What is RSA?
RSA (Rivest-Shamir-Adleman) is an asymmetric cryptographic algorithm that uses a pair of keys - a public key for encryption and a private key for decryption. It is one of the first practical public-key cryptosystems and is widely used for secure data transmission.
Quick Facts
| Full Name | Rivest-Shamir-Adleman |
|---|---|
| Created | 1977 by Rivest, Shamir, and Adleman |
| Specification | Official Specification |
How It Works
RSA was invented in 1977 by Ron Rivest, Adi Shamir, and Leonard Adleman at MIT. Its security relies on the practical difficulty of factoring the product of two large prime numbers. RSA can be used for both encryption and digital signatures. For encryption, the sender uses the recipient's public key; for signatures, the signer uses their private key. Common key sizes are 2048 and 4096 bits. While RSA is slower than symmetric algorithms like AES, it solves the key distribution problem by allowing secure communication without sharing secret keys.
Key Characteristics
- Asymmetric encryption (public/private key pair)
- Based on difficulty of factoring large primes
- Used for encryption and digital signatures
- Common key sizes: 2048, 3072, 4096 bits
- Slower than symmetric encryption
- Solves key distribution problem
Common Use Cases
- SSL/TLS certificate key exchange
- Digital signatures
- Email encryption (PGP/GPG)
- Secure key exchange
- Code signing
Example
Loading code...Frequently Asked Questions
Why is RSA considered secure and what makes it hard to break?
RSA's security relies on the mathematical difficulty of factoring the product of two large prime numbers. While multiplying two primes is easy, reversing this process (factoring) is computationally infeasible for sufficiently large numbers. With 2048-bit or larger keys, no known algorithm can factor them in reasonable time.
What is the difference between RSA and AES encryption?
RSA is asymmetric encryption using public/private key pairs, suitable for key exchange and digital signatures but slower. AES is symmetric encryption using the same key for encryption and decryption, much faster for bulk data. In practice, RSA is often used to securely exchange an AES key, which then encrypts the actual data.
What key size should I use for RSA in 2024?
For most applications, 2048-bit RSA keys provide adequate security through 2030. For long-term security or sensitive applications, 3072-bit or 4096-bit keys are recommended. Keys smaller than 2048 bits are considered insecure. Note that larger keys significantly increase computational overhead.
Is RSA vulnerable to quantum computing attacks?
Yes, RSA is vulnerable to quantum computers running Shor's algorithm, which can efficiently factor large numbers. While current quantum computers cannot break RSA, post-quantum cryptography algorithms like CRYSTALS-Kyber are being standardized as replacements. Organizations should plan for eventual migration to quantum-resistant algorithms.
How is RSA used in SSL/TLS and HTTPS?
In SSL/TLS, RSA is traditionally used for key exchange: the client generates a random session key, encrypts it with the server's RSA public key, and sends it. Modern TLS 1.3 prefers ECDHE for key exchange due to forward secrecy, but RSA is still used for server authentication via digital signatures in certificates.