The GCHQ Trio — Ellis, Cocks, and Williamson
They invented RSA and Diffie-Hellman first. No one knew for 27 years.
The GCHQ Trio — Ellis, Cocks, and Williamson
James Ellis was a GCHQ mathematician who in 1969 produced a classified paper demonstrating theoretically that two parties could communicate securely without sharing a secret key in advance. He called it 'non-secret encryption.' Three years later, a 22-year-old mathematician named Clifford Cocks — recently arrived at GCHQ — read Ellis's paper and produced, in the space of thirty minutes, a practical implementation using the difficulty of factoring large numbers: what the public world would later call RSA. Malcolm Williamson independently derived the equivalent of Diffie-Hellman key exchange shortly thereafter. All three papers were classified. When Diffie, Hellman, Rivest, Shamir, and Adleman published their versions in 1976–1977, they received the public credit history accords to priority of publication.
Why This Person Matters
The GCHQ trio's story is the premier case study in how government secrecy can suppress foundational scientific advances. Public-key cryptography is the cryptographic underpinning of every secure transaction on the modern internet — HTTPS, TLS, SSH, encrypted messaging, digital signatures, and cryptocurrency all depend on it. Had Ellis and Cocks's work been publishable in 1973, open academic research and development would have had four additional years to mature the field. Instead, the academic community worked in ignorance of the prior art, and the GCHQ results remained classified until 1997 — by which point the RSA patent had already been granted and the entire modern cryptographic architecture had been independently built around what were thought to be new academic results.
Ellis's 1969 paper, "The Possibility of Secure Non-Secret Digital Encryption," argued from first principles that two parties could establish a secure channel if one party could create a mathematical transformation that was easy to apply (encryption) but hard to reverse (decryption) without a secret, and if the encryption key could be safely made public. He framed this as a mathematical possibility but could not construct a specific implementation. His paper circulated internally at GCHQ but could not be published or shared externally.
Clifford Cocks read Ellis's paper shortly after joining GCHQ from Cambridge in 1973. Using his mathematical background in number theory, he recognized that the factoring problem — given N = p × q where p and q are large primes, finding p and q is computationally hard — provided exactly the one-way function Ellis had described. He wrote his implementation in thirty minutes. The system he described is, in every mathematical detail, what the public world would call RSA in 1977. Cocks did not tell his supervisor immediately because he assumed someone had obviously already thought of it. They had not.
GCHQ declassified the Ellis and Cocks papers in 1997, after RSA Security had already licensed RSA as a patented system and built a company around it. Cocks received a Commander of the Order of the British Empire (CMG) in 2008. Ellis had died in 1997, just months after the declassification — close enough to know that the world had finally learned his contribution. The academic cryptography community's response was universal acknowledgment: the published RSA paper would have acknowledged Ellis and Cocks had their work been known.
| James Ellis | 1924–1997 — proposed non-secret encryption concept, 1969 |
| Clifford Cocks | b. 1950 — implemented RSA equivalent, 1973 (age 22, first week on job) |
| Malcolm Williamson | b. 1950 — implemented Diffie-Hellman equivalent, 1974 |
| Organization | GCHQ (Government Communications Headquarters), Cheltenham |
| Classification | Top secret until 1997 |
| Public credit | Diffie & Hellman (1976), Rivest, Shamir & Adleman (1977) |
| Recognition | Clifford Cocks: CMG 2008; IBy 2009 |