@Article{RSA83a, author = { R[onald] L. Rivest and A[di] Shamir and L[eonard M.] Adleman }, title = { A method for obtaining digital signatures and public-key cryptosystems }, acm = { 712859 }, journal = { CACM }, OPTyear = { 1983 }, OPTmonth = { January }, date = { 1983-01 }, volume = { 26 }, number = { 1 }, pages = { 96--99 }, publisher = { ACM }, issn = { 0001-0782 }, doi = { 10.1145/357980.358017 }, acmid = { 358017 }, keywords = { authentication, cryptography, digital signatures, electronic funds transfer, electronic mail, factorization, message-passing, prime number, privacy, public-key cryptosystems, security }, abstract = { An encryption method is presented with the novel property that publicly revealing an encryption key does not thereby reveal the corresponding decryption key. This has two important consequences: (1) Couriers or other secure means are not needed to transmit keys, since a message can be enciphered using an encryption key publicly revealed by the intended recipient. Only he can decipher the message, since only he knows the corresponding decryption key. (2) A message can be ``signed'' using a privately held decryption key. Anyone can verify this signature using the corresponding pubicly revealed encryption key. Signatures cannot be forged, and a signer cannot later deny the validity of his signature. This has obvious applications in ``electronic mail'' and ``electronic funds transfer'' systems. A message is encrypted by representing it as a number $M$, raising $M$ to a publicly specified power $e$, and then taking the remainder when the result is divided by the publicly specified product, $n$, of two large secret prime numbers $p$ and $q$. Decryption is similar; only a different, secret, power $d$ is used, where $e*d \equiv 1 (\textrm{mod} (p-1)*(q-1))$. The security of the system rests in part on the difficulty of factoring the published divisor, $n$. }, htmlnote = { (This is a reprint of the "RSA paper" RSA78.) }, }