Home Page

VPN & Cryptography

Firewalls

Email & Spam

Security Terminology

 

VPN Terminology

VPN Tutorial Guide

3DES

AES

Aggressive Mode

Authentication Header

Asymmetric Encryption

Authentication

Certification Authority

Data Integrity

DES

Diffie-Hellman

Digital Certificate

Dynamic IP addresses

Encryption

ESP

IKE Oakley & ISAKMP

IPSec

IPSec Quick Mode

L2TP

Main Mode

MD5

NAT-T

PFS

PKI

Policy-vs-Route-VPN

PPTP

Pre-Shared Key

Remote Access User

RSA

Security Association

Sha-1

Site to Site VPN

SSL VPN

Transform Sets

Tunnel mode and Transport mode

VPN client tunneling option

VPN Topologies

VPN Tunnel

 

An Overview to RSA Public key Exchange

 

 

RSA public key exchange is an asymmetric encryption algorithm. RSA can be used for services such as digital signatures, key exchanges and for encryption purposes. Providing RSA is used with a long key, it has proven to be a very secure algorithm, and provides both authentication and encryption.

Like Diffie-Hellman, using RSA requires a public key and private key pair for encryption and decryption of data over the internet. The main purpose to using public key cryptography is to provide a scalable and secure solution for securely exchanging keys over the internet. VPN gateway devices as well as other services such as websites need to communicate and agree upon a key to use across the internet to be used for encrypting and decrypting data, that could easily be sniffed and stolen by a hacker. For this reason, it is why the public and private key (Asymmetric) mechanism was put into place, so that entities could securely agree on a symmetric key over the internet without the keys being compromised.

The RSA algorithm is based on the difficulty of factoring large numbers into two prime factors. It is based on a one way hash function, where it is easy to multiply two numbers to get the output or value, however using this output or value to working out the original two prime numbers is extremely difficult. In a one way hash analogy, it's easy to go one way from a point or value, but very difficult reversing or going backwards to reverting back to the original point or value.

RSA has been implemented in hardware and software. RSA is built into software such as Microsoft products, Apple and Novell. RSA has been implemented into hardware such as network interface cards and smart card readers.

As well as RSA, some other asymmetric encryption algorithms are Diffie-Hellman, ECC, El Gamal, DSA, LUC and Knapsack.

Further Reading

Wikipedia's guide to RSA