Hal Finney Home Page
Hal Finney Home Page
Born May 4, 1956. BS Engineering 1979, California Institue
of Technology. Married, two children.
In 2009 I was diagnosed with ALS, a rare and serious
I was one of the original programmers on PGP version 2.0, working
directly with Philip Zimmermann, author of the program.
Until 2010, I worked for PGP Corporation.,
developing crypto library components.
Crypto Related Links
An excellent crypto link farm is operated by
Peter Gutmann of New Zealand.
Bruce Schneier's Counterpane Systems
has a good set of pointers to
online crypto papers.
When you read papers, you often find interesting references to other
papers. A good way to find those papers is by looking for the authors'
web pages. There are several lists of cryptographer's home pages.
A good one is the list by
Claude Schnorr's group, which also has links to some other lists.
In August, 1995
I submitted a challenge to the cryptographic community to try
breaking a sample web browsing session run in secure mode using
Netscape's Secure Socket Layer (SSL) protocol. Both long and short
versions of the challenge document are available.
The challenge was broken in short order.
Look for more information on the
SSL Challenge Break.
These are some essays I wrote for publication on the Cypherpunks
list back in the early to mid 1990s.
Caution, I don't necessarily hold the same views today!
Phil Zimmermann's public-key encryption program PGP has excited
tremendous interest in cryptography.
Truly Stealthy PGP
For some applications PGP may stick out like a sore thumb.
A variant known as "Stealth PGP" makes it less conspicuous, but
the "stealthiness" is less than perfect. This article analyzes
what would be necessary to make it truly stealthy.
PGP Math Library Docs
Documentation on how the math functions in PGP's math library work.
PGP Web of Trust
PGP's "web of trust" is the source of many misconceptions.
Will this model be adequate for large-scale usage on the global nets?
Chaum's Cash System
This writeup attempts to describe the mathematics behind
the basic Digital Cash system from David Chaum et al. How can
honest users of the system keep their anonymity while cheaters who
double-spend are exposed? This essay has been widely republished
on the net.
Digital Cash and Privacy
Digital cash could play an important role in protecting privacy
in a world where more and more transactions will take place
Problems with Observers
Recent digital cash proposals from David Chaum and affiliated
researchers include the notion of an "observer" chip which resides
in the digital "wallet" and makes sure that no double-spending
occurs. This essay criticizes this approach.
The Beauty of Ecash
A somewhat facetious essay about the joy of collecting electronic
cash. Admire the unique beauty of each digital banknote!
Criticism of NetCash
A group with USC/ISI has produced a digital cash proposal called
NetCash. I describe some fundamental problems with their system.
Blind Signature Patents
Digital cash is heavily patented. These are the
results of a patent search on the blind signatures which are the
foundation of digital cash algorithms.
I once operateed two anonymous remailers.
These articles discuss some technical
and social issues raised by these controversial services.
Why Remailers I
One of the first articles I wrote explaining how I became interested
in cryptography in general and remailers in particular.
What is the role of anonymous remailers in a society which uses
cryptography to protect privacy?
Why Remailers II
A more wide-ranging discussion of the roles remailers can play.
What if remailers charged per message? How much should they charge,
and how would it affect ease of use?
discussion of four different Internet payment systems
and an evaluation of their suitability for this purpose.
Remailer Abuse Prevention
How can abuse of remailers be dealt with when the abusers themselves
are anonymous to the remailer operators?
The "credential" notion of David Chaum applies
to this situation.
Plus, the existing "Magic Money" code could be easily adapted to
Not directly related to remailers,
but this is a further description of the
notion of "credentials", similar to my
suggestion above for remailer abuse prevention.
Unlike many early Cypherpunks, I never viewed cryptography as a gateway to
a libertarian society. My goals are more modest but still worthwhile,
Politics vs Technology
Will cryptographic technology by itself be enough to bring about
changes sufficient to ensure privacy?
Or will political struggle continue to be necessary?
Steganography no Solution
Steganography is the art of hiding messages in innocuous data.
Even in the face of harsh crackdowns it should still be possible to
send messages using this technology. Does that imply that
restrictions on cryptography are doomed?
Liberty and Democracy
A short note describing the fundamental reason why democracy