#technology

Cryptography: Prime Numbers, Semi-Primes, and the Quantum Challenge

ericcrichardson Leave a comment

The art of encrypted communication evolved through the ages to safeguard data. From the earliest ciphers to the most sophisticated algorithms, cryptography is a key part of the digital infrastructure today. At the heart of this development is the use of primes and semi-prime numbers for encryption keys, allowing information to remain private from prying eyes. But even this powerful system is at risk because quantum computing is in the process of overturning the paradigm of security. Let’s take a very short look into this space.

A Brief History of Cryptography

The journey of cryptography began with simple substitution ciphers. One of the earliest examples is the Caesar cipher, where letters are shifted by a fixed number to obscure a message. The need for more complex encryption methods grew with the advancement of communication and warfare. By the 16th century, cryptographers developed polyalphabetic ciphers like the Vigenère cipher, which used multiple shifting patterns, making it much harder to crack.


And the 20th century saw the introduction of electro-mechanical encryption machines like the German Enigma machine during the Second World War. Its exploitation by Alan Turing and his Bletchley Park cryptographers showed the potential and finiteness of encryption. This was a new age that would demand mathematical encryption – one that could be cracked open by a capable adversary’s tools.

Prime and Semi-Prime Numbers in Encryption

Modern cryptography, in particular asymmetric encryption, rests on the mathematics of prime and semi-prime numbers. Prime numbers are numbers with one or more positive divisors of 1 and themselves. A semi-prime number consists of exactly two primes. Both these ideas have built the popular RSA encryption algorithm.

RSA Encryption: Prime and Semi-Prime Foundations

Developed in 1977 by Ron Rivest, Adi Shamir, and Leonard Adleman, RSA encryption relies on the difficulty of factoring large semi-prime numbers. Here’s how it works at a high level:

  1. Key Generation:
    • Two large prime numbers p  and q are selected.
    • Their product n=p×q becomes the modulus used in the encryption and decryption processes.
    • A public exponent e  and private exponent d are chosen such that they satisfy a mathematical relationship based on p and q.
  2. Encryption:
    • The public key, composed of n and e, is shared openly.
    • A message M is encrypted using the formula:
      C=Mmod n, where C is the cyphertext
  3. Decryption:
    • Using the private key (which includes d and n), the ciphertext can be decrypted with:
      M=CMod n.

RSA’s integrity rests on the fact that multiplying two large primes is computationally trivial, but factoring the semi-prime into its primes is impossibly complicated without knowing one of them in advance. The 2048-bit RSA key, for instance, has a semi-prime greater than 600 digits, and it is unusable for classic computers to brute-force its factors.

How Encryption Algorithms Leverage Mathematical Complexity

The hardness of mathematical problems is a key feature exploited in cryptography. In RSA, the prime factorization problem ensures security. Other algorithms rely on different mathematical challenges, such as:

  • Elliptic Curve Cryptography (ECC): Uses the difficulty of solving elliptic curve discrete logarithm problems.
  • Diffie-Hellman Key Exchange: Relies on the difficulty of computing discrete logarithms in modular arithmetic.
  • Advanced Encryption Standard (AES): Though AES is symmetric encryption (not using primes), it operates on complex transformations involving mathematical matrices and substitutions.

In each case, the security of the algorithm depends on the problem’s resistance to computational solutions.

The Quantum Computing Threat

While these cryptographic systems are secure against classical computers, quantum computing introduces a new paradigm. Quantum computers leverage the principles of quantum mechanics to solve certain mathematical problems exponentially faster than classical machines. Two quantum algorithms pose specific threats:

  1. Shor’s Algorithm: Can efficiently factor large semi-prime numbers, rendering RSA encryption vulnerable.
  2. Grover’s Algorithm: While not as devastating, it speeds up brute-force attacks on symmetric encryption algorithms, such as AES.

If large, fault-tolerant quantum computers are built into reality, a good deal of existing encryption will go extinct. This has inspired the advent of post-quantum cryptography, protocols capable of countering attacks by quantum computers. NIST (National Institute of Standards and Technology) has begun standardizing post-quantum cryptographic algorithms that may become the replacement for RSA and ECC as the cornerstone of secure communication.

A New Era in Cryptography

This interaction of primes and semi-primes has been an engine of contemporary encryption, which provides secure digital communication worldwide. From the brilliant wits of pre-Internet ciphers to the mathematics of RSA and ECC, encryption was always ahead of attackers – until now.


Quantum computing poses a serious threat to the discipline and demands that cryptographers restructure encryption protocols. As we begin to explore the technology of post-quantum algorithms, companies need to adapt to this new age of protection. Just as cryptography has proven itself to meet every previous problem, it will adapt again to keep our most important data safe, even under the new quantum computer.


The race is fully on building quantum computers and implementing quantum-proof encryption. Its final result might define secure communication for generations to come.

The ins and outs of using a VPN

ericcrichardson 2 Comments

One of the ways many people today are using Virtual Private Network, also known as a “VPN” is something you are hearing about often now likely.  You are likely seeing that is protects you from bad guys (aka the ever present “Hacker”) but just how does a VPN work?

The technology which would become the VPN started their life 25 years ago at Microsoft as part of Windows 95.  The problem which was being solved was the case where someone who worked for an organization who was traveling or located in a remote office who needed to securely connect to their home office.  While you could spend huge amount of money to get a dedicated direct physical connection between the two locations using the already existing worldwide Internet was a great way to go.   Effectively the team came up with the notion of creating a virtual dedicated line between two points. This became known a s PPTP- Point to Point Tunneling Protocol.  The way PPTP works is creating an encrypted connection between the remote user and the home office.

A standard Internet Connection with no VPN

What is a tunnel?

A VPN is just the next step in evolution of PPTN, the general way it works is a remote individual connects to a VPN server in a specific location. That connection is secure using encryption, they any other connections done are done from the VPN Server.  Again, the notion of the “tunnel” is like a virtual cable going from your computer to the VPN Server Selected.   The obvious use of the tunnel is security, if you and work are both connecting to a VPN server you have a virtual connection from you to work. So a Virtual Private Network is just that, you can access resources at work from the other side the world with the ease you would from inside the office.

Using a VPN as a corporate user

Benefits of a VPN

As you have encryption that means it’s much more difficult for bad guys to see your data, it’ll also prevent your ISP, or any organization for that matter with the sole exception of the VPN provider, from seeing your activity.  It also makes targeted marketing difficult as internet advertisers will have no idea who you are and where you are coming from.  Interestingly many private individuals have realized they would like some of those benefits. In the last few years, we have seen a spate of companies starting up to provide VPN services for anyone and they are pretty in expensive. 

VPN’s for everyone

A non-corporate connection to the Internet using a VPN Server- you can have a range of servers to choose from

These works just like their corporate cousins with the exception that you effectively connect to the internet from the VPN server you choose.  The “other end” of the connection is simply the internet versus a corporation. There are added benefits, a major one is regarding streaming services which restrict content depending on where you are located you can simply identify a VPN Server. 

There are some other great benefits, if you use a VPN connected to a specific country products or services could be priced much lower than where you are.  Airline tickets are a well known opportunity to connect to one country via a VPN to get better prices. I will note that as time goes on it’s more likely that merchants of all shapes and sizes will begin to identify popular VPN services and close these holes. In some countries where free speech is not guaranteed, a VPN could be a way to embrace free speech but at a risk to personal safety.

There are some less serious reasons to use a personal VPN-say you want to see the new episode of “Staged” from the BBC but you are in North America, you can select a server in the UK and the BBC would allow you to watch the episode as opposed to waiting for it to come to a streaming service in North America. 

Looking at the BBC from North America

As an example, you can see that he BBC main page is quite different when connecting from North America versus the UK, as in the second instance a VPN was used to connect to the UK.  You will notice that the websites are similar but quite different.

Looking at the BBC Website using a VPN in the UK from North America

I hope this has helped give you a quick overview on VPNs, why people use them and can help you to identify if you wish to use one or not.  They are not awfully expensive for private individuals and are becoming much more popular.  Using one all the time, just connect to your own country, is not a bad way to go as it is still a more secure way to browse the web. There will be minor lag triggered due to the encryption, but you will not notice it under normal browsing conditions.  Most personal VPN companies offer a free trial, give it a spin!

@ericcrichardson