Hal Finney Home Page

Hal Finney Home Page

Bio

Born May 4, 1956. BS Engineering 1979, California Institue of Technology. Married, two children.

In 2009 I was diagnosed with ALS, a rare and serious neurological disease.



PGP

I was one of the original programmers on PGP version 2.0, working directly with Philip Zimmermann, author of the program.

Until 2010, I worked for PGP Corporation., developing crypto library components.

Crypto Related Links

An excellent crypto link farm is operated by Peter Gutmann of New Zealand.

Bruce Schneier's Counterpane Systems has a good set of pointers to online crypto papers.

When you read papers, you often find interesting references to other papers. A good way to find those papers is by looking for the authors' web pages. There are several lists of cryptographer's home pages. A good one is the list by Claude Schnorr's group, which also has links to some other lists.

SSL Challenge

In August, 1995 I submitted a challenge to the cryptographic community to try breaking a sample web browsing session run in secure mode using Netscape's Secure Socket Layer (SSL) protocol. Both long and short versions of the challenge document are available. The challenge was broken in short order. Look for more information on the SSL Challenge Break.

Old Essays

These are some essays I wrote for publication on the Cypherpunks list back in the early to mid 1990s. Caution, I don't necessarily hold the same views today!

PGP

Phil Zimmermann's public-key encryption program PGP has excited tremendous interest in cryptography.
Truly Stealthy PGP
For some applications PGP may stick out like a sore thumb. A variant known as "Stealth PGP" makes it less conspicuous, but the "stealthiness" is less than perfect. This article analyzes what would be necessary to make it truly stealthy.
PGP Math Library Docs
Documentation on how the math functions in PGP's math library work.
PGP Web of Trust
PGP's "web of trust" is the source of many misconceptions. Will this model be adequate for large-scale usage on the global nets?

Digital Cash

Chaum's Cash System
This writeup attempts to describe the mathematics behind the basic Digital Cash system from David Chaum et al. How can honest users of the system keep their anonymity while cheaters who double-spend are exposed? This essay has been widely republished on the net.
Digital Cash and Privacy
Digital cash could play an important role in protecting privacy in a world where more and more transactions will take place electronically.
Problems with Observers
Recent digital cash proposals from David Chaum and affiliated researchers include the notion of an "observer" chip which resides in the digital "wallet" and makes sure that no double-spending occurs. This essay criticizes this approach.
The Beauty of Ecash
A somewhat facetious essay about the joy of collecting electronic cash. Admire the unique beauty of each digital banknote!
Criticism of NetCash
A group with USC/ISI has produced a digital cash proposal called NetCash. I describe some fundamental problems with their system.
Blind Signature Patents
Digital cash is heavily patented. These are the results of a patent search on the blind signatures which are the foundation of digital cash algorithms.

Anonymous Remailers

I once operateed two anonymous remailers. These articles discuss some technical and social issues raised by these controversial services.

Why Remailers I
One of the first articles I wrote explaining how I became interested in cryptography in general and remailers in particular. What is the role of anonymous remailers in a society which uses cryptography to protect privacy?
Why Remailers II
A more wide-ranging discussion of the roles remailers can play.
For-Pay Remailers
What if remailers charged per message? How much should they charge, and how would it affect ease of use? Includes a discussion of four different Internet payment systems and an evaluation of their suitability for this purpose.
Remailer Abuse Prevention
How can abuse of remailers be dealt with when the abusers themselves are anonymous to the remailer operators? The "credential" notion of David Chaum applies to this situation. Plus, the existing "Magic Money" code could be easily adapted to this purpose.
Is-A-Person Credentials
Not directly related to remailers, but this is a further description of the notion of "credentials", similar to my suggestion above for remailer abuse prevention.

Politics

Unlike many early Cypherpunks, I never viewed cryptography as a gateway to a libertarian society. My goals are more modest but still worthwhile, I hope.
Politics vs Technology
Will cryptographic technology by itself be enough to bring about changes sufficient to ensure privacy? Or will political struggle continue to be necessary?
Steganography no Solution
Steganography is the art of hiding messages in innocuous data. Even in the face of harsh crackdowns it should still be possible to send messages using this technology. Does that imply that restrictions on cryptography are doomed?
Liberty and Democracy
A short note describing the fundamental reason why democracy makes sense.