In 1981, David Chaum, a 26-year-old mathematician at the University of California, Berkeley, formulated a cryptographic method to defeat traffic analysis, and thus to create anonymity, not by snipping off the address field, but by hiding the letter in layers of encrypted envelopes and passing it through computers that he called ‘mixes’.
Chaum's idea was the inspiration for ‘onion routing’, most prominently implemented in the Tor Project.
A fourth privacy-preserving property of paper was missing, and that was cash. Banknotes, like letters without a sender's address, were anonymous. Using cash, a punter could walk into a liquor store or gun shop, say, and buy a product without leaving a trace. As credit-card payments became more and more common, offline and later online, transactions became alarmingly traceable. ‘The foundation is being laid for a dossier society’, wrote Chaum in 1985. Computers, the cryptographer feared, ‘could be used to infer individuals’ life-styles, habits, whereabouts, and associations from data collected in ordinary consumer transactions’. To avoid that, Chaum suggested a payment-transaction system based on ‘blind signatures’.
He went on to start a company to develop an actual digital currency, Digicash, and in 1994 made the world's first cryptographic payment.
So far, public-key cryptography had a conservative promise: it could preserve the cherished anonymity afforded by established, non-electronic social interaction, such as envelopes, signatures, anonymity and cash. The magic of large prime numbers did not just recreate these properties of human communication, it improved them, making them safer, more scalable and more efficient. But there was no reason to stop there.