RSA is a cryptographic system named after the inventors, Rivest, Shamir, and Adleman, who conceived it in 1977. It is the technical axis around which Tetraktys revolves. In the novel, a cult of Pythagoreans appears to have broken this cryptosystem, spreading alarm within the NSA (National Security Agency)—at least among those in the Agency who believe that the cult has carried off the momentous mathematical feat.

Twenty-first century Pythagoreans are a fiction (I’m fairly sure). But RSA’s key role in securing the world’s computing infrastructure is fact. If you browse the web regularly, there’s a good chance that you rely on it every day.

Signal That the RSA Algorithm is in Use

When you visit a secured web site, and a little golden lock appears in the lower right-hand corner of your browser, the RSA algorithm is in use. It helps validate the identity of the server you’re connecting to, distinguishing your bank’s web site, for instance, from a fraudster’s. It also encrypts the connection between your PC and the bank server, protecting against interception of your communications.

RSA’s workings can seem magical, even to seasoned cryptographers. Classical encryption—the type used for centuries—requires the sender and receiver of a message to share a secret “key” beforehand—a whispered phrase, an encoder/decoder ring, a codebook, a setting for an enciphering machine. But RSA allows two people to encrypt messages for one another without sharing any secrets beforehand.

When you think about it, this arrangement may seem impossible. How can Alice send her friend Bob a message fully in the open, without relying on any pre-agreed secrets, and yet be assured that no one else can decipher it? Before cryptographic discoveries of the 1970s, this arrangement was impossible.

RSA works something like a digital postbox. Anyone can pop a letter into it, but only someone with the right key can get it out. Using RSA, your bank creates such a digital postbox on its web site. You or any other customer can pop a message into it—but only your bank can fish it out. (RSA does other magic as well, but I won’t talk about it here.)

The truly remarkable thing about RSA is its mathematical simplicity. Glossing over a number of details, its security is closely related to the problem of factoring large numbers, which is as follows. I pick two secret, prime numbers p and q. (A prime number is one that is divisible by only 1 and itself—e.g., 17—as opposed to a composite number such as 15 = 3 x5.) I show you the product N = p x q. If you can figure out p and q, you’ve factored N. This problem is easy when p and q are small. But RSA relies on prime numbers that are as many as hundreds of digits in length.

As Chief Scientist of RSA Laboratories, I often receive e-mail from people who claim to have cracked the factoring problem—and consequently broken RSA. They range from cranks to reputable scientists. Happily, the proof is in the pudding. If someone claims to be able to factor large numbers, we simply challenge the claimant with a test. Here’s one that RSA Laboratories once put out as a challenge for the research community (RSA-1024, a 1024-bit RSA modulus):

13506641086599522334960321627880596993888147560566702752448514
38515265106048595338339402871505719094417982072821644715513736
80419703964191743046496589274256239341020864383202110372958725
76235850964311056407350150818751067659462920556368552947521350
0852879416377328533906109750544334999811150056977236890927563.

If you can find the two numbers that divide this one, then like Pythagoras, you too can look forward to a cult following!