Christian Grothoff
Ashoka Fellow since 2015   |   Switzerland

Christian Grothoff

GNUnet e.V.
Christian Grothoff builds a privacy-preserving and decentralised network architecture in order to (re-)claim the Internet as a secure and empowering space for the realization of human potential…
Read more

GNUnet e.V.

2001 - 2066

Building a privacy-preserving decentralized future Internet

Other Organizations and Projects

Bern University of Applied Sciences

2017 - 2080

Swiss public university with a focus on teaching and applied research

Taler Systems SA

2014 - 2075

Privacy-preserving payment system suitable for central bank digital currencies

Anastasis SARL

2020 - 2077

Privacy-preserving distributed backups of sensitive key material
This description of Christian Grothoff's work was prepared when Christian Grothoff was elected to the Ashoka Fellowship in 2015.


Christian Grothoff builds a privacy-preserving and decentralised network architecture in order to (re-)claim the Internet as a secure and empowering space for the realization of human potential everywhere.

The New Idea

As the Internet infrastructure becomes more and more critical to all aspects of life, its design determines what citizens, companies, governments can and cannot do. Yet an increasingly hierarchical Internet architecture organized in proprietary data silos and controlled at few choke points makes it trivial to violate key rights including the rights to free speech, privacy, sanctity of the home, presumption of innocence, and more, at a massive scale and with little chance of detection. Christian's GNUnet and related projects build a new architecture that guarantees all citizens the freedom to securely access information (run the network), to study all aspects of the network's operation (access the code), to distribute information (copy), as well as to deploy new applications (modify). In short, Christian aims at creating a true self organizing peer network in which everyone will have the same power to speak and create. In contrast to existing approaches that frequently appeal to policy makers, or ask users to change their behavior, Christian’s team of teams works at the fundamental layer of the Internet. Without needing to replace the physical infrastructure of the Internet, his technology allows connectivity between peers without relying upon the hierarchical and vulnerable Internet Protocol and Domain Name System, and by replacing these key building blocks with more secure, decentralized and self-organizing alternatives. In addition to building these core components, GNUnet produces freely usable code libraries and programming tools (which are already used by major other software projects) as well as a suite of applications including social networking and financial transactions. Christian is a key influencer and chief architect in a globally active movement that works across citizen organizations, academic research, business, and government. Over the last years, the vision has evolved into a full-scale effort to revisit the Internet design, with different strands of the project at early and advanced stages of diffusion and development.

The Problem

Strategically speaking, the hierarchy, exploits and vulnerabilities of the Internet lie deep in the Ethernet and TCP/IP layers, which allow for interception, identification of source and destination of all communication, as well as details about the information transmitted. TLS, the workhorse for today's "Internet security", provides security only if all of hundreds of certificate authorities operate correctly (which they usually do not), and it comes with a large set of supported cryptographic primitives, most of which are known to be insecure. Hence, in order to allow for the secure and anonymous communication central to free speech, changing user behavior is not sufficient.

This is critically important because the Internet has quickly developed into an infrastructure that is almost as essential than roads, electricity grids, or sanitation systems - and while is has the potential so help solve many social problems, it also produces conflicts of access and control, and enables massive violations of human rights. For example, human rights activists today face the reality that authorities will track their identity and communication – the majority of activists fighting for democracy in the Arab world have been neutralized using these mechanisms. Nobody owning potentially sensitive information (including one’s own identity, communication, or financial transactions) can feel in real control of data that could be used without permission. And looking (slightly) into the future, more activities (including whole professions) previously performed by humans, with mechanisms of common sense and social control limiting abuse, are now performed by machines, are effectively moving large parts of our critical infrastructures outside of human control, or into mechanisms wide open for attack and abuse. Within the next decade, smart and connected devices will permeate every aspect of life. Crucially, many of these challenges are beyond the reach of legal intervention or oversight. Increasingly, what is possible or not possible on the Internet determines what happens in reality. (Or, in the words of Lawrence Lessig: "Code is Law“.)

This vulnerability makes the Internet architecture itself a key concern - exacerbated by the fact that activities that by nature are almost immediately global are being seen very differently by local legislations, and business cultures. To rule out the possibility, and thus the widespread occurrence, of these abuses of information and violations of rights on the „surface“ of the Internet, its core technology needs to be improved.

The Strategy

GNUnet’s strategy is to give power back to citizens, which requires implementing the possibility of anonymous and safe online interactions. To this end, Christian builds secure alternatives to the most common applications and platforms but also for financial transactions, all driven by a more fundamental rethinking of the deep layer of the Internet technology. The basic technical paradigm is to eliminate hierarchies and third parties in favor of a peer-to-peer overlay network. While Christian cannot hope to replace the physical infrastructure of the Internet, he uses it to create a deeply layered and interconnected citizen based network. This completely new and safe infrastructure goes far beyond individual systems (for example digital currencies) or applications (for example tools for anonymous web access). Christian wants to put the power over the Internet back into the hands of citizens. GNUnet is part of the GNU project, the globally leading collaborative effort to create a free operating system (GNU/Linux is one well known outcome). This choice determines a set of fundamental principles for the open development and non-commercial ownership of Christian’s systems. As part of the Free Software community, he taps into, and contributes world-leading technical expertise, as well as a broad base of early adopters and other users. Over the years, his team of teams has contributed to various important related projects with millions of users, including the US-funded Tor project. He is a sought after expert and thought partner for governments as well, frequently drawn in to detect vulnerabilities, and improve anonymous communication used by law enforcement. GNUnet started in 2001, and developed quickly in depth and scope. Today, it is approaching one million lines of code with contributions from over one hundred different developers. After the initial network technologies had been developed in about 2005, Christian realized that the dominant Internet architecture (single-purpose overlay networks) would always be limited in the anonymity and censorship-resistance they can offer, and made the key decision to run many different applications over a common cryptographic „core“ protocol. GNUnet evolved into an increasingly complex, multi-purpose framework, so another key decision was made to abandon having one master process and instead split the system into many small independent components, some which are completed and already work in hundreds of applications and appliances (TVs, CCTV, etc.). While most of its users think of GNUnet as a privacy-preserving and censorship-resistant publication platform, most developers actually focus on new applications such as secure voice communication, social networking, censorship-resistant news distribution and most recently GNU Taler. Christian felt early on that financial transactions are a priority area for the improvement of secure interactions. GNU Taler is a new socially responsible electronic payment system that is taxable, anonymous, based on free software, and could trigger a fundamental change to a whole new economics. Unlike BitCoin or cash payments, GNU Taler ensures the consumer remains anonymous while the merchant is easily identified by the government, and thus promises to solve the privacy and accessibility problems of credit cards panopticon, eliminates identity theft from online purchases, simplify and reduce the costs of payment processes, and help countries tax fairly and effectively. While „Taler Inc.“ should be financially viable, the primary goal of the entire team is to get GNU Taler deployed, and the next steps include building a commercial entity to operate the interaction with the existing banking system. In order to amplify the impact of all of his work, Christian's strategy is to engage with and influence three key communities: (1) The academic community, which provides technical inspiration as well as validation of their designs via peer-review and personal discussions, as well as funding and hosting opportunities. (2) The free software community which provides expertise in developing systems software, code reviews and ethical guidance. (3) Users, which help identify weaknesses in the usability and provide valuable ideas for future directions. The success of GNUnet, thus, is not dependent on distributing it as a software product to millions of end users. Christian’s is a multi level strategy starting at the very bottom of architecture, and changing the world through code as well as collaborative insight.

The Person

Christian started programming at age 8, and successfully developed and sold language training software while still in high school. Early in his teens, he was impressed by the insights of the Club of Rome, was active in the Green party, and deepened his interest in a broad range of social and ecological challenges. Christian discovered the Free Software movement in the mid-nineties, and immediately felt drawn towards the ethical approach underlying its licensing model: granting users the four essential freedoms. As he entered deeper into digital architectures as a programming student, he learned how the Internet just barely works, and how he was able to read e-mails from others (but did not!) or trace their activity on the university network, setting him on the path towards the idea for GNUnet, and a career as a digital social entrepreneur, financed by his much overlapping day job as a leading international researcher. Christian thinks deeply about the value questions implicit in his architectures. He discusses and collaborates freely with students as well as government agencies, with activists as well as central banks. He combines world-class technological skills with the mature intellect and determination of an entrepreneurial leader who has built a globally distributed team of teams that has already made a dent on what is possible on the Internet. Today, his code is being used in visible and invisible ways by countless activists, citizens, developers, and through changing what is technologically possible changing what changemakers across the world can and will do.

Are you a Fellow? Use the Fellow Directory!

This will help you quickly discover and know how best to connect with the other Ashoka Fellows.