Asymmetric Cryptography Algorithms – CompTIA Security+ SY0-401: 6.2


Asymmetric cryptography has enabled secure communication, digital signatures, and much more. In this video, you’ll learn about the well-known asymmetric algorithms of RSA and Diffie-Hellman.

<< Previous Video: Symmetric Encryption CiphersNext: One-Time Pads >>


One of the internet’s most popular encryption algorithms is RSA. This RSA stands for Ron Rivest, Adi Shamir, and Leonard Adelman, and it was published back in 1977. It uses this is public-key cryptography system, where you have a public key and a private key to be able to encrypt information, decrypt that data, and even digitally sign information. This is based on an idea on finding the product of two extremely large, prime numbers. You have to be able to understand those two factors to be able to decode all of this information.

That’s a very simplified way of describing how this works, but it does provide us with some great capabilities of sending encrypted data across the network and ensuring that it will be secure from end to end. The RSA algorithm used to be proprietary, but now, it’s been released into the public domain. And we use it extensively on our websites to do SSL, or what’s now called TLS types of encryption. If you see anybody using a public or private-key encryption mechanism on the internet, there’s a good bet that they’re using RSA.

Another algorithm that is used to protect keys as they are exchanged over the network is called the Diffie-Hellman key exchange. This is the idea of being able to send keys across the network, but still be ensured that nobody’s going to be able to use those keys to decrypt your private information. This key transfer mechanism was published in 1976 by Witfield Diffie, Martin Hellman, and Ralph Merkle, and one important consideration here is this was really designed to transfer keys across the network. It’s not, by itself, a method of encrypting or authenticating people’s communications over the network. This is something that simply allows us to send keys from one end to the other and still protect that key and the method that’s going to be used for encrypting data using those keys.

It’s very common to see Diffie-Hellman key exchange used in things like Perfect Forward Secrecy, which is a way to transfer keys and encrypt information on web servers. This uses is Ephemeral Diffie-Hellman, which means those keys will only be used for a short period of time. You’ll commonly see that written as EDH or DHE, and it’s combined with the elliptic curve cryptography to be able to do the encryption. So if you ever see a server and it’s using a key exchange method of ECDHE, it’s really referring to this method that’s used that we commonly call Perfect Forward Secrecy.