



Asymmetric Algorithms
What is an asymmetric algorithm?
Asymmetric algorithms (public key algorithms) use different keys for encryption and decryption, and the decryption key cannot (practically) be derived from the encryption key. Asymmetric algorithms are important because they can be used for transmitting encryption keys or other data securely even when the parties have no opportunity to agree on a secret key in private.


Types of Asymmetric algorithms
Types of Asymmetric algorithms (public key algorithms):
RSA
DiffieHellman
Digital Signature Algorithm
ElGamal
ECDSA
XTR

Asymmetric algorithms examples:
RSA Asymmetric algorithm
RivestShamirAdleman is the most commonly used asymmetric algorithm (public key algorithm). It can be used both for encryption and for digital signatures. The security of RSA is generally considered equivalent to factoring, although this has not been proved.
RSA computation occurs with integers modulo n = p * q , for two large secret primes p , q . To encrypt a message m , it is exponentiated with a small public exponent e . For decryption, the recipient of the ciphertext c = me (mod n) computes the multiplicative reverse d = e1 (mod (p1)*(q1)) (we require that e is selected suitably for it to exist) and obtains cd = m e * d = m (mod n) . The private key consists of n, p, q, e, d (where p and q can be omitted); the public key contains only n and e . The problem for the attacker is that computing the reverse d of e is assumed to be no easier than factorizing n . The key size should be greater than 1024 bits for a reasonable level of security. Keys of size, say, 2048 bits should allow security for decades.
There are actually multiple incarnations of this algorithm; RC5 is one of the most common in use, and RC6 was a finalist algorithm for AES.
DiffieHellman
DiffieHellman is the first asymmetric encryption algorithm, invented in 1976, using discrete logarithms in a finite field. Allows two users to exchange a secret key over an insecure medium without any prior secrets.
DiffieHellman (DH) is a widely used key exchange algorithm. In many cryptographical protocols, two parties wish to begin communicating. However, let's assume they do not initially possess any common secret and thus cannot use secret key cryptosystems. The key exchange by DiffieHellman protocol remedies this situation by allowing the construction of a common secret key over an insecure communication channel. It is based on a problem related to discrete logarithms, namely the DiffieHellman problem. This problem is considered hard, and it is in some instances as hard as the discrete logarithm problem.
The DiffieHellman protocol is generally considered to be secure when an appropriate mathematical group is used. In particular, the generator element used in the exponentiations should have a large period (i.e. order). Usually, DiffieHellman is not implemented on hardware.
Digital Signature Algorithm
Digital Signature Algorithm (DSA) is a United States Federal Government standard or FIPS for digital signatures. It was proposed by the National Institute of Standards and Technology (NIST) in August 1991 for use in their Digital Signature Algorithm (DSA), specified in FIPS 186 [1], adopted in 1993. A minor revision was issued in 1996 as FIPS 1861 [2], and the standard was expanded further in 2000 as FIPS 1862 [3].
Digital Signature Algorithm (DSA) is similar to the one used by ElGamal signature algorithm. It is fairly efficient though not as efficient as RSA for signature verification. The standard defines DSS to use the SHA1 hash function exclusively to compute message digests. The main problem with DSA is the fixed subgroup size (the order of the generator element), which limits the security to around only 80 bits. Hardware attacks can be menacing to some implementations of DSS. However, it is widely used and accepted as a good algorithm.
ElGamal
The ElGamal is a public key cipher  an asymmetric key encryption algorithm for publickey cryptography which is based on the DiffieHellman key agreement. ElGamal is the predecessor of DSA.
ECDSA
Elliptic Curve DSA (ECDSA) is a variant of the Digital Signature Algorithm (DSA) which operates on elliptic curve groups. As with Elliptic Curve Cryptography in general, the bit size of the public key believed to be needed for ECDSA is about twice the size of the security level, in bits.
XTR
XTR is an algorithm for asymmetric encryption (publickey encryption). XTR is a novel method that makes use of traces to represent and calculate powers of elements of a subgroup of a finite field. It is based on the primitive underlying the very first public key cryptosystem, the DiffieHellman key agreement protocol.
From a security point of view, XTR security relies on the difficulty of solving discrete logarithm related problems in the multiplicative group of a finite field. Some advantages of XTR are its fast key generation (much faster than RSA), small key sizes (much smaller than RSA, comparable with ECC for current security settings), and speed (overall comparable with ECC for current security settings).
Symmetric and asymmetric algorithms
Symmetric algorithms encrypt and decrypt with the same key. Main advantages of symmetric algorithms are their security and high speed. Asymmetric algorithms encrypt and decrypt with different keys. Data is encrypted with a public key, and decrypted with a private key. Asymmetric algorithms (also known as publickey algorithms) need at least a 3,000bit key to achieve the same level of security of a 128bit symmetric algorithm. Asymmetric algorithms are incredibly slow and it is impractical to use them to encrypt large amounts of data. Generally, symmetric algorithms are much faster to execute on a computer than asymmetric ones. In practice they are often used together, so that a publickey algorithm is used to encrypt a randomly generated encryption key, and the random key is used to encrypt the actual message using a symmetric algorithm. This is sometimes called hybrid encryption.


•


