * John Gilmore (Sun Microsystems' fifth employee, one of the founders of the Electronic Frontier Foundation, project leader for FreeS/WAN) *
 * Mike Godwin (EFF lawyer)
 * Ian Goldberg (Assistant Professor, University of Waterloo, designer of the Off-the-record messaging protocol) *
 * Lucky Green (Author of first free software implementation of ring signatures)
 * Eric Hughes (Author of A Cypherpunk's Manifesto ) *
 * Tim May (Former chief scientist at Intel, author of A Crypto Anarchist Manifesto and the Cyphernomicom )
 * Jude Milhon (A founding member of the cypherpunks)
 * Sameer Parekh (former CEO of C2Net)
 * Len Sassaman (Current maintainer of the Mixmaster Remailer software)
 * Peter Shipley (A founding member of the cypherpunks)
 * Bruce Schneier (well-known security author) *
 * Philip Zimmermann (Creator of PGP)

* indicates someone mentioned in the acknowledgements of Stephenson's Cryptonomicon (see next section).

Cypherpunk fiction
In Neal Stephenson's novel Cryptonomicon many characters are on the "Secret Admirers" mailing list. This is fairly obviously based on the cypherpunks list, and several well-known cypherpunks are mentioned in the acknowledgements. Even the name seems to be based on the Cyphernomicon , an online cypherpunk FAQ document. Much of the plot revolves around cypherpunk ideas; the leading characters are building a data haven which will allow anonymous financial transactions, and the book is full of cryptography.

There was a pornographic cypherpunk movie called Cryptic Seduction, produced by someone using the pseudonym Randy French. It caused great amusement in cypherpunk circles, but did not make money. At one point the copyright for it was up for auction.

Jim Bell and "Assassination Politics"
Jim Bell took the general cypherpunk tendencies toward anarchism or libertaranism farther in an essay titled "Assassination Politics" :

He worked out the mechanisms for this in considerable detail, and speculated extensively on the political consequences. Naturally, the discussion on the list was intense.

Later, Bell was arrested and convicted for tax evasion, with accusations of attempts to intimidate IRS agents. Still later, another case was brought against him, alleging "stalking and intimidating local agents of the IRS, Treasury Department and BATF". Another list subscriber, Carl Johnson, was also convicted of sending threatening emails. Discussion of Bell's essay played a prominent part in all three trials.

Log in as "cypherpunk?"
Cypherpunk, cypherpunks or cpunks are sometimes used as a username and password on websites which require registration, for users who do not wish to reveal information about themselves. The account is left for later users. Many such accounts were publicly announced on the list.