Please understand patents
In theory mathematics is not patentable. In practice anything can be patented. Software is mathematics, so it is not patentable. There is an explicit exemption that makes software unpatentable in the EU. To get a patent on software in the EU, you call it a 'computer implemented invention'. The RSA algorithm for public key cryptography is covered by (expired) U.S. Patent 4,405,829. The disaster with patents is that an infinite number of code monkeys can come up with an infinite number implementations without ever reading any patents, but they can still all be sued for infringement - even if they all have licenses for the litigated expired invalid patents.
The thing is, we have had the basic requirements for security well publicised for decades:
Freedom 0: The freedom to run the program for any purpose.
Freedom 1: The freedom to study how the program works, and change it to make it do what you wish.
Freedom 2: The freedom to redistribute copies so you can help your neighbor.
Freedom 3: The freedom to improve the program, and release your improvements (and modified versions in general) to the public, so that the whole community benefits.
You need all of these to give people the power and incentive to find and fix bugs efficiently, and to distribute the results. Without the source code, and the rights and tools to use it, you can find a thousand exploits, but still have to pay lock-in prices to the supplier to get anything fixed. On top of that, you have to put up with whatever addition features the supplier chooses to include with security updates.