Trine professor’s journal article explains popular encryption method

A Trine University faculty member recently authored an article on the mathematics supporting a common data encryption method published in a peer-reviewed journal.

William Barge, Ph.D., associate professor in Trine’s Department of Computer Science and Information Technology, wrote "The Mathematics Behind RSA Encryption," published in the May 2019 issue of the Information Systems Security Association (ISSA) Journal.

The ISSA is a not-for-profit, international organization of information security professionals and practitioners, dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure.

Barge, an ISSA member, has taught information security at Trine since 2008. In 2013, he wrote a program in the Java programming language to check students’ solutions to an assignment involving the Rivest, Shamir, and Adleman (RSA) cryptosystem, an encryption algorithm commonly used to securely hide confidential information in online transactions and to encrypt user ids and passwords on most websites using Secure Hypertext Transfer Protocol (https).

“I found that Java could not accommodate the value of exponential expressions applied to large prime numbers,” he said. “I knew my PC’s browser did not throw an error when I made a web purchase.  The ‘how does this work in real life’ quest led me to start learning an area of mathematics called Number Theory. Using a few proofs and theorems, and a lot of trial and error, I was able to incorporate mathematical shortcuts into my Java code. I thought others might benefit from seeing these shortcuts.

“My target audience was a programmer looking for ideas on how to keep the value of an exponential expression from getting too large, a mathematician who is interested in Number Theory, or anyone interested in learning the mathematics behind RSA.”

Barge said without systems like RSA, people would not be able to communicate securely and confidentially over the Internet with businesses or others with whom they did not have some prior relationship. As an example of the dangers of communicating over an unencrypted system, he noted students in Trine’s Computer Science & Information Technology (CSIT) practice how to capture Internet traffic and extract the messages being sent.

“In the labs done in class, I have had students find messages, reassemble photographs and other files, and track me as I have navigated through the Internet,” he said. “The students have not only had to identify what web sites I visited, but also identify the user ids and passwords I used. It is getting harder every year to find websites that do not adequately protect user ids and passwords.”