Asymmetric cryptography solves issues of scalability by giving each user a pair of keys for use in encryption and decryption operations. The RSA algorithm was one of the earliest asymmetric cryptographic algorithms and it is still used today. After completing this video, you will understand the use of the Rivest-Shamir-Adleman (RSA) cryptographic algorithm.
- View Offline
- Asymmetric cryptography solves issues of scalability by giving each user a pair of keys for use in encryption and decryption operations. The RSA algorithm was one of the earliest asymmetric cryptographic algorithms, and it is still used today. The RSA algorthim gains its name from the initials of the three creators of the algorithm, considered three of the pioneers of cryptography. Ron Rivest, the creator of the RC4 cipher, Adi Shamir, and Leonard Adelman, first published their invention of the algorithm in 1977.
It's pretty impressive that an algorithm created four decades ago is still in use today. When a new user wants to use RSA cryptography to communicate with others, he or she creates a new key pair. There's a lot of complex math involved in creating that key pair, but the underlying principle that you need to understand is that the user selects two very large prime numbers that are used to create the encryption keys. After going through some mathematical computation, RSA uses these prime numbers to create a public and a private key.
As with any asymmetric algorithm, the user is then responsible for keeping the private key secure, and distributing the pubic key to other people with whom he or she wishes to communicate. When a user wants to send an encrypted message to another user with the RSA algorithm, the sender encrypts the message with recipient's public key. When someone receives an RSA encrypted message, the recipient decrypts that message with his or her own private key.
As long as the user keeps that private key secure, he or she is the only person who possesses the knowledge necessary to decrypt the message. This insures the confidentiality of RSA encrypted communications. The major drawback to the RSA algorithm is that it is fairly slow. Therefore, it is not normally used for exchanging long messages directly between communicating systems. Instead, RSA is often used to create an initial secure communications channel over which two systems exchange a symmetric key.
The systems can then use that symmetric key to encrypt communications for the remainder of the session. One other drawback to the RSA algorithm's widespread use is that it was protected by a patent. Ron Rivest is a faculty member at the Massachusetts Institute of Technology, and MIT received a patent on RSA technology. This is no longer an issue, however, as the patent expired in the year 2000. Let's review some of the key facts that you'll need to know about RSA.
RSA is an asymmetric encryption algorithm that uses variable length keys normally between 1,024 and 4,096 bits. Although there have been some published attacks against our essay, recent implementations of the algorithm are still considered secure when used with a sufficiently long key of 1,024 bits.
Members who take all eight courses in the series will be prepared to take and pass the CISSP exam. Find the companion study books at the Sybex test prep site and review the complete CISSP Body of Knowledge at https://www.isc2.org/cissp-domains/default.aspx.
- Understanding security and evaluation models
- Cloud computing and virtualization
- Securing hardware
- Client and server vulnerabilities
- Web security vulnerabilities
- Securing mobile and smart devices
- Understanding encryption
- Key management and public key infrastructure
- Physical security