Modern cryptography is built on unproven mathematical assumptions: specific computational problems (factoring, CDH, DDH, LWE) are believed to be intractable for polynomial-time algorithms. A cryptographic scheme's security is proven by reduction — showing that any efficient attacker breaks the scheme only if they can also solve the underlying hard problem. Assumptions are arranged in a hierarchy: DDH implies CDH implies DLP; factoring implies RSA. Weaker assumptions yield stronger results. The gap between "no one knows how to solve X" and "X is provably hard" is the foundational epistemic limitation of cryptography — no hardness assumption has been proven unconditionally (doing so would resolve P != NP).
Every modern cryptographic scheme's security proof has the form: "If assumption X holds, then this scheme is secure." Computational hardness assumptions are the unproven mathematical beliefs on which the entire field rests. The most important are the factoring assumption (factoring the product of two large primes is computationally intractable), the RSA assumption (computing e-th roots modulo n = pq is hard without the factorization), the Computational Diffie-Hellman (CDH) assumption (computing g^{ab} from g^a and g^b in a well-chosen group is hard), and the Decisional Diffie-Hellman (DDH) assumption (the triple (g^a, g^b, g^{ab}) is computationally indistinguishable from (g^a, g^b, g^c) for random a, b, c).
These assumptions are arranged in a hierarchy of strength. DDH implies CDH (if you can compute g^{ab}, you can certainly distinguish it from random), and CDH implies DLP (if you can compute discrete logarithms, you can solve CDH). A stronger assumption is one that is easier to break — DDH is stronger than CDH because there are more potential ways to break DDH (distinguish without computing). Cryptographers prefer to base schemes on the weakest possible assumption because it is the hardest to break: a scheme based on CDH remains secure even if DDH turns out to be false. The gold standard is basing everything on one-way functions (the weakest useful assumption), which exist if and only if P != NP for specific function families.
Security proofs work by reduction: the cryptographer constructs an algorithm that, given any efficient attacker against the scheme, converts it into an efficient solver for the assumed hard problem. If the hard problem is believed unsolvable in polynomial time, the scheme must be secure — any efficient attacker would contradict the assumption. The tightness of the reduction matters practically: if the reduction introduces a large loss factor (converting an advantage of epsilon against the scheme into an advantage of epsilon/2^30 against the hard problem), the scheme's concrete security is much weaker than the raw assumption suggests, requiring larger parameters to compensate.
The deepest limitation of this approach is that no hardness assumption has been proven unconditionally. Proving that factoring is hard would separate complexity classes in ways that would effectively resolve the P vs NP question. The entire edifice of computational cryptography rests on empirical confidence — decades of smart people failing to solve these problems — rather than mathematical proof. This is why the field maintains a portfolio of assumptions: if factoring falls (to quantum computers or new classical algorithms), schemes based on lattice assumptions (LWE, SIS) may survive. Diversifying assumptions is cryptography's hedge against the inherent uncertainty of unproven conjectures.