On my last post, I’ve talked about the types of symmetric encryption algorithms. Today, I’ll be covering different types of asymmetric encryption algorithms.
RSA is one of the most popular asymmetric public key algorithms because it was technically the first of its kind. It stands for the names for those who made the algorithms, Rivest shamir and adleman. It’s the main standard for encryption and digital signatures and is widely used for electronic devices, operating systems, and software applications.
How encryption works is you increase the message by the E (number of the public key or private key) power and multiply it by the the modulus for the number n (part of the public key, public key has two numbers), then you will get the cipher text. To decrypt it, you power the cipher text by D (number of the public or private key, the opposite of E) modulus n and you will get the original message. Remember that knowing the factors of the n is the trapdoor.
It’s also used in many web servers that use SSL, and its algorithm is based on the factoring of prime numbers to obtain private and public key pairs. RSA is used primarily for encryption and digital signatures.
Elliptic curve cryptograms provides functionality similar to RSA, such as encryption and digital signatures. The ECC uses complex math structures to create secure asymmetric algorithms and keys. It was created for devices with smaller processing capabilities, such as a phone. It uses smaller keys than RSA, because larger keys need more processing power to compute.
DSA was published by NIST in the DSS, which is part of the US government project. DSA stands for digital signature algorithm. The DSS was selected by the NIST, in cooperation with the NSA, as the digital authentication standard of the US government. DSA is based on discrete logarithms and is used only for authentication. The algorithm is considered secure when the key size is big enough. DSA proposed 512 bit key size and was eventually revised to support key sizes up to 1024. Because of DSA’s lack of key exchange capabilities, relative slowness, and public distrust of the process and the government involvement that created it, many people prefer RSA for digital signatures and encryption, but both are used widely.
One time pad is a type of encryption scheme that, when implemented correctly, is considered secure and theoretically impossible to compromise. The pad is generated from random values and uses a mathematic function called an exclusive OR (XOR) to encrypt the plain text message into cipher text. One time pats are secure because they are only ever used once, a pad is as long as the message it is encrypting, the pad values are completely random, and the communication of the pad is secure. One time pads are difficult to implement within computerized environments, as not all of the requirements can be successfully met, and they are often used as a manual backup encryption method for extremely high security areas such as military and government environments.
Quantum cryptography is an extremely advanced technique to protect key distribution through light based quantum computing. The technique uses the quantum effect of light waves over fiber optic cable to transmit code within theoretically unbreakable light pulses to distribute a shared key between two users. This method is expensive as the hardware required to support it is costly. The hardware is limited to only the most advanced and secure environments such as scientific research or military applications.
DHE, known as diffie hellman isn’t an actual encryption algorithm. It’s a key agreement protocol that enables users to exchange encryption keys over an insecure medium. It depends on the discrete logarithmic formulas for its security. Main issue with the basic protocol is that the key exchange doesn’t authenticate the participants. Further enhancements to the diffie hellman protocol, such as elliptic curve diffie hellman exchange, allow the two parties to authenticate each other through the addition of more advanced technologies such as elliptic curve public private key pairs, digital signatures, and public key certificates. This system is used in the PKI.