Ri:ven

Riiven Threads

RSA Cryptography

Math They Tried to Ban

5 Fields Converge

Every time you log into your bank, a number with 617 digits sits between your password and the world. Multiplying two huge primes to get that number is easy. Working backward, finding the primes from their product, would take longer than the universe has existed. That asymmetry is the whole game. It rests on five things: a 200-year-old math fact about modular arithmetic, a 1949 paper on the entropy of secrets, a 1976 conceptual move that cryptographers had argued was impossible, a 1996 court ruling that made the math legal to ship abroad, and a 1978 academic paper that got mailed before the lawyers could stop it. The padlock is a treaty.

When the fields matured

Each field had to produce a specific result before RSA Cryptography could exist as you know it. This is when they did.

Red dashed line: Rivest, Shamir, Adleman publish the RSA paper in Communications of the ACM, 1978. Each dot marks when a field matured to produce what RSA Cryptography required. Hover or tap a dot for detail.

If any of these had failed

What you would lose, field by field. The story of RSA Cryptography is also the story of every near-miss it depended on.

Number Theory CRITICAL

Without the factoring asymmetry, factoring a 2048-bit RSA key would take roughly 10^15 CPU-years, more than 70,000 times the age of the universe

Information Theory of Secrecy CRITICAL

Without entropy bounds, modern key sizes (2048-bit RSA, 256-bit AES) are educated folklore

Public-Key Cryptography CRITICAL

Without public-key cryptography, 1 billion users would need ~500 quadrillion pre-shared keys, more than the seconds since the Big Bang

Open Academic Publication CRITICAL

Without open publication, the RSA paper has zero citations and zero downstream standards; today it has more than 30,000 citations and underpins TLS, SSH, and OpenPGP

Crypto Wars & Export Policy CRITICAL

Without the legal turn, 36% of HTTPS sites in 2015 could still be downgraded to 1990s export-grade crypto and broken in hours

Pull any thread. The story unravels the same way.

Sorted by maturation year, from the oldest foundation to the newest refinement.

01

Number Theory

math matured 1801 · Carl Friedrich Gauss, Leonhard Euler, Pierre de Fermat

Multiplying two big primes is easy. Reversing the multiplication is the wall RSA leans against.

Pick two enormous primes. Multiply them. A computer does it in microseconds. Hand the product to anyone in the world and ask them to find the original primes. Even with every computer on Earth running for centuries, they cannot. That asymmetry is 200 years old, formalized by Gauss in 1801, and it is the actual lock the padlock relies on.

Go deeper · technical detail

RSA encrypts and decrypts using modular exponentiation: m^(ed) ≡ m (mod n) holds whenever ed ≡ 1 (mod φ(n)). Gauss's Disquisitiones Arithmeticae (1801) formalized modular arithmetic and congruences; Euler's 1763 totient theorem proves the identity. The security rests on a 200-year-old empirical fact: multiplying two large primes is easy, recovering them from the product is exponentially harder.

Without this field

Without the multiplication-vs-factoring asymmetry, no public-key system based on integer arithmetic is possible. The General Number Field Sieve, the best classical factoring algorithm, requires sub-exponential time L_n[1/3, ~1.92]; for a 2048-bit RSA modulus, that is on the order of 10^15 CPU-years.

Without the factoring asymmetry, factoring a 2048-bit RSA key would take roughly 10^15 CPU-years, more than 70,000 times the age of the universe

Source: Disquisitiones Arithmeticae (1801) · tier1
02

Information Theory of Secrecy

information theory matured 1949 · Claude Shannon

Before 1949, cryptography was a craft. Shannon turned it into a science with one paper.

Shannon proved when a code is unbreakable, how much randomness a key must carry, and which kinds of cleverness in cipher design buy real security versus the appearance of it. RSA's 2048-bit modulus is dimensioned against his 1949 entropy bound, not guessed. Without that vocabulary, no one could even ask whether a ciphertext leaks information.

Go deeper · technical detail

Shannon's 1949 paper Communication Theory of Secrecy Systems gave cryptography its first mathematical foundation. It defined perfect secrecy, key entropy, and unicity distance, and proved that perfect secrecy requires the key to carry at least as much entropy as the message. Every modern cipher's key-length argument descends from this bound, including RSA's choice of 2048 bits as a practical floor against the known factoring complexity curve.

Without this field

Pre-Shannon, cryptography was empirical: a cipher was secure until someone broke it. Without his entropy framework, RSA's 2048-bit keys and AES's 256-bit keys would be arbitrary numbers, with no formal argument about how much randomness a key needs to carry.

Without entropy bounds, modern key sizes (2048-bit RSA, 256-bit AES) are educated folklore

Source: Communication Theory of Secrecy Systems (1949) · tier1
03

Public-Key Cryptography

computer science matured 1976 · Whitfield Diffie, Martin Hellman, Ralph Merkle, Ronald Rivest, Adi Shamir, Leonard Adleman

Two strangers can agree on a secret out loud. Until 1976, every cryptographer said this was impossible.

Diffie and Hellman, in 1976, showed that two people who have never met can shout numbers at each other in public and end up sharing a secret nobody listening can compute. Rivest, Shamir, and Adleman gave it a working implementation two years later. Without the conceptual move, every pair of strangers on the internet would have to meet first to swap keys.

Go deeper · technical detail

Diffie & Hellman's 1976 paper New Directions in Cryptography proposed that two parties could establish a shared secret over a public channel without prior key exchange, a possibility many cryptographers had argued was logically impossible. RSA (1978) provided the first concrete trapdoor instantiation: a function easy to compute forward and infeasible to invert without a secret factor of n.

Without this field

With only symmetric cryptography, every pair of communicating parties needs a pre-shared key delivered out of band by trusted courier. For n parties to communicate pairwise, n(n-1)/2 keys must be exchanged in advance. Internet commerce among a billion strangers becomes a logistical impossibility.

Without public-key cryptography, 1 billion users would need ~500 quadrillion pre-shared keys, more than the seconds since the Big Bang

Source: New Directions in Cryptography (1976) · tier1
04

Open Academic Publication

history matured 1978 · Ronald Rivest, Adi Shamir, Leonard Adleman, Clifford Cocks

RSA was almost classified. The paper got mailed before the agency could intervene.

Rivest, Shamir, and Adleman published their algorithm in Communications of the ACM in February 1978, after circulating it as MIT Technical Memo 82 the prior year. Once the paper was out, no agency could pull it back. The NSA had argued for prepublication review of cryptography. The authors mailed it before the lawyers arrived. Peer validation followed, then standardization, then your bank login.

Go deeper · technical detail

Open publishing norms produced peer validation, then standardization (PKCS #1, X.509, TLS), then a public-key infrastructure. Clifford Cocks at GCHQ had invented the same algorithm in 1973, but British classification kept it secret until 1997. The episode hardened academic resistance to prepublication review of cryptography and shaped decades of research culture.

Without this field

Without open publication norms, the algorithm stays a private MIT memo, much as Cocks's 1973 GCHQ parallel discovery did until its 1997 declassification. No peer validation, no standardization, no public-key cryptography as a public field. The decades of follow-on work on padding schemes, key sizes, and side-channel resistance never aggregate into the body of knowledge that secures consumer protocols.

Without open publication, the RSA paper has zero citations and zero downstream standards; today it has more than 30,000 citations and underpins TLS, SSH, and OpenPGP

Source: A Method for Obtaining Digital Signatures and Public-Key Cryptosystems (1978) · tier1
05

Crypto Wars & Export Policy

policy matured 1996 · Daniel J. Bernstein, Cindy Cohn, Phil Karn

Until 1996, U.S. law treated strong encryption as a weapon. RSA shipped abroad was a munitions violation.

Through the 1990s, exporting software with keys longer than 40 bits was illegal. Forty bits was weak enough for a graduate student to break in an afternoon. Bernstein v. United States, decided in 1996, ruled that source code is protected speech, breaking the legal foundation of the export rules. The math had been ready since 1978. The law had to catch up before RSA at modern strength was allowed to leave the country.

Go deeper · technical detail

Until the late 1990s, U.S. law classified strong cryptography as a munition under ITAR; software using keys longer than 40 bits could not legally be exported. The Bernstein v. United States ruling (Northern District of California, 1996; affirmed Ninth Circuit, 1999) found that source code is protected speech, and successive court and administrative decisions liberalized export controls by 2000.

Without this field

1990s 'export-grade' SSL used 40-bit RC4, which could be brute-forced in roughly three hours on commodity 2015 hardware. The FREAK attack (2015) showed that latent export-crypto code paths could still be triggered to downgrade modern HTTPS connections, affecting an estimated 36% of all HTTPS sites. The padlock at modern strength required winning the legal fight, not just the math.

Without the legal turn, 36% of HTTPS sites in 2015 could still be downgraded to 1990s export-grade crypto and broken in hours

Source: Bernstein v. United States Department of Justice (1996) · tier1

Watch

A visual companion to the fields above.

The Government's Fight to Make Encryption Illegal

ReasonTV

RSA looks like one elegant equation. It is actually a working agreement between five disciplines that never met. Gauss in 1801 gave the algebra. Shannon in 1949 gave the entropy bound that says how long a key has to be. Diffie and Hellman in 1976 said two strangers could share a secret out loud. The 1996 Bernstein ruling said the source code that encodes all of it is protected speech. The 1978 Communications of the ACM paper that introduced the algorithm escaped MIT before the NSA could classify it. Take any one away and your bank login does not exist. Behind the padlock in your browser, a number theorist, an information theorist, two Stanford engineers, a federal judge, and three MIT academics share a small room you cannot see.

References

  1. Disquisitiones Arithmeticae (1801) tier1

    Carl Friedrich Gauss (1801). Formalized modular arithmetic and congruences, the algebraic language every modern public-key cryptosystem still speaks.

  2. Communication Theory of Secrecy Systems (1949) tier1

    Claude Shannon, Bell System Technical Journal vol. 28 (1949). The paper that turned cryptography from craft into science; defined perfect secrecy and the entropy bound on keys.

  3. New Directions in Cryptography (1976) tier1

    Diffie & Hellman, IEEE Transactions on Information Theory vol. IT-22 (1976). The paper that proposed public-key cryptography as a category and showed key exchange over an insecure channel was possible.

  4. Bernstein v. United States Department of Justice (1996) tier1

    Northern District of California, 1996; affirmed by Ninth Circuit, 1999. Ruled that cryptographic source code is protected speech under the First Amendment, breaking the legal foundation of the export-control regime.

  5. A Method for Obtaining Digital Signatures and Public-Key Cryptosystems (1978) tier1

    Rivest, Shamir, Adleman, Communications of the ACM 21(2), 1978. The paper that introduced RSA after circulating as MIT/LCS Technical Memo 82 in 1977.

Pull a thread. Share it.

Enjoyed this?

New Thread every week. Each one pulls a technology apart and traces it back to the fields of science that made it possible.