be difficult for anyone else to learn quickly enough to understand what you were
The better known implementation of public-key cryptography, the RSA algorithm
formulated in 1977 by Massachusetts Institute of Technology researchers Ronald L.
Rivest, Adi Shamir, and Leonard M. Adleman, is a bit different. The idea is simple
and elegant: a mathematical system generates a complementary pair of keys. One
of the keys is public. This key you distribute as widely as you like, getting as many
third parties such as trusted friends or organizations as you can to "sign" it to verify
that it's yours. In another imperfect analogy, think of the wax seals once used to
verify the security and authenticity of written letters; a person's seal had value
because it was recognized as his.
The other key you keep secret. Messages encrypted with either one of those keys
can only be decrypted with the other, so that anything you encrypt with your private
key is authenticated as coming from you, and anything encrypted with your public
key can only be read by you. Now if the sender, who we'll perversely call Nancy,
encrypts her message with both her private key and the public key of the recipient
(William), the message is both authenticated as coming from her and readable only
by William. Nancy gets William's public key from him by email, from a mutual
friend, or even from a public key server. William can do the same to check the
authenticity of Nancy's key.
Because this scheme makes it possible to add security and privacy to the kind of
spontaneous and promiscuous use of communications that the Internet is good at,
it's considered to be one of the fundamental pieces of technology needed to enable
all kinds of uses of the Net: shipping confidential patient data between general
practitioners and hospitals, business documents between lawyers, bank
statements, checking account balances, credit card numbers, and so on.
Importantly, it also handles both of the most important functions of cryptography:
authentication (the message can only have come from Nancy) and confidentiality
(the message can only be read by William). Authentication is important: you want
your stockbroker to be sure that order to buy or sell really comes from you and not
some hoaxer; you want your business associates' electronic documents to be
legally binding; and if political systems start to use electronic voting systems, you
want them to be as fraud-proof as possible.
Diffie and Hellman published their proposed public-key cryptography in a paper
called "New Directions in Cryptography" in November 1976; Rivest, Shamir, and
Adleman followed with their version in February 1978. Zimmermann,
reading of these new discoveries, was inspired: he dreamed of writing an
implementation for microcomputers that anyone could use. The fact that the
computers available then were too weak to handle the demands of such a program
was only one of several problems standing in his way. The mathematical basis of
the RSA algorithm requires a lot of arithmetic with very large (three-hundred digit)
numbers. Even a computer can't handle this without shortcuts. It wasn't until 1986
that Zimmermann learned enough about how these shortcuts work to write them
into a program in the C programming language.
Even then, nothing happened right away. Zimmermann was busy working as a
software engineer specializing in cryptography. Because RSA was patented, any
program he wrote couldn't be sold, so it made more sense to concentrate on
making a living.
Then, in 1991 the U.S. government introduced Senate Bill 266, an anti-terrorism
measure that contained a clause to prohibit communications and file security via
systems without a backdoor that would "permit the government to obtain the plain
text contents of voice, data, and other communications." Such a rule
would effectively outlaw encryption. The clause was later removed (making a brief