Encryption should not be seen as the ultimate answer to any information security problem but only as one part of the security equation. This concept should always be considered when choosing a public key algorithm. Before delving into any encryption project, however, perform a thorough risk analysis of your data and systems to determine what you need. Obviously, high-risk data, such as sensitive customer data, needs better encryption than marketing plans, which would have a much lower impact on the business if divulged.
Second, in terms of performance, a thorough analysis of your network architecture and the traffic load it can bear will help decide which encryption route to choose. In general, public key encryption, or asymmetric encryption, is about 10,000 times slower than private key encryption. This is because of asymmetric encryption's creation and exchange of the two keys versus the single one in private or symmetric encryption.
The Diffie-Hellman Key Exchange and RSA (named after its inventors Rivest–Shamir–Adleman) are two of the most popular encryption algorithms. How are they different from each other? Which one should an organization use? In order to provide an answer, let us examine concisely both.
Diffie-Hellman key exchange, also called exponential key exchange, is a method of digital encryption that uses numbers raised to specific powers to produce decryption keys on the basis of components that are never directly transmitted, making the task of an intended code breaker mathematically overwhelming. Diffie–Hellman key exchange establishes a shared secret between two parties that can be used for secret communication for exchanging data over a public network and actually uses public key techniques to allow the exchange of a private encryption key.
In order to simplify the explanation of how the algorithm works, we will use small positive integers. In reality, the algorithm uses large numbers. In addition, you may find fairly easy explanations on Wikipedia and Khan Academy.
Communicating in the clear, Alice and Bob agree on two positive integers, a prime number, and a generator. A generator is a number that, when raised to positive whole-number powers less than the prime number, never produces the same result for any two such whole numbers. Let us assume that Alice will use the prime number 17 and Bob the generator 3. Then Alice selects a private random number, say 15, and calculates 315mod17 which equals 6 and sends the result publicly to Bob. Then Bob selects his private random number, say 13, calculates 313mod17 and sends the result (which is 12) publicly to Alice. The heart of the trick is the following computation. Alice takes Bob’s public result (=12) and calculates 1215mod17. The result (=10) is their shared secret key. On the other hand, Bob takes Alice’s public result (=6) and calculates 613mod17 which results again to the same shared secret. Now Alice and Bob can communicate using the symmetric algorithm of their choice and the shared secret key, which was never transmitted over the insecure circuit.
If a third party was listening to the exchange, it would be computationally difficult for this party to determine the secret key. In fact, when using large numbers, this action is computationally expensive for modern supercomputers to do in a reasonable amount of time.
RSA is a cryptosystem for public-key encryption and is widely used for securing sensitive data, particularly when being sent over an insecure network such as the Internet. RSA was first described in 1977 by Ron Rivest, Adi Shamir and Leonard Adleman of the Massachusetts Institute of Technology. Public-key cryptography, also known as asymmetric cryptography, uses two different but mathematically linked keys, one public and one private. The public key can be shared with everyone, whereas the private key must be kept secret. In RSA cryptography, both the public and the private keys can encrypt a message; the opposite key from the one used to encrypt a message is used to decrypt it. This attribute is one reason why RSA has become the most widely used asymmetric algorithm: It provides a method of assuring the confidentiality, integrity, authenticity, and non-reputability of electronic communications and data storage.
RSA derives its security from the difficulty of factoring large integers that are the product of two large prime numbers. Multiplying these two numbers is easy, but determining the original prime numbers from the total, that’s factoring, is considered infeasible due to the time it would take even using today’s super computers. The RSA algorithm involves four steps: key generation, key distribution, encryption, and decryption. The public and the private key-generation algorithm is the most complex part of RSA cryptography and falls beyond the scope of this post. You may find an example on Tech Target.
Both RSA and Diffie-Hellman are public key encryption algorithms strong enough for commercial purposes because they are both based on supposedly intractable problems, the difficulty of factoring large numbers and exponentiation and modular arithmetic respectively. The minimum recommended key length for encryption systems is 128 bits, and both exceed that with their 1,024-bit keys. Both have been subjected to scrutiny by mathematicians and cryptographers, but given correct implementation, neither is significantly less secure than the other.
The nature of the Diffie-Hellman key exchange, however, makes it susceptible to man-in-the-middle (MITM) attacks, since it doesn't authenticate either party involved in the exchange. The MITM maneuver can also create a key pair and spoof messages between the two parties, who think they're both communicating with each other. This is why Diffie-Hellman is used in combination with an additional authentication method, generally digital signatures.
Unlike Diffie-Hellman, the RSA algorithm can be used for signing digital signatures as well as symmetric key exchange, but it does require the exchange of a public key beforehand. However, recent research has demonstrated that even 2048-bits long RSA keys can be effectively downgraded via either man-in-yhe-browser or padding oracle attacks. The report suggests that the safest countermeasure is to deprecate the RSA key exchange and switch to (Elliptic Curve) Diffie-Hellman key exchanges.
Which one is the best? That’s a difficult question to answer and there has been a great discussion on various forums. So, the answer as usual is “it depends”. You will usually prefer RSA over Diffie-Hellman, or Diffie-Hellman over RSA, based on interoperability constraints and depending on the context. Performance rarely matters and as for security, from a high-level view, a 1024-bit Diffie-Hellman key is as robust against cryptanalysis as a 1024-bit RSA key. The choice is up to you.