Glenn Durfee is a second year Ph.D. student in Cryptography at Stanford University.

Going back to the time of the Romans and beyond, people have used permutations on the letters of their language in order to be able to communicate without other parties being able to read the message. In the past, this was accomplished by creating a permutation and giving a copy to the person to whom you wanted to be able to communicate with. This was usually not a problem, since you could agree on the key at the base camp before you left on your mission. Unfortunately, today's communication does not always allow face to face communication or other efficient ways for common people to know that no one else can hear what they are saying.

The lack of a secure channel over which to communicate an encryption algorithm so that only two parties know how to decrypt the messages led to the development of the private key encryption algorithms. The major breakthroughs in private key encryption came in the 1970's, first with Diffie-Hellman in 1976 at Stanford, and then the RSA system, which was developed at MIT in 1977. The El Gamal system, developed in 1985 by a Stanford graduate student, and Elliptic Curve Systems are two other public key encryption systems in use today. Public key encryption is used today for Smart Cards, signature schemes, SSL, and email communication.

The RSA system works through a mathematical algorithm in which Alice chooses two large prime numbers - p and q:

Alice then publishes e, and keeps d private. Those wanting to send a message to Alice encrypt the message using e, and then only Alice can decrypt the message using d.

One naïve approach is to use brute force to break the key, but since a key with 1024 bits would have 2¹⁰²⁴ values, this is highly inefficient.

Another attempt to break the key is to try to factor the key into e and d. RSA140 was recently broken, but most systems today use somewhere between RSA300 and RSA400. Thus if computers keep progressing at the speed that they are today, they add enough computing power to add another bit every 1 - 2 years. The Number Field Sieve is the best factoring method that is in use today to try to factor keys, and it is useless on keys of 1024 bits.

Glenn and his associates are currently working on figuring out how knowing part of the key can enable hackers to figure out the rest. They are also researching what the smallest key is that is safe from attacks. Some of the ways that attackers can figure out the least significant bits of the key is through checking how long it takes to return a request, as well as check on the power drain that requests with certain numbers cause. With this in view, some systems combat these methods with techniques such as making the return of a request always take a fixed amount of time. It appears that the most secure method of public key encryption do not have set parameters, and Glenn and his associates are finding that RSA may not be the most secure of the algorithms in current use.