ES EN FR DE
View all Applied ElectricityArtificial IntelligenceComputing HardwareCybersecurityDevelopment and ProgrammingFundamental ElectronicsMobile DevicesNetworking and TelecomsOperating SystemsServers and Cloud
Public Key Cryptography: RSA and Elliptic Curve
📂 Cybersecurity

Public Key Cryptography: RSA and Elliptic Curve

⏱ Read time: 14 min 📅 Published: 09/03/2026

💡 Quick Tip

Key fact: Asymmetric cryptography is the foundation of HTTPS and modern digital signatures.

Fundamentals of Asymmetric Cryptography

Public key cryptography, also known as asymmetric cryptography, revolutionized digital security by solving the key exchange problem. Unlike symmetric cryptography, where sender and receiver share the same password, asymmetric systems use a mathematically related pair of keys: a public key (which can be shared with everyone) and a private key (which must remain secret).

The RSA Algorithm: Modular Arithmetic

The RSA (Rivest-Shamir-Adleman) algorithm is based on the practical difficulty of factoring large integers that are the product of two prime numbers.

  • Encryption: Anyone can use your public key to encrypt a message.
  • Decryption: Only you, the holder of the private key, can reverse the process. While RSA has been the standard for decades, it requires very long keys (3072 bits or more) to remain secure against increasing computing power, generating a significant computational load.

Elliptic Curve Cryptography (ECC)

ECC is the modern successor to RSA. Instead of relying on prime factorization, it uses the algebraic properties of elliptic curves over finite fields. The technical advantage is massive: a 256-bit ECC key offers the same security as a 3072-bit RSA key. This translates to:

  1. Lower power consumption: Vital for mobile and IoT devices.
  2. Faster handshakes: Speeds up initial website connections (TLS).
  3. Lower bandwidth: Digital certificates are much smaller.

📊 Practical Example

Real-World Scenario: Generating and Using SSH Keys for a Server

Step 1: Key Pair Generation. On your local machine, run ssh-keygen -t ed25519. The system generates two files: id_ed25519 (private) and id_ed25519.pub (public).

Step 2: Public Key Installation. Upload your public key content to the remote server's ~/.ssh/authorized_keys file. The server now knows your digital identity.

Step 3: Authentication. When connecting, the server sends a challenge encrypted with your public key. Your SSH client decrypts it using your local private key. If they match, access is granted.

Step 4: Additional Security. By disabling password login in /etc/ssh/sshd_config, you block 99% of automated Internet attacks, as it is mathematically impossible to enter without the physical private key.

Anterior
← Previous Wi-Fi 6 Security and WPA3: Next-Generation Encryption
Siguiente
Next → SQL Injection: Anatomy of a Vulnerability