The Math That Makes Every HTTPS Connection Secure
Whitfield Diffie, Martin Hellman, and Ralph Merkle's 1980 Stanford patent describes public-key cryptography — the breakthrough that enables two strangers to establish a shared secret over an insecure channel, making secure internet communication possible.
Original patent title: “Cryptographic apparatus and method”
What this patent covers
The actual claim
This patent describes a public-key cryptographic system where two parties can establish a shared secret without ever meeting or exchanging any secret information over the channel. Each party has two mathematically related keys: a public key they share with everyone, and a private key they never reveal. The mathematical relationship between the keys — based on the difficulty of computing discrete logarithms — means that anything encrypted with your public key can only be decrypted with your private key. More importantly, two parties can combine their public keys to arrive at the same shared secret, which neither has transmitted. This makes it possible to establish an encrypted connection without any prior shared secret.
What this patent does NOT cover
The boundaries
- RSA encryption (US4405829) — a different public-key system using prime factorization rather than discrete logarithm problems
- Symmetric encryption (AES, DES) — once a shared key is established via Diffie-Hellman, symmetric encryption is typically used for the actual data
- Digital signatures — a related but separate use of public-key cryptography not covered in this specific patent
- Elliptic curve cryptography — a more efficient variant of the same mathematical principle developed later
These exclusions are unique to PatentBrief — derived from the actual claim language, not patent-office boilerplate.
What made this novel
The problem Diffie and Hellman solved had been considered mathematically impossible. For thousands of years, secret communication required the two parties to share a secret key in advance — which required a secure channel to exchange the key, which required a secure channel to exchange THAT key, and so on. It was a chicken-and-egg problem. Diffie's insight was that you could use a mathematical function that is easy to compute in one direction but impossibly hard to reverse (a 'one-way function'). Specifically: computing g^x mod p is easy, but given g^x mod p, finding x is computationally infeasible for large numbers. By exploiting this asymmetry, two parties can each perform half the computation publicly and combine the results to get a shared secret that neither transmitted.
Schematic visualization of the patent's claim structure. Hand-drawn diagrams in progress for each landmark patent.
Where you've seen this
Real-world examples
Every HTTPS connection uses Diffie-Hellman (or its elliptic curve variant ECDH) to establish the symmetric session key — the padlock in your browser URL bar is this patent in action
Signal, WhatsApp, and iMessage use Diffie-Hellman key exchange as the foundation of their end-to-end encryption
The patent was licensed to RSA Security and became part of the foundational IP behind SSL/TLS — Stanford received royalties that helped fund their computer science department
Why it matters
The bigger picture
Diffie and Hellman published their ideas in a 1976 paper ('New Directions in Cryptography') before the patent was filed, which seeded an entire field of research. The 2015 Turing Award (computer science's Nobel Prize) went to Diffie and Hellman for this work. Without public-key cryptography, e-commerce would be impossible — every credit card transaction, every banking login, every private message relies on the mathematical impossibility of reversing the discrete logarithm problem. The NSA tried to suppress the patent's publication when it was filed; the academic publication of the underlying paper had already made that futile. Public-key cryptography is now considered too fundamental to suppress.
Filed
September 6, 1977
Granted
April 29, 1980
Claim 1 — Plain English
What this patent covers
This patent describes a public-key cryptographic system where two parties can establish a shared secret without ever meeting or exchanging any secret information over the channel. Each party has two mathematically related keys: a public key they share with everyone, and a private key they never reveal. The mathematical relationship between the keys — based on the difficulty of computing discrete logarithms — means that anything encrypted with your public key can only be decrypted with your private key. More importantly, two parties can combine their public keys to arrive at the same shared secret, which neither has transmitted. This makes it possible to establish an encrypted connection without any prior shared secret.
The clever bit
The problem Diffie and Hellman solved had been considered mathematically impossible. For thousands of years, secret communication required the two parties to share a secret key in advance — which required a secure channel to exchange the key, which required a secure channel to exchange THAT key, and so on. It was a chicken-and-egg problem. Diffie's insight was that you could use a mathematical function that is easy to compute in one direction but impossibly hard to reverse (a 'one-way function'). Specifically: computing g^x mod p is easy, but given g^x mod p, finding x is computationally infeasible for large numbers. By exploiting this asymmetry, two parties can each perform half the computation publicly and combine the results to get a shared secret that neither transmitted.
What it does not cover
- RSA encryption (US4405829) — a different public-key system using prime factorization rather than discrete logarithm problems
- Symmetric encryption (AES, DES) — once a shared key is established via Diffie-Hellman, symmetric encryption is typically used for the actual data
- Digital signatures — a related but separate use of public-key cryptography not covered in this specific patent
- Elliptic curve cryptography — a more efficient variant of the same mathematical principle developed later
Patent Journey
From filing to expiry
Patent Filed
1977
Patent Granted
1980 · 3yr after filing
Highly Cited
708 patents cite this
Patent Expired
1997
PatentBrief Score
Impact Score
Moderate
Citation count
40/40
Highly cited
Claim breadth
10/20
Broad claims
Recency
0/20
Older than 20 years
Assignee scale
0/20
Independent or smaller assignee
PatentBrief Impact Score — based on citation count, claim breadth, recency, and assignee scale. Not a legal assessment.
The original legal language
Original claims
15 claims as filed with the patent office.
Glossary
Key terms defined
- public key
- A value you share openly — used by others to encrypt messages to you, or to verify your digital signature
- private key
- A value you never share — used to decrypt messages encrypted with your public key
- key exchange
- The process of establishing a shared secret between two parties without transmitting the secret over the channel
- discrete logarithm
- The hard mathematical problem underlying Diffie-Hellman: given g^x mod p, find x — easy to compute forward, computationally infeasible to reverse for large numbers
Citations
Patent lineage
Stay in the loop
Get a weekly digest of new patents.
One email per week. No spam. Unsubscribe anytime.
Keep exploring
Related patents you should know
US 12564871 · 2026
A Fixture for Cleaning Showerheads with Multiple Separate Chambers
This patent describes a cleaning device for showerheads that uses a fixture with three or more separate internal compartments and channels to direct cleaning fluid to the showerhead's upper surfaces.
ASM IP HOLDING BV
US 12324579 · 2025
Surgical Stapler Battery Health Check During Operation
This patent describes a powered surgical stapler that can detect if some of its rechargeable battery cells are damaged while it's actually firing staples, helping ensure the procedure finishes safely.
CILAG GMBH INT
US 12471982 · 2025
Surgical Tool That Combines Energy Treatment and Stapling
CILAG's patent details a surgical instrument that applies therapeutic energy to tissue, monitors its properties, then deploys staples, adapting the stapling based on the initial energy treatment and monitoring.
CILAG GMBH INT
US 11918209 · 2024
Real-Time Surgical Instrument Status on Live Video During Operations
This patent describes a surgical system that shows live video from inside the body and overlays important information about the surgical tool directly onto the screen, helping surgeons operate more precisely.
CILAG GMBH INT
US 8697359 · 2014
How to Use CRISPR-Cas9 to Edit Genes in Human Cells
This patent describes a method and system for precisely altering gene expression in eukaryotic cells, including human cells, using an engineered CRISPR-Cas9 system that targets and cleaves specific DNA sequences.
Massachusetts Institute of Technology
US 4683195 · 1987
How to Make Many Copies of a Specific DNA Segment
This patent describes the Polymerase Chain Reaction (PCR), a fundamental process for making millions of copies of a specific DNA or RNA segment from a tiny sample, enabling its detection.
Cetus Corp
Semantically similar
You might also find these interesting
US 4405829 · 1983 · Massachusetts Institute of Technology
How RSA Public-Key Encryption Secures Digital Messages
US 2292387 · 1942
Hedy Lamarr's Secret Radio System for Torpedo Guidance
US 5774670 · 1998 · Netscape Communications Corp
The HTTP Cookie — How Websites Remember Who You Are
US 4558302 · 1985 · Sperry Corp
How Computers Shrink Data by Finding Repeated Patterns
Same assignee
More from Leland Stanford Junior University
Patent monitoring