Published in

the grove

# RSA, PGP and digital cryptography

Cryptography probably originated with writing. If it was possible to transmit information in writing and interpretable by everyone, a way had to be devised if one wanted to “hide” a message so that it would not be understood by anyone except its recipient. War and espionage, more so than any other phenomena, have been the great commissioners of cryptography for centuries — just think back to Caesar’s cipher or Germany’s Enigma machine during the Second World War.

In the mid-’70s, there was a need for non-symmetric cryptographic systems, in which there was no single secret encryption key (something that was difficult to manage between sender and recipient). These systems are based on mathematical problems related to very large integers, easy in one direction, very difficult in the other. For example, while it is easy to multiply two prime numbers, it is hard to do so in the opposite operation, in order to go back to the two original numbers.

In 1976, two experts in the field, Whitfield Diffie and Martin Hellman, published the first non-symmetric algorithm, also known as public-key cryptography. The operation is as follows:

• Two parts, Tristan and Isolde, together identify (and “in plain text”, in the sense that there are no safety problems) two prime numbers: one larger than the other. Let’s say the number H and the number k are chosen, where H>k. This pair (H, k) is the public key.
• Each side then creates another number that will be kept secret: this is the private key. Let’s say Tristan chooses a and Isolde b.
• Tristan sends A = ka to Isolde. Isolde sends B = kb to Tristan.
• Tristan calculates Ba = kb * a, Isolde calculates Ab = ka * b. Both now have the same secret key, C = ka * b with which to encrypt their messages.

Even if any transmitted data is intercepted, the above method will make it virtually impossible for a third party to know the secret key, fundamental in the decryption of exchanged messages.

The following year, Ronald Rivest, Adi Shamir and Leonard Adleman developed another public-key algorithm, RSA, considered to this day to be one of the safest ever. [1]

This type of algorithm proved to be particularly useful in the nascent universe of the web. The procedure is mostly similar to Diffie’s and Hellman’s; if two computers, a site and a user (or other actors in the network), must communicate securely, the steps are as follows:

• Tristan uses Isolde’s public key to send what is called a session key.
• Isolde decrypts this session key with her own private key.
• Tristan and Isolde communicate through the session key.

By the mid-’90s the Internet was already growing in strength. Around that time, people started imagining that governments might use it to spy on citizens, especially through reading their emails, and this fear increased in several circles. Anti-nuclear activist Steve Zimmermann, a Physics and Mathematics graduate, assembled existing techniques and algorithms to create PGP (Pretty Good Privacy), an easy-to-use software program that allowed email encryption. As soon as the program was completed, Zimmermann would release it in open-source format. [2]

PGP uses, among other things, RSA and SHA (Secure Hash Algorithm), an algorithm capable of creating a fixed-length “fingerprint” for a message of any length.

# Towards Bitcoin

The path towards a digital currency also matured thanks to a group of cryptographers united under the cypherpunk movement (the aforementioned MagicMoney hackers). Founded by Timothy C. May (May, 1992), the work of these hacktivists further enhanced privacy as an essential right of the individual. [3] Zimmermann and Back also belonged to this group.

In 1998, computer engineer Wei Dai posted a protocol hypothesis for the creation and management of a “medium of exchange” or a currency called “b-money” in a cypherpunks mailing list. According to this protocol, [4] anyone who sent and received money would use a digital pseudonym, with every transaction encrypted. Furthermore, anyone could create new money by solving a computational problem (Dai, 1998). The ideas presented in this proposal would return a decade later, incorporated in the first Bitcoin whitepaper.

During the same period, there was another proposal for a digital currency, this time by computer scientist Nick Szabo. He called his hypothetical currency “bit gold” (Szabo, Bit gold, 2005), a term derived from his reflections on how to transform bits into something of value like gold. For Szabo, a digital currency had to be a scarce commodity (like gold); to create a unit one had to solve a mathematical problem that was computationally expensive for a computer. The resolution of this problem, a temporally-marked bit string, represented proof of the work done (the proof of work already encountered) and was sent for verification to all the nodes of the network. If validated, it was the starting point for the next problem to be solved. More importantly, this evidence (which also served as a certificate of ownership) was kept in a distributed register.

In 2004 a similar proposal was launched by another computer scientist — the aforementioned Hal Finney. In his vision, a client could create a token (a coin unit) by solving an RPOW (Reusable Proof of Work) and sending the signed string with a private key to a central server that would then store it. A token could be ceded to another user, by means of a public key to complete the transaction. The system that Finney had in mind was centralized, but — to quote him, “with an exceptional degree of physical security combined with an unprecedented level of transparency and visibility in the functioning of RPOW server (Finney, 2004).”

The next development would come in 2009. It was called Bitcoin: the first cryptocurrency to be born, and with it, blockchain technology.

[1] This algorithm and others of this type were considered subject to severe restrictions by the United States government. For example, its sale abroad was prohibited.

[2] Zimmermann was investigated and then acquitted by the US government for the reasons set out in the previous note.

[2] From1993's A Cypherpunk’s Manifesto: “Privacy is the power to selectively reveal oneself to the world.” (PetriB, 2018)

[4] There were actually two protocols hypothesized, the first of which, according to the author himself, was not feasible since it was based on an unrealistic (synchronous and non-hackable) communication channel.

References

Dai, W. (1998). bmoney. Retrieved 03 19, 2018, from weidai.com: http://www.weidai.com/bmoney.txt

Finney, H. (2004). RPOW Security. Retrieved 03 20, 2018, from Satoshi Nakamoto Institute: http://nakamotoinstitute.org/finney/rpow/security.html

Giovannini, D. (2011). Introduzione alla crittografia. Diffie-Hellman e RSA. Retrieved 03 16, 2018, from unitn.it: http://www.science.unitn.it/~sala/events2011/LEZ1_DH-RSA.pdf

May, T. C. (1992, 11 26). The Crypto Anarchist Manifesto. Retrieved 03 19, 2018, from activism.net: https://www.activism.net/cypherpunk/crypto-anarchy.html

PetriB. (2018, 01 26). The untold history of Bitcoin: Enter the Cypherpunks. Retrieved 03 18, 2018, from The Startup: https://medium.com/swlh/the-untold-history-of-bitcoin-enter-the-cypherpunks-f764dee962a1

Rosa, C. A. (2009). Sicurezza di rete. In C. A. Rosa, Sistemi di cifratura. Storia, principi, algoritmi e tecniche di crittografia. (pp. 314–319). Santarcangelo di Romagna : Maggioli Editore.

Satoshi Nakamoto Institute. (2004). RPOW — Reusable Proofs of Work. Retrieved 03 20, 2018, from Satoshi Nakamoto Institute: http://nakamotoinstitute.org/finney/rpow/

Szabo, N. (2005). Bit gold. Retrieved 03 19, 2018, from unenumerated.blogspot.i: http://unenumerated.blogspot.it/2005/12/bit-gold.html

--

--

## More from the grove

powered by Mangrovia, a software tech firm providing development services for blockchain-based solutions. Our mission is to demystify the various themes surrounding blockchain technology, educating the public at large on real-world use cases.

## Get the Medium app

Computer engineer, tech-humanist hybrid. Interested in blockchain technologies and AI.