Q
Manage Learn to apply best practices and optimize your operations.

# What are new and commonly used public-key cryptography algorithms?

## Expert Michael Cobb breaks down a variety of encryption algorithms and reviews the use cases for several types of cryptography.

I'm interested in learning about public-key cryptography algorithms. What is the newest one, and which is the most...

commonly used today?

Cryptography is a fascinating subject and is of great importance in most technology today, from computers to credit cards and government to ecommerce. Public-key algorithms provide a solution to what had been a big problem for cryptographers for thousands of years: key exchange. Historically, the same key had been used to encrypt and decrypt a plain text message, a process known as symmetric encryption. This meant though that the encryption key, as well as the encrypted data, had to be sent to the intended receiver. Somehow the sender and receiver had to securely share the encryption key in advance.

This problem of key distribution was solved in 1976 by two researchers at Stanford University, Whitfield Diffie and Martin Hellman. They proposed a cryptosystem in which the encryption key and the decryption key were different. This approach to cryptography, known as public-key cryptography, uses a pair of cryptographic keys, a public key and a private key. The private key is kept secret, while the public key can be distributed openly, thereby negating the need to transmit a secret key in advance. The keys are related mathematically, allowing the sender of a message to encrypt his message using the recipient's public key. The message can then only be decrypted using the recipient's private key.

Public-key cryptography serves both to authenticate a message and ensure its privacy, so it's essential that you know that the public key you are using to encrypt a message does belong to a specific person or entity. This has led to the creation of a public-key infrastructure (PKI), in which one or more third parties, known as certificate authorities, certify the ownership of key pairs. VeriSign Inc. is one of the best-known certificate authorities. Several algorithms in common employ public-key cryptography, probably the best known being the RSA algorithm named after its inventors, Ronald Rivest, Adi Shamir and Leonard Adleman.

Although your interest is in public-key cryptography algorithms, you will need to study other types of encryption algorithms to fully understand how different algorithms are used in different situations. Public-key encryption is slow and computationally intensive, so most systems only use it for highly secure transactions, such as to send the symmetric key used to encrypt a message. The SSL/TLS family of cryptographic protocols does this, and together they are called hybrid cryptosystems.

Another important aspect of cryptography to understand is that of breakability. All public-key schemes are susceptible to brute-force key search attacks. Theoretically, however, "breakable" and "practically breakable" are different. An attack is impractical if the amount of computation needed for a break to succeed, termed work factor, is beyond the means of a would-be attacker. For example, if it would, in theory, take 10 years to break an encryption scheme, then it is safe to use when encrypting your credit card details, as your credit card will expire well before the attacker can decrypt them.

When you're studying different algorithms, bear in mind that it's mostly their implementation that creates weaknesses rather than the algorithm itself. Attacking the physical implementation of a cryptosystem is called a side-channel attack. For example, timing information, power consumption, electromagnetic leaks or even sound can provide an extra source of information which can be exploited to break the system. As you can see, cryptography is a fascinating subject, and I'm sure you'll enjoy learning more about it.

This was last published in August 2009

## Content

Find more PRO+ content and other member only offers, here.

#### Have a question for an expert?

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

#### Start the conversation

Send me notifications when other members comment.

## SearchCloudSecurity

• ### Cloudflare Access takes on VPNs with reverse proxy approach

Cloudflare takes inspiration from Google's BeyondCorp with a new service called Cloudflare Access, which aims to replace ...

• ### TLS 1.3: What it means for enterprise cloud use

The latest draft version of TLS 1.3 is out, and it will likely affect enterprises that use cloud services. Expert Ed Moyle ...

• ### The biggest cloud security threats, according to the CSA

The Cloud Security Alliance reported what it found to be the biggest cloud security threats. Expert Rob Shapland looks at how ...

## SearchNetworking

• ### ExtremeLocation latest addition to Extreme wireless portfolio

Extreme Networks is targeting retailers with a new set of services, called ExtremeLocation. The latest technology adds ...

• ### Take network configuration management tools to the next level

Script management systems and intent-based networking are driving the future of network configuration management tools, shifting ...

• ### Cybersecurity skills shortage continues to worsen

This week, bloggers explore the cybersecurity skills shortage, the challenges of deploying edge computing and how best to ...

## SearchCIO

• ### Wayfair's chief architect talks AI-driven innovation, impactful IT

Wayfair sells home furnishings, but under the covers, it's a tech juggernaut. Chief Architect Ben Clark explains how AI-driven ...

• ### Synthetic data could ease the burden of training data for AI models

Sometimes it's better to manufacture training data for machine learning models than it is to collect it.

• ### CES 2018 for CIOs: Rise of the AI voice assistant class

What happens in Vegas doesn't stay there -- not at CES 2018, where AI voice assistants and sentient objects were ubiquitous and ...

## SearchEnterpriseDesktop

• ### Ten Windows 10 Fall Creators Update features to know

Microsoft introduced some significant changes to Windows 10 in the Fall Creators Update. The My People app, for example, lets ...

• ### Guard the line with Windows Defender features

The Windows 10 Fall Creators Update took Windows 10 security up a notch by adding advanced features to Windows Defender, ...

• ### Ready to master virtualization-based security in Windows 10?

Put your knowledge of virtualization-based security in Windows 10 on the line with this quiz covering the ins and outs of ...

## SearchCloudComputing

• ### Google Cloud Dedicated Interconnect offers VPN alternative

Google's Dedicated Interconnect enables an enterprise to privately connect its data center to the public cloud. Here's a ...

• ### Chip bugs hit cloud computing usage less than first feared

IT shops expected their cloud usage to flag due to recent chip bugs, but most environments survived the patches unscathed.

• ### Providers continue to push hybrid cloud technologies in 2018

The hybrid cloud market changes rapidly, as major cloud providers release new services to bridge private and public platforms, ...

## ComputerWeekly.com

• ### UK and France to collaborate on digital tech

The UK and French governments have joined forces to increase technology and innovation cooperation between the two nations

• ### Create security culture to boost cyber defences, says Troy Hunt

Security suffers when there is tension between software developers and security professionals, but it is common in many ...

• ### Nordic IT executive interview: Daniel Kjellén, CEO, Tink

Sweden could have a head start in the race to open up banking through the European Union’s PSD2 regulation

Close