RSA (Rivest-Shamir-Adleman)

RSA, named after its inventors Ron Rivest, Adi Shamir, and Leonard Adleman, was one of the first practical public-key cryptosystems and remains widely used today. Its security is based on the computational difficulty of factoring the product of two large prime numbers, a problem for which no efficient classical algorithm is known.

In RSA, a user generates a key pair consisting of a public key (which can be shared openly) and a private key (which must be kept secret). Data encrypted with the public key can only be decrypted with the corresponding private key, and vice versa. This property makes RSA suitable for both encryption and digital signatures. When used for signing, the sender encrypts a hash of the message with their private key, and the recipient verifies it using the sender's public key.

Modern RSA implementations typically use key sizes of 2048 bits or larger, with 4096 bits recommended for long-term security. However, RSA is computationally expensive compared to elliptic curve cryptography (ECC), which achieves equivalent security with shorter key lengths. RSA is commonly used in TLS handshakes for key exchange and certificate signing, though newer protocols increasingly favour ECDHE for key exchange due to its performance benefits and support for perfect forward secrecy.