57

If a solution was found to the Riemann Hypothesis, would it have any effect on the security of things such as RSA protection? Would it make cracking large numbers easier?

Freeman
  • 4,739
  • 11
  • 47
  • 75

4 Answers4

54

If by 'solution' you mean confirmation or counterexample, then no. One could just assume the result, produce an algorithm whose validity requires the Riemann hypothesis, and use it to break RSA codes. Merely knowing if the Riemann Hypothesis holds or not doesn't help you construct any factorization method (although it can tell you a theoretical bound on how well a certain algorithm can run). It is possible, however, that in the process of resolving RH, we improve our understanding of related questions/techniques and use our improved knowledge to create algorithms that do have the potential to crack RSA codes.

Most mathematicians don't want to see RH resolved just for a yes/no answer. It is more important that research into the problem produces new mathematics and deep insights -- the resolution of the problem is simply one goal to reach and a yardstick to measure our progress. The situation is similar to the development of algebraic number theory with the goal of understanding higher reciprocity laws. Along the way a whole new interesting subject opened up spawning many decades of interesting mathematics, and the original motivation no longer holds center stage.

Ragib Zaman
  • 33,450
  • 3
  • 63
  • 108
  • 3
    Dear Ragib, A side remark: while the work of Wiles has certainly been extended by many people, the main thrust has not been BSD. (I wonder what particular work you have in mind.) I think that Fontaine--Mazur, Serre's conjecture, and Sato--Tate would be better things to point to here. Regards, – Matt E Oct 04 '11 at 04:37
  • Thank you, this is very thorougher, this is what I was hoping for also! – Freeman Oct 04 '11 at 07:25
  • Haha sorry, I was going to, I was interested in what other people might have to add, but in fairness you deserve it! – Freeman Oct 04 '11 at 09:32
  • 1
    I don't think the modularity theorems "strengthened results of Gross/Zagier and Kolyvagin", any more than an oracle telling you RH is true (without providing a proof or new insights) would strengthen a factoring algorithm whose runtime is estimated based on RH. The methods of Wiles and his students have been used for BSD in the formal book-keeping sense that theorems true for modular elliptic curves became applicable to more curves as the adjective "modular" spread to cover larger and larger classes of elliptic curves over Q. – zyx Oct 04 '11 at 19:45
29

No. Practical applications can simply assume the truth of the Riemann hypothesis; proving it would increase knowledge but not itself affect security.

Charles
  • 30,888
  • 4
  • 58
  • 139
24

If RH is shown to be false, it would mean that the distribution of primes has more structure than anticipated (or a different type of structure, such as unusual correlations where independence was expected) and conceivably that could be leveraged for cryptanalysis of RSA or other number theoretic codes.

If RH is shown to be true, it is likely to be as a result of proving that some symmetries or algebraic structures connected to prime numbers, structures that are presently conjectural and not precisely understood, do exist. There are such structures that exist for function fields and have applications to cryptography (Frobenius map, Weil pairings, and etale cohomology come to mind) and it's possible that the expected but currently undiscovered constructions in the number field case would also be useful for making or breaking codes.

Of course any big leap in understanding of number theory would lead to a reconsideration of number theoretic algorithms in general, especially the ones in cryptography.

zyx
  • 34,340
  • 3
  • 43
  • 106
  • Good answer. If RH was disproved that itself would not affect security, but studying the proof and the reasons for the failure might well lead to attacks. But it's hard to say what they might be since we don't know what the proof would look like (since we don't think there is such a proof). – Charles Dec 08 '11 at 20:10
18

No, I don't believe so. The Riemann hypothesis controls (in some statistical sense) the distribution of primes, and one can prove stronger results about the running time of various number-theoretic algorithms if one knows that RH (or some its generalizations) are true.

However, in practice (e.g. if you are an intelligence agency trying to crack encrypted data) I think you can assume that all running time estimates whose truth hinges on RH are in fact true, since there is every reason to believe that RH is true. Thus these algorithms will in fact (with near certainty) behave as RH predicts that they would.

Matt E
  • 118,032
  • 11
  • 286
  • 447
  • 17
    The designers and the attackers of the algorithms freely assume any conjecture that is helpful, so RH is "built in". It's not as though any type of cryptanalysis is waiting on a resolution of RH to certify that it will work. What would change everything is if present expectations about P (not) = NP are wrong. – zyx Oct 03 '11 at 15:49