Why Prime Numbers Are the Foundation of Modern Encryption

The Lock That Number Theory Built

Every time a browser displays a padlock icon and HTTPS in the address bar, it's relying on a mathematical problem that has defeated every computer ever built: factoring large numbers into their prime components. The RSA encryption system — named for its inventors Ron Rivest, Adi Shamir, and Leonard Adleman at MIT in 1977 — secures bank transactions, medical records, private communications, and government secrets using a discovery that Euclid would have recognized: every integer greater than 1 can be written as a unique product of prime numbers. This uniqueness, combined with the computational asymmetry between multiplication and factoring, forms the basis of an encryption system that protects an estimated $5 trillion in annual e-commerce.

Prime numbers — integers divisible only by 1 and themselves — were studied purely for their mathematical beauty for over 2,000 years before anyone found a cryptographic application. Euclid proved there are infinitely many primes around 300 BCE. Carl Friedrich Gauss studied their distribution in 1791, noticing that primes become rarer as numbers grow larger. The prime number theorem, proved independently by Jacques Hadamard and Charles de la Vallée Poussin in 1896, quantified this: the number of primes below n is approximately n / ln(n). None of these mathematicians imagined that prime scarcity at large scales would become a pillar of global security infrastructure.

The Mathematics of RSA: Step by Step

RSA generates two mathematically linked keys: a public key anyone can use to encrypt messages to you, and a private key that only you hold to decrypt them. The security rests on three facts: multiplying two large primes is easy; factoring their product back into primes is computationally hard; and the relationship between the keys is structured so that knowing the public key gives no practical path to the private key without factoring the modulus.

Key Generation

Select two large prime numbers, p and q (each typically 1,024–2,048 bits long today, meaning primes with 300–600 digits). Compute n = p × q. This is the modulus, published as part of the public key. Compute Euler's totient function: φ(n) = (p−1)(q−1). Choose a public exponent e, typically 65,537, that is coprime to φ(n). Compute the private exponent d such that e × d ≡ 1 (mod φ(n)) — meaning d is the modular multiplicative inverse of e. The public key is (n, e). The private key is (n, d).

Encryption and Decryption

To encrypt a message M (as an integer, M < n): C = Mᵉ mod n. To decrypt: M = Cᵈ mod n. This works because of Euler's theorem: Mᵉᵈ ≡ M (mod n) whenever ed ≡ 1 (mod φ(n)) and gcd(M, n) = 1. The mathematical proof is elegant; what matters practically is that without knowing p and q (and therefore φ(n)), computing d from the public key (n, e) requires factoring n — which is computationally infeasible for sufficiently large n.

Why Factoring Is Hard

Multiplying two 1,024-bit primes takes a modern computer microseconds. Factoring the resulting 2,048-bit number using the best known algorithms — the General Number Field Sieve (GNFS) — would take longer than the current age of the universe on classical hardware. The best recorded RSA factoring achievement (RSA-250, a 250-digit = 829-bit number) required approximately 2,700 CPU-core years of computation completed in 2020 by a distributed team. The gap between the 829-bit RSA-250 that took 2,700 core-years and a 2,048-bit key currently recommended for security is enormous — factoring the latter is not a linear extrapolation but an exponential barrier.

RSA Key Size (bits)	Modulus Size (decimal digits)	Security Level	Factoring Effort Estimate
512	155	Broken	Factored in hours on modern hardware
1,024	308	Inadequate	Within range of nation-state resources
2,048	617	Current standard	Computationally infeasible classically
4,096	1,233	High security	Far beyond foreseeable classical capability

Modular Arithmetic: The Mathematical Engine

RSA computations happen in modular arithmetic — arithmetic where numbers wrap around after reaching a modulus, like a clock. 17 mod 12 = 5; 25 mod 12 = 1. Exponentiation in modular arithmetic — M^e mod n — can be computed efficiently using fast modular exponentiation (repeated squaring), taking O(log e) multiplications. A 1,024-bit exponent requires about 1,024 squarings — fast, even for large numbers. But computing the discrete logarithm (finding e from M, C, and n without knowing d) or factoring n — the inverse problems — have no known efficient classical algorithms. This computational asymmetry is the entire foundation of RSA's security.

Primality Testing: Finding Suitable Primes

RSA requires finding genuine large prime numbers. Testing a 1,024-bit candidate for primality using trial division would require dividing by all primes up to its square root — approximately 2^512 divisions. Impossible. Instead, probabilistic primality tests like the Miller-Rabin test check a candidate against random witnesses. A composite number passes Miller-Rabin with probability at most 1/4 per witness; running the test with 50 random witnesses gives a false prime probability below 4^(−50) — effectively zero. The deterministic AKS primality test, published in 2002, proved that primality can be decided in polynomial time, but Miller-Rabin remains faster in practice.

The Miller-Rabin test exploits Fermat's little theorem: for a prime p and integer a not divisible by p, a^(p−1) ≡ 1 (mod p). Most composites fail this test for random a.
Prime gaps near 1,024-bit numbers are large enough that finding a prime typically requires testing several hundred candidates — each test taking milliseconds.
Cryptographic libraries use cryptographically secure random number generators to select candidates, ensuring primes are unpredictable to attackers.

Elliptic Curve Cryptography: A More Efficient Alternative

RSA isn't the only public-key system. Elliptic Curve Cryptography (ECC), developed independently by Neal Koblitz and Victor Miller in 1985, uses the mathematics of points on elliptic curves over finite fields. The security relies on the elliptic curve discrete logarithm problem — which is harder than integer factoring for the same key size. A 256-bit ECC key provides security roughly equivalent to a 3,072-bit RSA key — much smaller, faster to compute with, and requiring less bandwidth. This makes ECC preferred for mobile devices, TLS (the HTTPS protocol), and cryptocurrency systems.

System	Key Size for ~128-bit Security	Computational Cost	Underlying Hard Problem
RSA	3,072 bits	High	Integer factorization
ECC (ECDH, ECDSA)	256 bits	Low	Elliptic curve discrete logarithm
DSA	3,072-bit modulus	Medium	Discrete logarithm over integers

The Quantum Threat

Peter Shor's algorithm, published in 1994, demonstrated that a sufficiently powerful quantum computer could factor large integers in polynomial time — breaking RSA and ECC simultaneously. A quantum computer with roughly 4,000 error-corrected logical qubits could factor a 2,048-bit RSA key in hours. Current quantum computers have hundreds to thousands of physical qubits but far fewer error-corrected logical qubits; practical cryptographically-relevant quantum computers are estimated 10–20 years away by most experts.

In anticipation, the US National Institute of Standards and Technology (NIST) standardized four post-quantum cryptographic algorithms in 2024, based on mathematical problems believed hard for quantum computers: lattice problems (CRYSTALS-Kyber for key exchange, CRYSTALS-Dilithium for signatures), hash-based signatures (SPHINCS+), and algebraic code-based problems (FALCON). The migration from RSA and ECC to post-quantum algorithms is one of the largest planned overhauls of internet infrastructure in history — driven by the strange, ancient, endlessly generative mathematics of prime numbers.