1on1 secure mail is protected by RSA so how secure is it? Someone could break RSA by finding a way to calculate the private key from the public key. The security of RSA rests in the severe mathematical difficulty of doing that. As far as is known, the only feasible way to calculate the private key is to know the prime factors in the public key. To be accurate, the two prime factors in its 'modulus'. If you know what these prime numbers are, then it's possible for your software to calculate the private key. Indeed, that's what RSA does when it generates a person's private key in the first place. It picks two large prime numbers at random and multiplies those together. That gives the publickey modulus. It then picks an exponent to use with the modulus (this could be getting hard to picture, but the drift here is the main thing). Using the two prime numbers and the exponent just picked, RSA then works out the private key. It is a formidable calculation, but possible. Without the prime numbers, it is worse than formidable: it can be hopeless. But that nearly hopeless problem is what faces an attacker. The attacker only has the modulus (the prime numbers after they've been multiplied together). He doesn't know the two individual primes. So the attacker's software has no leverage on the mathematical problem of calculating the private key. It runs into a skyhigh mathematical wall. The difficulty of finding the prime numbers in a public key of any given size is known, and the time it would take any given computer to do it can be estimated. Here are estimates from Bruce Schneier's "Applied Cryptography" second edition:
