A public-key encryption technology developed by RSA Data Security, Inc. The acronym stands for Rivest, Shamir, and Adelman, the inventors of the technique. The RSA algorithm is based on the fact that there is no efficient way to factor very large numbers. Deducing an RSA key, therefore, requires an extraordinary amount of computer processing power and time.
In this definition...
What is RSA?
RSA (Rivest-Shamir-Adleman) is a data encryption and decryption technology named after its inventors. Ron Rivest, Adi Shamir, and Leonard Adleman introduced the RSA public-key cryptosystem, which is used for secure data transmission. The algorithm’s goal is to allow a user to decode information that has been encrypted, so only intended recipients can read it.
The RSA algorithm has become the de facto standard for industrial-strength encryption, especially for data sent over the Internet. It is built into many software products, including Netscape Navigator and Microsoft Internet Explorer. The technology is so powerful that the U.S. government has restricted exporting it to foreign countries.
A similar technology that is also used widely is offered by a company called Cylink.
RSA was invented in 1977. Intrigued by Whitfield Diffie, Martin Hellman, and Ralph Merkle’s 1976 research, Rivest, Shamir, and Adleman invented a cryptosystem to enable secure message encoding and decoding between communicating parties. They called these keys public (encryption) and private (decryption).
Clifford Cock had previously invented an equivalent system for the British GCHQ back in 1973. But this project remained secret until it was declassified in 1997.
The method of cryptography used by RSA is referred to as public-key cryptography, or asymmetric encryption. Asymmetric encryption is unique because it uses two keys; one key (the private key) can decrypt information encrypted with another key (the public key).
The public key, which anyone may have access to, encrypts plaintext while the recipient private key decrypts ciphertext. That’s why asymmetric encryption methods are also known as two-key systems.
How does RSA work?
During public-key cryptography, two keys are generated which are mathematically linked to each other through their relationship to large prime numbers, a building block for encryption.
The strength of RSA is rooted in its reliance on public keys and private keys. For example, if Alice wanted to share her latest ideas for world domination with Bob while making sure that no one else could access them, she would use Bob’s public key to encrypt her message. Then, she would send it along. Once Bob received Alice’s top-secret correspondence, he could use his private key to decode it.
That’s where cryptography comes into play. A cryptographic algorithm is designed to encode plaintext (the original message) using one or more other values, often called ciphertext, that have no meaning without an agreed-upon decryption method.
In most cases, successful encryption relies upon creating a unique key of some sort. In RSA, that key comes from large prime numbers.
The encryption method relies on three keys: two large prime numbers, p and q, and a related number n which is produced by multiplying them together. Each number has numerous factors or divisors. Because there are so many ways to create long chains of prime numbers, cracking RSA encryption isn’t possible without a great deal of time and resources.
RSA encryption also allows users to choose different lengths of their public/private key pairs; typically, longer keys make it harder for hackers to crack.
The public key and private key
Public key cryptography, or asymmetric cryptography, utilizes a pair of mathematically related keys: a public key is known to everyone, and a private key is kept secret. To send an encrypted message using public-key encryption, one first creates a message by randomly choosing two large prime numbers, p and q.
The individual then multiplies them to obtain another number N=pq that serves as a public key. The principal application for public-key cryptography is called digital signatures. Public keys may be disseminated widely, and private keys are known only to their owners.
RSA encryption is the process of encoding data, so only authorized users can decrypt it. The method involves two large numbers (keys) called an encryption key and a decryption key, used by those who need to encode or decode information.
These encryption systems are used in businesses, government agencies, militaries, and other organizations where classified information must be protected from unauthorized access. They’re also used commercially to protect sensitive documents from bad actors trying to steal customer information.
Encryption methods use mathematical algorithms step-by-step instructions for calculations using numbers to encrypt and decrypt data. Many of these algorithms rely on prime factorization and modular arithmetic operations to achieve their security. These keys are mathematically related such that any message encrypted with one key can only be decrypted with its paired key.
Why is RSA used?
Because of its high-security features, the RSA algorithm has been widely adopted in electronic transactions to ensure safety from data theft. The algorithm has become an integral part of various internet applications, including e-commerce, SSL (secure sockets layer), email encryption, and many more.
By using asymmetric encryption for communications between clients and servers, users can eliminate passwords as a security risk on networks. Most modern websites use SSL/TLS certificates that utilize RSA encryption. Public and private keys can also be used to digitally sign files, allowing users to verify they have come from a trusted source.
Modern operating systems automatically handle these processes without users worrying about which type of encryption is being used. However, since both public and private keys are mathematically related, data encrypted with one key can only be decrypted with its paired key. This results in an added layer of security compared to symmetric encryption methods.
How secure is RSA?
RSA is considered one of the most secure encryption methods available today. However, there are concerns about recent trends in quantum computing that could undermine many public-key cryptosystems, including RSA. Researchers at National Institute for Research in Computer Science and Automation were able to break an RSA key that is 795-bits in size, which might lead some to believe that larger keys will be vulnerable as well.
In addition, KeyFactor found that RSA is being implemented insecurely by many IoT manufacturers due to their usage of random number generators (RNGs) with low entropy. All told, 1 in 172 RSA keys are at risk of compromise due to factoring attacks. Because private-public key pairs can only be generated via random processes, they may not always be random over time.
If they become predictable, an attacker would potentially have enough information to perform a successful attack against a smaller RSA key length with minimal effort. It’s just a matter of guessing an actual plaintext with high accuracy using Shor’s algorithm or a related implementation on quantum computers.
Although RSA is currently secure, that doesn’t mean it always will be. Technology is growing fast because each generation of technology has improved over the last one. What happens if (and when) researchers discover an attack that enables them to factor a 2048-bit modulus or, worse yet, create an algorithm that breaks into a 1024-bit modulus?
Security experts agree that we are one major discovery away from RSA becoming insecure as a public-key encryption standard at any given time. Since RSA was initially developed, many newer standards have been released; however, many people still use RSA for basic encryption and decryption functions.
The future of RSA
The RSA encryption algorithm has been around for more than 40 years. Despite its age, it remains one of the strongest and most popular methods to secure data transmission.
While there have been some advances in encryption technology since then, RSA remains a solid choice for encryption as well as key exchange. However, newer technologies are challenging RSA’s dominance. Here’s what you should know about other options you have with regards to encrypting your data.
Hellman Key Exchange
It can be used to securely communicate over unsecured communication channels. Hellman’s key exchange allows two individuals to establish a shared secret even when each party has no knowledge of each other or of anyone else they might be communicating with.
ElGamal encrypts and decrypts data using asymmetric encryption methods, meaning that it uses a different public and private key to encrypt and decrypt data based on the Diffie-Hellman key exchange. This ensures that only the intended party can read messages sent over a network. Even if someone were to intercept encrypted data packets, they could not decipher their contents without access to each participant’s respective private key.
Elliptic Curve Cryptography (ECC)
In cryptography, an elliptic curve (EC) algorithm is a type of algorithm for encrypting data related to digital signatures and key agreement. It relies on pairs of public and private keys, both related to an elliptic curve over a finite field. Like most cryptosystems, it makes use of asymmetric cryptography.
Schnorr Signatures, named after Claus-Peter Schnorr, are a type of digital signature scheme that uses a mathematical function for the signing and verification of signatures. Schnorr signatures can be viewed as an alternative to Elliptic Curve Digital Signature Algorithm (ECDSA), as they offer efficiency gains over ECDSA while remaining more secure than traditional discrete logarithm-based signature schemes.
Further Reading on RSA
White papers, news coverage, and more about RSA | TechRepublic.com
RSA vendors to watch | eSecurity Planet