Editing Public-key cryptography (section)

=== Public discovery ===
In 1976, an asymmetric key cryptosystem was published by [[Whitfield Diffie]] and [[Martin Hellman]] who, influenced by [[Ralph Merkle]]'s work on public key distribution, disclosed a method of public key agreement. This method of key exchange, which uses [[Finite field#Applications|exponentiation in a finite field]], came to be known as [[Diffie–Hellman key exchange]].<ref name="Diffie 1976">{{cite journal |last1=Diffie |first1=Whitfield |author-link1=Whitfield Diffie |last2=Hellman |first2=Martin E. |author-link2=Martin Hellman |date=November 1976 |title=New Directions in Cryptography |url=http://ee.stanford.edu/%7Ehellman/publications/24.pdf |url-status=live |journal=[[IEEE Transactions on Information Theory]] |volume=22 |issue=6 |pages=644–654 |doi=10.1109/TIT.1976.1055638 |archive-url=https://web.archive.org/web/20141129035850/https://ee.stanford.edu/%7Ehellman/publications/24.pdf |archive-date=2014-11-29 |citeseerx=10.1.1.37.9720 }}</ref> This was the first published practical method for establishing a shared secret-key over an authenticated (but not confidential) communications channel without using a prior shared secret. Merkle's "public key-agreement technique" became known as [[Merkle's Puzzles]], and was invented in 1974 and only published in 1978. This makes asymmetric encryption a rather new field in cryptography although cryptography itself dates back more than 2,000 years.<ref>{{cite web |title=Asymmetric encryption |url=https://www.ionos.com/digitalguide/server/security/public-key-encryption/ |access-date=2022-06-09 |website=IONOS Digitalguide |language=en }}</ref>

In 1977, a generalization of Cocks's scheme was independently invented by [[Ron Rivest]], [[Adi Shamir]] and [[Leonard Adleman]], all then at [[MIT]]. The latter authors published their work in 1978 in [[Martin Gardner]]'s [[Scientific American]] column, and the algorithm came to be known as [[RSA (cryptosystem)|RSA]], from their initials.<ref name="rsa">
{{cite journal
 | last1 = Rivest | first1 = R.
 | last2 = Shamir | first2 = A.
 | last3 = Adleman | first3 = L.
 | url = http://people.csail.mit.edu/rivest/Rsapaper.pdf
 | title = A Method for Obtaining Digital Signatures and Public-Key Cryptosystems
 | journal = [[Communications of the ACM]]
 | volume = 21
 | issue = 2
 | pages = 120–126
 | date = February 1978
 | doi = 10.1145/359340.359342
 | citeseerx = 10.1.1.607.2677
 | s2cid = 2873616
 | access-date = 15 November 2019
 | archive-date = 17 December 2008
 | archive-url = https://web.archive.org/web/20081217101831/http://people.csail.mit.edu/rivest/Rsapaper.pdf
 | url-status = dead
}}</ref> RSA uses [[modular exponentiation|exponentiation modulo]] a product of two very large [[prime]]s, to encrypt and decrypt, performing both public key encryption and public key digital signatures. Its security is connected to the extreme difficulty of [[integer factorization|factoring large integers]], a problem for which there is no known efficient general technique. A description of the algorithm was published in the [[List of Martin Gardner Mathematical Games columns|Mathematical Games]] column in the August 1977 issue of [[Scientific American]].<ref>{{cite journal |url=http://www.msri.org/people/members/sara/articles/rsa.pdf |journal=SIAM News |volume=36 |issue=5 |date=June 2003 |title=Still Guarding Secrets after Years of Attacks, RSA Earns Accolades for its Founders |first=Sara |last=Robinson }}</ref>

Since the 1970s, a large number and variety of encryption, digital signature, key agreement, and other techniques have been developed, including the [[Rabin cryptosystem]], [[ElGamal encryption]], [[Digital Signature Algorithm|DSA]] and [[Elliptic-curve cryptography|ECC]].