What Are the Differences Between RSA, DSA, and ECC Encryption Algorithms? - JohnHau/mis GitHub Wiki

Public key infrastructure (PKI) is used to manage identity and security in internet communications and computer networking. The core technology enabling PKI is public key cryptography, an encryption mechanism that relies upon the use of two related keys, a public key and a private key.

This public and private key pair is together encrypting and decrypting messages. Pairing two cryptographic keys in this manner is also known as asymmetric encryption, which is different from symmetric encryption, in which a single key is used for both encryption and decryption. The advantage of asymmetric encryption is that the public key can be published for the world to see, while the private key is kept secure on the user's device, making it much more secure than symmetric encryption.

How Public Key Cryptography Relies on Encryption Public key cryptography relies on mathematical algorithms to generate the keys. The public key is comprised of a string of random numbers that can be used to encrypt a message. Only the intended recipient can decipher and read this encrypted message and it can only be deciphered and read by using the associated private key, which is secret, and known only to the recipient. Public keys are created using a complex cryptographic algorithm to pair them with their associated private key so that they cannot be exploited through a brute force attack.

The key size or bit length of public keys determines the strength of protection. For example, 2048-bit RSA keys are often employed in SSL certs, digital signatures, and other digital certificates. This key length offers sufficient cryptographic security to keep hackers from cracking the algorithm. Standards organizations like the CA/Browser Forum define baseline requirements for supported key sizes.

PKI enables the digital certificates that we encounter daily, unobtrusively and ubiquitously, when using websites, mobile apps, online documents, and connected devices. One of the most common use cases of PKI is X.509-based Transport Layer Security (TLS)/Secure Socket Layer (SSL). This is the basis of the HTTPS protocol, which enables secure web browsing. But digital certificates are also applied to a wide range of use cases including application code signing, digital signatures, and other aspects of digital identity and security.

What Are the RSA, DSA, and ECC Algorithms? There are three primary algorithms used for PKI key generation:

Rivest–Shamir–Adleman (RSA) Digital signature algorithm (DSA) Elliptic curve cryptography (ECC)

RSA vs DSA vs ECC Algorithms The RSA algorithm was developed in 1977 by Ron Rivest, Adi Shamir, and Leonard Adleman. It relies on the fact that factorization of large prime numbers requires significant computing power, and was the first algorithm to take advantage of the public key/private key paradigm. There are varying key lengths associated with RSA, with 2048-bit RSA key lengths being the standard for most websites today.

DSA uses a different algorithm than RSA to create public key/private keys, based on modular exponentiation and the discrete logarithm problem. It provides the same levels of security as RSA for equivalent-sized keys. DSA was proposed by the National Institute of Standards and Technology (NIST) in 1991 and was adopted by the Federal Information Processing Standard (FIPS) in 1993.

ECC is based on mathematical algorithms governing the algebraic structure of elliptic curves over finite fields. It provides equivalent levels of cryptographic strength as RSA and DSA, with shorter key lengths. ECC was the most recently-developed encryption method of the three, with Elliptic Curve Digital Signature Algorithm (ECDSA) becoming accredited in 1999, and Key Agreement and Key Transport Using Elliptic Curve Cryptography following in 2001. Like DSA, ECC is FIPS-certified, and is also endorsed by the National Security Agency (NSA).

Note that it's possible to support multiple encryption algorithms at the same time. For example, Apache servers can support both RSA- and DSA-generated keys on the same server. Taking such a "belts and suspenders" approach only enhances your enterprise security.

How Do RSA and DSA Compare? While RSA and DSA use different types of mathematical algorithms to generate the key pairs, for purposes of cryptographic strength, both are considered to be equivalent. Instead, the main differences come down to performance and speed.

Performance & Speed RSA is faster when it comes to encrypting and signing, but slower than DSA for decrypting and verifying; however, since authentication requires both, for many real-world applications the performance difference is largely negligible. RSA is also slower when it comes to key generation, but since keys are generated once and used for months or years, from a practical standpoint this is also often not as important a consideration.

SSH Protocol Support Another difference can be found in their Secure Shell (SSH) protocol support. RSA is compatible with both the original SSH, as well as the newer, second edition SSH2, while DSA only works with SSH2. As SSH is not considered to be as safe as SSH2, that may be a consideration for using DSA.

Another difference between DSA and RSA is that DSA is endorsed by the U.S. Federal Government. For businesses providing services to federal agencies, the ability to keep up with government standards may be an argument for using DSA.

Federal Endorsement The bottom line is that for most use cases, industries, and regulatory environments, RSA and DSA are very similar, offering equivalent cryptographic strength, and there is relatively little difference between the two. The two algorithms are also equally compatible with leading internet protocols including Nettle, OpenSSL, wolfCrypt, Crypto++, and cryptlib.

How Does ECC Compare to RSA and DSA? The biggest difference between ECC and RSA/DSA is the greater cryptographic strength that ECC offers for equivalent key size.

Key Size Comparison: Symmetric Key Size (bits) RSA Size (bits) Elliptic Curve Key Size (bits) 80 1024 160 112 2048 224 128 3072 256 192 7680 384 256 15360 521

Recommended Key Sizes According to NIST

ECC is More Efficient As the figure shows, with ECC you get equivalent cryptographic strength with significantly smaller key sizes - about an order of magnitude smaller. For example, to achieve the equivalent cryptographic strength of encrypting using a 112 bit symmetric key would require an RSA 2048 bit key, but only an ECC 224 bit key.

The shorter key lengths mean devices require less processing power to encrypt and decrypt data, making ECC a good fit for mobile devices, Internet of Things, and other use cases with more limited computing power

Security and Speed There are also some advantages to ECC in more traditional use cases like web servers, as smaller key sizes enable stronger security with faster SSL handshakes, which translates to faster web page load times.

It’s worth noting that ECDSA, the original version of ECC, is a variant of DSA. ECDSA offers equivalent levels of cryptographic strength per number of bits as ECC.