What's next for encryption if the RSA algorithm is broken?

A recent, yet to be proven paper claiming to have found a way to "destroy the RSA cryptosystem" has cryptographers asking what might replace it.

Encrypted blocks of multicolored data cubes rolling out.
Matejmo / Getty Images

What if a big crack appeared overnight in the internet's security layer? What if the fracture reached deep into the mathematical foundations of the cryptographic algorithms? That appeared to happen in early March when a paper dropped with a tantalizing conclusion in the abstract: “This destroys the RSA cryptosystem.”

If the claim proves correct, a good part of the data that’s encrypted at rest or in motion might not be safe. The first problem was that no one knew if the author was right. The second, even larger problem was no one was sure what the world should do if the claims were true.

At this writing, mathematicians are still deliberating the first question, but others are addressing the second question and starting to sketch out plans for what to do if a catastrophic weakness appears out of nowhere. They’re pushing for a stronger foundation built out of multiple algorithms implemented with protocols that make switching simpler.

Some cryptographers are looking for RSA replacements because the algorithm is just one encryption algorithm that may be vulnerable to new machines that exploit quantum effects in electronics. The world must be more agile, they argue, because there are many potential cracks that could appear.

Factoring large numbers

To continue reading this article register now

22 cybersecurity myths organizations need to stop believing in 2022