What is RSA, DSA and ECC? - JohnHau/mis GitHub Wiki
WHAT IS RSA? Invented by Ron Rivest, Adi Shamir, and Leonard Adleman in 1977, RSA is an algorithm for public-key cryptography. RSA works on the basis of a public and private key.
Your public key is used to encrypt data before it's sent to the server on which the certificate is located. Every internet user attempting to connect with the site is sent the public key. The private key, generated along with the CSR, is used to decrypt the data encrypted by the public key. No one should have access to your private key - your SSL security depends on it.
1024-bit used to be the standard for key lengths, However SYMANTEC has required all their customers to upgrade to certificates with 2048-bit RSA key lengths in the end of 2014. Get in touch to find out more about this upgrade.
WHAT IS DSA? Digital Signature Algorithm, or DSA, uses a different algorithm for signing and encryption to RSA, yet provides the same level of security. It was proposed in 1991 by the National Institute of Standards and Technology (NIST) and adopted by the Federal Information Processing Standard (FIPS) in 1993. Since then it has gone under four revisions.
A DSA certificate makes it easier to keep up with government standards as it's endorsed by federal agencies - including the impending move to 2048-bit key lengths. You can even run RSA and DSA simultaneously to enhance your security further. Apache servers, for example, can run RSA and DSA certificates simultaneously on just one web server. This will benefit businesses seeking to maximise their ecosystem reach for their business correspondence.
WHAT IS ECC? ECC is the latest encryption method. It stands for Elliptic Curve Cryptography and promises stronger security, increased performance, yet shorter key lengths. This makes it ideal for the increasingly mobile world.
Just for a comparison: 256-bit ECC key equates to the same security as 3,072-bit RSA key.
The shorter key lengths require less computing power, meaning faster, secure connections to the likes of smart phones and tablets on-the-go. Plus, despite being new, Symantec's ECC roots have been in place for over 5 years, so your ECC certificate will work throughout your ecosystem. Again, ECC is FIPS-certified, like DSA, and endorsed by the National Security Agency.
For more information, you can download the ECC fact sheet created by our partner Symantec.