From the course: CompTIA Security+ (SY0-601) Cert Prep: 3 Cryptography Design and Implementation

Rivest, Shamir, Adelman (RSA)

- [Instructor] Asymmetric cryptography solves issues of scalability by giving each user a pair of keys for use in encryption and decryption operations. The RSA algorithm was one of the earliest asymmetric cryptographic algorithms and it's still used today. The RSA algorithm gains its name from the initials of the three creators of the algorithm, considered three of the pioneers of cryptography. Ron Rivest, the creator of the RC4 cipher, Adi Shamir, and Len Adleman first published their invention of the algorithm in 1977. It's pretty impressive that an algorithm created four decades ago is still in use today. When a new user wants to use RSA cryptography to communicate with others, they create a new key pair. Now there's a lot of complex math involved in creating the keys, but the underlying principle that you really need to understand is that the user selects two very large prime numbers and those prime numbers are used to create the keys. After going through some mathematical computations, RSA uses these numbers to create a public key and a private key. As with any asymmetric algorithm, the user is then responsible for keeping the private key secure and distributing the public key to other people with whom they wish to communicate. When a user wants to send an encrypted message to another user with the RSA algorithm, the sender encrypts the message with the recipient's public key. When someone receives an RSA-encrypted message, they decrypt that message with their own private key. As long as the user keeps that private key secure, they are the only person who possess the knowledge necessary to decrypt the message. This ensures the confidentiality of RSA-encrypted communications. The major drawback to the RSA algorithm is that it is fairly slow. Therefore, it is not normally used for exchanging long messages directly between communicating systems. Instead, RSA is often used to create an initial secure communications channel over which two systems exchange a symmetric key. The systems then use that symmetric key to encrypt communications for the remainder of the session. One other drawback to the RSA algorithms widespread use is that it was protected by a patent. Ron Rivest was a faculty member of the Massachusetts Institute of Technology and MIT received a patent on the technology. This is no longer an issue, as the patent expired in the year 2000. Let's review some of the key facts that you'll need to know about RSA. RSA is an asymmetric encryption algorithm that uses variable length keys, normally between 1,024 and 4,096 bits. Although there had been some published attacks against RSA, recent implementations of this algorithm are still considered secure when used with a sufficiently long key of at least 1024 bits.

Contents