Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 545
  • Last Modified:

Which is more secure? RSA, Diffie-Hellmann/DSS

I want to know the plus and minus points of:

RSA Keys and,
Diffie-Hellmann/DSS Keys.

Which is recommended and more secure?
0
rpkhare
Asked:
rpkhare
  • 4
  • 3
1 Solution
 
sullivanr6Commented:
what is the purpose these algorithms...

Diffie Hellman is not used for identification or authentication, only key exchanges. It is a Symmetric key encryption. Meaning you would only use DH or RSA to provide the keying for other symmetric key algorithms (AES, 3DES)...

RSA is not as secure as DH, but they comparable...

what is the purpose of this encryption?

J
0
 
rpkhareAuthor Commented:
These algorithms are used in Public Key Cryptography, I know this much. I have been using them since a long time. I just wanted to know which is more secure. As you said RSA is weak, please let me know why?
0
 
sullivanr6Commented:
I said not as strong. not weak. Both are suitable choices, you could in fact have chosen to use a hash such as message digest or SHA...

I can't answer your question in complete honesty as to why one algorithm is weaker than the other, I am not a mathematician. Computational factoring is not my day job :)

...never knew RSA was developed at MIT, I just got a little bit of respect of RSA, this is a good read, although a bit abstract. hope it helps...

Diffie-Hellman: The basis for the technique is the difficulty of calculating logs in modular arithmetic. Say A and B wish to establish a key. A sends B the number g, the modulus m and the number h1 = g^e1 mod(m), where e1 is a large number (<m). B then sends back to A the number h2 = g^e2 mod(m). They each then use the number k = g^(e1*e2)= h1^e2=h2^e1 mod(m) as the private key. Any enemy must be able to calculate either e1 from g,m,h1 or e2 from g,m,h2. This is believed to be very very hard for large enough values of g,m.
DH can also be used in a public key crypto system. To use it in this way, the recipient publishes g,m, h1 and the sender chooses a random exponent e2 and sends h2 along with the message encrypted using the private key crypto system and the key k. This system does not have the feature that one can easily sign messages, as with RSA. It has the political advantage that the patent expires in 1997. It also depends for its security on both recipient and sender choosing exponents e1 and e2 in a strong way.


RSA is a cypher based on the concept of a trapdoor function. This is a function which is easily calculated, but whose inverse is extremely difficult to calculate. In the RSA case, this function is factoring. Take two prime numbers, p and q, (ie numbers which cannot be divided evenly by any other number), and multiply them together to get their product N. This is very easily done. However, if we only know N, then it is extremely difficult to determine what the factors p and q are if N is sufficienlty large. Typically in crypography, N takes a value of greater than 500 bits (150 digits). The message is written as a series of numbers each of which is smaller than N but has approximately the same length as N. Each of these message numbers M are then multiplied by themselves e times. (In PGP ,e is often taken to have the value 17). Then the result of that set of multiplications is divided by N, and only the remainder of that division is kept and is the encrypted message. To decrypt the message, the recipient uses another specially chosen number d, which is typically a very large number (of the order of half the length of N). This number is chosen so that if we now multiply the encrypted message with itself d times, divide by N, and keep only the remainder, then we get the original message back. The only way known to find d is to know p and q. e and N are the public key, which is published, while d is the private key, which must be kept secret. e and d are symmetric in that using either as the encryption key, the other can be used as the decryption key. This is what makes signing possible. RSA is patented in the USA by MIT
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
rpkhareAuthor Commented:
I have heard of Diffie-Hellman of a max 2048 bits, whereas RSA is available for 4096 bits.
0
 
sullivanr6Commented:
...Diffie Hellman is a stronger, thus why PGP uses it. One other interesting note, I guess RSA was patented by MIT, but give exclusive rights to "RSA Security" which screwed a lot of people.

However there patent expired in 2000, and PGP still chooses to use DH.
0
 
rpkhareAuthor Commented:
RSA labs is now owned by EMC. Are there any future developments going on Diffie-Hellman technology?
0
 
rpkhareAuthor Commented:
Thanks
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now