Editing Cypherpunk (section)

== Activities ==

As the ''Manifesto'' says, "Cypherpunks write code";<ref name="cypherpunk"/> the notion that good ideas need to be implemented, not just discussed, is very much part of the culture of the [[mailing list]]. [[John Gilmore (activist)|John Gilmore]], whose site hosted the original cypherpunks mailing list, wrote: "We are literally in a race between our ability to build and deploy technology, and their ability to build and deploy laws and treaties. Neither side is likely to back down or wise up until it has definitively lost the race."<ref>{{Cite web|title=Cryptography Export Restrictions|url=https://www.freeswan.org/freeswan_trees/freeswan-1.5/doc/exportlaws.html|access-date=2020-12-06|website=www.freeswan.org|archive-date=2018-09-11|archive-url=https://web.archive.org/web/20180911112656/http://www.freeswan.org/freeswan_trees/freeswan-1.5/doc/exportlaws.html|url-status=live}}</ref>

=== Software projects ===

Anonymous remailers such as the [[Mixmaster anonymous remailer|Mixmaster Remailer]] were almost entirely a cypherpunk development.<ref>{{Cite web |last=Greenberg |first=Andy |title=FBI Seizes Activists' Anonymizing Server In Probe Of Pittsburgh's Bomb Threats |url=https://www.forbes.com/sites/andygreenberg/2012/04/19/fbi-seizes-activists-anonymizing-server-in-probe-of-pittsburghs-bomb-threats/ |access-date=2023-04-06 |website=Forbes |language=en |archive-date=2023-04-06 |archive-url=https://web.archive.org/web/20230406084853/https://www.forbes.com/sites/andygreenberg/2012/04/19/fbi-seizes-activists-anonymizing-server-in-probe-of-pittsburghs-bomb-threats/ |url-status=live }}</ref> Other cypherpunk-related projects include [[Pretty Good Privacy|PGP]] for email privacy,<ref>{{Cite web |last=Halfacree |first=Gareth |title=Cryptography whizz Phil Zimmermann looks back at 30 years of Pretty Good Privacy |url=https://www.theregister.com/2021/06/08/pgp_at_30/ |access-date=2023-04-06 |website=www.theregister.com |language=en |archive-date=2023-04-06 |archive-url=https://web.archive.org/web/20230406084853/https://www.theregister.com/2021/06/08/pgp_at_30/ |url-status=live }}</ref> [[FreeS/WAN]] for [[opportunistic encryption]] of the whole net, [[Off-the-record messaging]] for privacy in [[Internet chat]], and the [[Tor (network)|Tor]] project for anonymous web surfing.

=== Hardware ===
In 1998, the [[Electronic Frontier Foundation]], with assistance from the mailing list, built a $200,000 [[EFF DES cracker|machine]] that could brute-force a [[Data Encryption Standard]] key in a few days.<ref>{{citation
 | author = Electronic Frontier Foundation
 | title = Cracking DES: Secrets of Encryption Research, Wiretap Politics, and Chip Design
 | publisher = Electronic Frontier Foundation
 | url = https://archive.org/details/crackingdes00elec
 | isbn = 1-56592-520-3
 | year = 1998
 | url-access = registration
 }}</ref> The project demonstrated that DES was, without question, insecure and obsolete, in sharp contrast to the US government's recommendation of the algorithm.

=== Expert panels ===

Cypherpunks also participated, along with other experts, in several reports on cryptographic matters.

One such paper was "Minimal Key Lengths for Symmetric Ciphers to Provide Adequate Commercial Security".<ref>{{cite web
|author=Matt Blaze
|title=Minimal Key Lengths for Symmetric Ciphers to Provide Adequate Commercial Security - Schneier on Security
|author2=Whitfield Diffie
|author3=Ronald L. Rivest
|author4=Bruce Schneier
|author5=Tsutomu Shimomura
|author6=Eric Thompson
|author7=MichaelWiener
|name-list-style=amp
|year=1996
|url=http://www.schneier.com/paper-keylength.html
|website=Schneier on Security
|access-date=2010-08-15
|archive-date=2015-09-07
|archive-url=https://web.archive.org/web/20150907235308/https://www.schneier.com/paper-keylength.html
|url-status=live
}}</ref> It suggested 75 bits was the ''minimum'' key size to allow an existing cipher to be considered secure and kept in service. At the time, the [[Data Encryption Standard]] with 56-bit keys was still a US government standard, mandatory for some applications.

Other papers were critical analysis of government schemes. "The Risks of Key Recovery, Key Escrow, and Trusted Third-Party Encryption",<ref>{{citation
| title = The Risks of Key Recovery, Key Escrow, and Trusted Third-Party Encryption
| author = Hal Abelson
| author-link = Hal Abelson
| author2 = Ross Anderson
| author2-link = Ross J. Anderson
| author3 = Steven M. Bellovin
| author3-link = Steven M. Bellovin
| author4 = Josh Benaloh
| author4-link = Josh Benaloh
| author5 = Matt Blaze
| author5-link = Matt Blaze
| author6 = Whitfield Diffie
| author6-link = Whitfield Diffie
| author7 = John Gilmore
| author7-link = John Gilmore (activist)
| author8 = Peter G. Neumann
| author8-link = Peter G. Neumann
| author9 = Ronald L. Rivest
| author9-link = Ron Rivest
| author10 = Jeffrey I. Schiller
| author10-link = Jeffrey I. Schiller
| author11 = Bruce Schneier
| author11-link = Bruce Schneier
| name-list-style = amp
| year = 1998
| url = http://www.schneier.com/paper-key-escrow.html
| access-date = 2010-08-15
| archive-date = 2015-09-08
| archive-url = https://web.archive.org/web/20150908001832/https://www.schneier.com/paper-key-escrow.html
| url-status = live
}}</ref> evaluated [[escrowed encryption]] proposals. ''Comments on the Carnivore System Technical Review''.<ref>{{citation |title=Comments on the Carnivore System Technical Review |author1=Steven Bellovin |author2=Matt Blaze |author3=David Farber |author4=Peter Neumann |author5=Eugene Spafford |url=http://www.crypto.com/papers/carnivore_report_comments.html |access-date=2010-08-15 |archive-url=https://web.archive.org/web/20100618062919/http://www.crypto.com/papers/carnivore_report_comments.html |archive-date=2010-06-18 }}</ref> looked at an [[FBI]] scheme for monitoring email.

Cypherpunks provided significant input to the 1996 [[United States National Research Council|National Research Council]] report on encryption policy,
''Cryptography's Role In Securing the Information Society'' (CRISIS).<ref>{{cite book|title=Cryptography's Role In Securing the Information Society |publisher=National Research Council |editor=Kenneth W. Dam |editor-link=Kenneth W. Dam |editor2=Herbert S. Lin |editor2-link=Herbert S. Lin |year=1996 |location=Washington, D.C. |url=http://cryptome.quintessenz.at/mirror/jya/nrcindex.htm |lccn=96-68943 |isbn=0-309-05475-3 |page=688 |archive-url=https://web.archive.org/web/20110928184335/http://cryptome.quintessenz.at/mirror/jya/nrcindex.htm |archive-date=September 28, 2011 }}</ref> This report, commissioned by the U.S. Congress in 1993, was developed via extensive hearings across the nation from all interested stakeholders, by a committee of talented people. It recommended a gradual relaxation of the existing U.S. government restrictions on encryption. Like many such study reports, its conclusions were largely ignored by policy-makers. Later events such as the final rulings in the cypherpunks lawsuits forced a more complete relaxation of the unconstitutional controls on encryption software.

=== Lawsuits ===

Cypherpunks have filed a number of lawsuits, mostly suits against the US government alleging that some government action is unconstitutional.

[[Phil Karn]] sued the State Department in 1994 over cryptography export controls<ref>{{cite web
| title = The Applied Cryptography Case: Only Americans Can Type!
| url = http://www.ka9q.net/export/
| access-date = 2010-08-15
| archive-date = 2020-06-16
| archive-url = https://web.archive.org/web/20200616165957/http://www.ka9q.net/export/
| url-status = live
}}</ref> after they ruled that, while the book ''Applied Cryptography''<ref name="schneier">{{cite book
 | first = Bruce
 | last = Schneier
 | title = Applied Cryptography
 | edition = 2nd
 | year = 1996
 | publisher = John Wiley & Sons
 | isbn =0-471-11709-9}}</ref> could legally be exported, a floppy disk containing a verbatim copy of code printed in the book was legally a munition and required an export permit, which they refused to grant. Karn also appeared before both House and Senate committees looking at cryptography issues.

[[Daniel J. Bernstein]], supported by the [[Electronic Frontier Foundation|EFF]], also sued over the export restrictions, arguing that preventing publication of cryptographic source code is an unconstitutional restriction on freedom of speech. He won, effectively overturning the export law. See ''[[Bernstein v. United States]]'' for details.

[[Peter Junger]] also sued on similar grounds, and won.{{Citation needed|date=October 2022}}<ref>''Junger v. Daley'', (6th Cir. 2000).</ref>

=== Civil disobedience ===

Cypherpunks encouraged civil disobedience, in particular, [[Export of cryptography in the United States|US law on the export of cryptography]].{{Citation needed|date=October 2022}} Until 1997, cryptographic code was legally a munition and fell under ITAR, and the key length restrictions in the EAR was not removed until 2000.<ref>{{Cite web |title=Revised U.S. Encryption Export Control Regulations (1/12/00) |url=https://archive.epic.org/crypto/export_controls/regs_1_00.html |access-date=2024-09-17 |website=archive.epic.org}}</ref>

In 1995 Adam Back wrote a version of the [[RSA (algorithm)|RSA]] algorithm for [[public-key cryptography]] in three lines of [[Perl]]<ref>{{citation
| title = export-a-crypto-system sig, web page
| author = Adam Back
| url = http://www.cypherspace.org/rsa/
| access-date = 2010-08-15
| archive-date = 2021-02-24
| archive-url = https://web.archive.org/web/20210224141933/http://www.cypherspace.org/rsa///
| url-status = live
}}</ref><ref>{{citation
| title = post to cypherpunks list, RSA in six lines of Perl
| author = Adam Back
| url = http://www.cypherspace.org/rsa/org-post.html
| access-date = 2010-08-15
| archive-date = 2020-02-22
| archive-url = https://web.archive.org/web/20200222074350/http://www.cypherspace.org/rsa/org-post.html
| url-status = live
}}</ref> and suggested people use it as an email signature file:
<syntaxhighlight lang="perl">
# !/bin/perl -sp0777i<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<j]dsj
$/=unpack('H*',$_);$_=`echo 16dio\U$k"SK$/SM$n\EsN0p[lN*1
lK[d2%Sa2/d0$^Ixp"|dc`;s/\W//g;$_=pack('H*',/((..)*)$/)
</syntaxhighlight>

[[Vince Cate]] put up a web page that invited anyone to become an international arms trafficker; every time someone clicked on the form, an export-restricted item—originally [[Pretty Good Privacy|PGP]], later a copy of Back's program—would be mailed from a US server to one in Anguilla.<ref>{{citation
| url = http://online.offshore.com.ai/arms-trafficker/
| author = Vince Cate
| title = ITAR Civil Disobedience (International Arms Trafficker Training Page)
| access-date = 2010-08-15
| archive-date = 2021-03-18
| archive-url = https://web.archive.org/web/20210318035705/http://online.offshore.com.ai/arms-trafficker/
| url-status = live
}}</ref><ref>{{cite news|url=http://www.ieee-security.org/Cipher/PastIssues/1998/issue9810/issue9810.txt|first=Marie Ellen|last=Zurko|title=Crypto policy costs the US a citizen|journal=Electronic CIPHER: Newsletter of the IEEE Computer Society's TC on Security and Privacy|issue=29|date=1998-10-07|access-date=2013-10-11|archive-date=2017-01-12|archive-url=https://web.archive.org/web/20170112203700/https://www.ieee-security.org/Cipher/PastIssues/1998/issue9810/issue9810.txt|url-status=live}}</ref><ref>{{cite news|url=http://tbtf.com/archive/1996-05-05.html#i-a-traf|archive-url=https://web.archive.org/web/19970116044849/http://www.tbtf.com/archive/05-05-96.html#i-a-traf |first=Keith|last=Dawson|title=Become an international arms trafficker in one click|work=[[Tasty Bits from the Technology Front]]|date=1996-05-05|access-date=2013-10-11|archive-date=1997-01-16}}</ref>

=== Cypherpunk fiction ===
In [[Neal Stephenson]]'s novel ''[[Cryptonomicon]]'' many characters are on the "Secret Admirers" mailing list. This is fairly obviously based on the cypherpunks list, and several well-known cypherpunks are mentioned in the acknowledgements. Much of the plot revolves around cypherpunk ideas; the leading characters are building a data haven which will allow anonymous financial transactions, and the book is full of cryptography. But, according to the author<ref>{{citation|author=Neal Stephenson |title=Cryptonomicon cypher-FAQ |url=http://web.mac.com/nealstephenson/Neal_Stephensons_Site/cypherFAQ.html |archive-url=https://web.archive.org/web/20100528150638/http://web.mac.com/nealstephenson/Neal_Stephensons_Site/cypherFAQ.html |archive-date=May 28, 2010 }}</ref> the book's title is—in spite of its similarity—not based on the Cyphernomicon,<ref name=cnomicon /> an online cypherpunk FAQ document.

=== Legacy ===
Cypherpunk achievements would later also be used on the Canadian e-wallet, the [[MintChip]], and the creation of [[bitcoin]]. It was an inspiration for [[CryptoParty]] decades later to such an extent that ''[[A Cypherpunk's Manifesto]]'' is quoted at the header of its Wiki,<ref>{{Cite web|url=https://cryptoparty.org/wiki/CryptoParty|archive-url=https://web.archive.org/web/20120912144522/https://cryptoparty.org/wiki/CryptoParty|title=cryptoparty.org - cryptoparty Resources and Information.|archive-date=12 September 2012|website=Cryptoparty.org|access-date=5 September 2020}}</ref> and Eric Hughes delivered the keynote address at the Amsterdam CryptoParty on 27 August 2012.