“Any competent programmer who can master a little number theory and doesn’t care about US patents can implement RSA encryption, El Gamal “
Actually, this is not true. Implementing a security algorithm is extremely difficult and patents are more or less irrelevant here. They give introduction to topic (better intro can be found in textbooks) and some specific claims for some limited parts of algorithm. US government can crack any code using these patents in a nanosecond.
Whence comes your confidence that the government has either a publicly unknown factoring algorithm on classical computers, or a quantum computer with enough q-bits (and well enough shielded from thermal background that the state doesn’t decohere) to implement Schor’s algorithm?
Short of that RSA, used as a key exchange method for a strong private key method, provides quite adequate security against NSA attack. (I like sending RSA encrypted keys better than Diffie-Hellman, but that’s just me.)
I teach RSA, El Gamal and Diffie-Hellman about once every three years in a short-course on cryptology. I beg to differ, but the algorithms are all trivial
to implement. The only impediment to their use might be finding a enough
100 to 200 digit primes, but again, a competent programmer with a good knowledge of number theory should have no problem.
I haven’t heard any evidence (of any kind, at all) that the U.S. Government is able to crack PGP in a nanosecond, much less in a million years....
Regards,
Star Traveler