Re: RSA vs AES

From: George Ou (533george_ou234_at_netzero234.com)
Date: 08/31/03 

Date: Sat, 30 Aug 2003 22:02:27 GMT

On 29 Aug 2003 06:06:45 -0700, waldyrbenits@ip2.com.br (Waldyr) wrote:

>Hello !
>
>We know that symmetric algorithms are faster than assymmetric ones,
>for the same level of security. I'm interested to know if there is any
>reference where this difference is measured, I mean, about *how many
>times* AES-128, for example, is faster than RSA-1024, for the same
>plataform and the same volume of data.
>
>Thanks in advance,
>
>Waldyr.

Waldyr,

The truth of the matter is, you SHOULD NOT compare the two types of
algorithms, because they are used for different purposes. I hear many
of these asinine quotes that some product is using 2048 bit
encryption. Both have there place.

Asymmetric encryption algorithms are NEVER used to encrypt data in ANY
application. You would be insane to do that! SSL websites typically
use a 1024 bit RSA key to kick off a 40 or 128 bit RC4 or RC5
symmetric session. This holds true for any application that uses
Public Key Cryptography.

Asymmetric encryption is typically 100-1000 times slower and more than
10 times weaker per bit than symmetric algorithms. From this fact, it
is very easy to conclude that symmetric algorithms are superior to
asymmetric ones. But one would be very foolish to draw such a
conclusion and there are many people that mistakenly believe this to
be the case.

So why then is asymmetric even useful given that you have to resort to
using 1620 bits with RSA just to equate 128 bit symmetric algorithms
and waste 1000 times more processing power? The reason is a unique
property of PKC that made it the most important discovery in
cryptography since before the birth of Christ. Symmetric cryptography
has an extremely annoying problem. In order to create a secure
channel using symmetric cryptography, you need a secure channel to
transmit the private key to begin with. So this is your classic catch
22, how do you create a secure channel from nothing if you need a
secure channel to begin with? You can meet the other person in some
dark alley, but that would assume you're in close proximity. Every
one can get together and agree ahead of time on a private key, but
that has some serious salability limitations. If you knew 100 people,
you would have to manage 100 private keys. If you worked with 10,000
people in your company, you would have to store 10,000 private keys
and so would everyone else. Public Key Cryptography made the
revolutionary jump of splitting the key. It allows you to initiate a
secure session without the need to have a secure channel to begin
with. Even though it is extremely slow compared to symmetric
cryptography, the fact that it breaks the old catch 22 makes it
extremely valuable. With asymmetric cryptography, you can use it just
once to send a randomly generated session key to the other side. Once
the other party has the session key, then the two parties can begin a
lightning fast and efficient symmetric key crypto session.

So you see, it doesn't matter how slow and inefficient asymmetric
cryptography is, because you only use it to protect the session key
for your symmetric cryptography session. It is a very small amount of
data that needs to be processed. It doesn't matter if it takes as
long as one second just to encrypt a session key, because you only do
it once. Once you got the session key, you can kick in to turbo mode
and encrypt at a blazing 100,000,000 bits/sec on most modern PCs.

George Ou
http://www.LANArchitect.net

Loading