How David Chaum Went From Inventing Digital Cash to Pioneering Digital Privacy

It all started in a hot tub at the University of California, Berkeley at the tail end of the 1970s—that’s where David Chaum, cryptography pioneer and eCash creator, came upon the idea for his Masters thesis, he told Decrypt on a recent call from Los Angeles.

It was a vibrant period at the university. “My officemate was Eric Schmidt, and Bill Joy was down the hall,” he says; the two went on to found, respectively, Google and Sun Microsystems, which helped shape industry perceptions of open computing.

Chaum can’t say whether it was the potent company, the hot tub surrounded by redwoods, but it led him to a Eureka moment; the “sense that this cryptography stuff was extremely powerful.”

The next forty years has seen him break through all manner of barriers to demonstrate his conviction, culminating with the creation of the quantum-resistant, privacy-preserving blockchain, xx network.

Setting cryptography free

Chaum is widely recognized as the inventor of digital cash, the forerunner of cryptocurrencies such as Bitcoin.

Researchers argue that his 1981 thesis—which had its origins in that Berkeley hot tub—proposed the first blockchain. His study, published in Communications of the ACM, has been referenced more than 6,000 times.

The following year, Chaum published two equally path-breaking papers: one that proposed a protocol for making untraceable but unforgeable digital payments, the other showing a way to send untraceable email using a technique he called “digital pseudonyms.” These papers were foundational to Chaum’s later work on voting and conducting elections partly or completely online.

“I realized that what’s fundamental to being able to do [online voting] is you have to allow people to send a message that cannot be traced back to them,” he explains. “Because otherwise, the election officials will know who gets that vote.”

His study, published in Communications of the ACM, has been referenced more than 6,000 times, and Chaum followed it up with another widely-cited paper on blind signatures for untraceable electronic payments.

In 1989, with interest in his research increasing, Chaum founded a company, DigiCash, and the following year launched eCash, the first digital currency, using his breakthrough blind-signature protocol.

Four years later, he was invited to keynote at the first World Wide Web conference in Geneva. The only other keynote was by World Wide Web inventor Tim Berners-Lee, but equally impactful was the first eCash payment, which Chaum made live on stage during his address. The digital currency was adopted by Deutsche Bank, among others.

Also while Chaum was in grad school at Berkeley, the U.S. National Security Agency became suspicious. “They were trying to stop any kind of research in cryptography,” says Chaum. Organizers of meetings of civilian cryptographers were actually threatened with imprisonment by the director of the NSA, he added. To protect the young technology, Chaum held a conference and used it to launch the International Association for Cryptologic Research, (IACR) “to set cryptography free.”

The trouble with Tor

Since then, Chaum has doubled down on privacy and security. He has continued to work on technology for more secure elections, including the ability of voters to check online whether their vote had been correctly recorded, which has been used in two municipal elections in the US. He and his collaborators also created Votexx, which allows fully secure online voting

Shocked by the surveillance operations exposed by Edward Snowden, Chaum refined the mixing technologies developed at the end of the 1970s to provide untraceable message sending, using sophisticated cryptography not only to encrypt the content of message but to hide the identity of the user by eliminating the "metadata" of who sends messages to whom, how often and from where.

Chaum is horrified by the promises of “end-to-end” message content encryption offered by companies such as Meta (formerly Facebook.) It leaves user metadata intact, which means it can still be harvested and sold, he warns.

“It's criminal. It's exploitative of the public in the worst way,” says Chaum. “Because the real value in the information is the traffic data,” and “the sender's social graph and its relation to the timing of events,” he says—it could be used to predict our behavior and to further political ends (as was the case in the Cambridge Analytica scandal).

The systems Chaum has designed are credited for providing the theoretical basis for the anonymous messaging network, Tor, which was developed by the U.S. Government in the early 2000s and remains largely funded by them. But Chaum is critical of the network, and considers it ineffective against sophisticated government operators.

Quantum resistance meets privacy in xx network

Chaum argues that the key to maximising privacy and security is being able to provide users with the speed adequate for messaging and transactions at consumer scale—something that messaging on Tor can lack.

Unlike Tor, xx messenger has much smaller teams of nodes to perform what Chaum calls “a uniform mixing” of messages and achieve the full anonymity set—in essence, making entities indistinguishable from each other.

Every half-second, a sent message goes through a new set of five nodes, with the process taking around two and a half seconds in total, he explains.

Nodes in the xx network are known in advance but chosen at random. “So they pre-compute all the heavy lifting,” Chaum explains, to get all the cryptography out of it—increasing the speed and maximizing privacy. With a scattered, Tor-like architecture, just a couple of nodes colluding can trace any message; whereas tracing a message on xx messenger requires collusion of all five of the randomly chosen nodes—something that's extremely unlikely to occur.

The network also strives to be future-proof. Messages encrypted today will be readable retroactively, when powerful quantum computers arrive. “It's not like it's science fiction anymore,” says Chaum.

But xx network promises quantum-resistant privacy to ensure its resistance to brute-force attacks for the decades to come. It also features what Chaum claims is "the only strongly quantum-resistant consensus algorithm," and has demonstrated 3,500 continuous quantum-resistant payments per second.

“The xx messenger has quantum resistance and encryption and no other messenger product does,” asserts Chaum. There are other benefits too, including the ability to find people without revealing who you’re looking for—a contact’s identity doesn’t leave your device.

Crucially, says Chaum, the technology “works as good as stuff people use every day. And yet, it doesn't have all that privacy porosity.”

Saving democracy

Chaum asserts that everyone has a right to search for information anonymously, and that privacy is especially important now that democratic processes are increasingly at risk, and ever-more-powerful AI is already used to analyze user data and manipulate our behavior.

“It's the whole game,” he says. "People need a protected sphere in which to communicate with friends and family, to develop their political identity, with certainty that what’s said will not be used against them." With the world moving ever-faster online, and aggressive actions from anti-democratic regimes on the rise, Chaum’s powerful vision of cryptography is becoming increasingly important.

In response, xx network is working on technologies to improve access to the network. “Privacy in messaging and payments, and the like, is so fundamental to democracy,” says Chaum. “It’s now time to choose, as this is the key differentiator between future civilizations.”