1 2 3 4 5 6 7 8

be difficult for anyone else to learn quickly enough to understand what you were saying.

The better known implementation of public-key cryptography, the RSA algorithm formulated in 1977 by Massachusetts Institute of Technology researchers Ronald L. Rivest, Adi Shamir, and Leonard M. Adleman, is a bit different. The idea is simple and elegant: a mathematical system generates a complementary pair of keys. One of the keys is public. This key you distribute as widely as you like, getting as many third parties such as trusted friends or organizations as you can to "sign" it to verify that it's yours. In another imperfect analogy, think of the wax seals once used to verify the security and authenticity of written letters; a person's seal had value because it was recognized as his.

The other key you keep secret. Messages encrypted with either one of those keys can only be decrypted with the other, so that anything you encrypt with your private key is authenticated as coming from you, and anything encrypted with your public key can only be read by you. Now if the sender, who we'll perversely call Nancy, encrypts her message with both her private key and the public key of the recipient (William), the message is both authenticated as coming from her and readable only by William. Nancy gets William's public key from him by email, from a mutual friend, or even from a public key server. William can do the same to check the authenticity of Nancy's key.

Because this scheme makes it possible to add security and privacy to the kind of spontaneous and promiscuous use of communications that the Internet is good at, it's considered to be one of the fundamental pieces of technology needed to enable all kinds of uses of the Net: shipping confidential patient data between general practitioners and hospitals, business documents between lawyers, bank statements, checking account balances, credit card numbers, and so on. Importantly, it also handles both of the most important functions of cryptography: authentication (the message can only have come from Nancy) and confidentiality (the message can only be read by William). Authentication is important: you want your stockbroker to be sure that order to buy or sell really comes from you and not some hoaxer; you want your business associates' electronic documents to be legally binding; and if political systems start to use electronic voting systems, you want them to be as fraud-proof as possible.

Diffie and Hellman published their proposed public-key cryptography in a paper called "New Directions in Cryptography" in November 1976; Rivest, Shamir, and Adleman followed with their version in February 1978.[4] Zimmermann, reading of these new discoveries, was inspired: he dreamed of writing an implementation for microcomputers that anyone could use. The fact that the computers available then were too weak to handle the demands of such a program was only one of several problems standing in his way. The mathematical basis of the RSA algorithm requires a lot of arithmetic with very large (three-hundred digit) numbers. Even a computer can't handle this without shortcuts. It wasn't until 1986 that Zimmermann learned enough about how these shortcuts work to write them into a program in the C programming language.[5]

Even then, nothing happened right away. Zimmermann was busy working as a software engineer specializing in cryptography. Because RSA was patented, any program he wrote couldn't be sold, so it made more sense to concentrate on making a living.

Then, in 1991 the U.S. government introduced Senate Bill 266, an anti-terrorism measure that contained a clause to prohibit communications and file security via systems without a backdoor that would "permit the government to obtain the plain text contents of voice, data, and other communications."[6] Such a rule would effectively outlaw encryption. The clause was later removed (making a brief