RSA & ECC Encryption: A Simple Guide

TL;DR

Asymmetric encryption uses a key pair – public and private. The public key encrypts, the private key decrypts. RSA is older and widely used but slower for large keys. ECC (Elliptic Curve Cryptography) offers similar security with smaller keys, making it faster and more efficient. This guide explains both.

1. Understanding Asymmetric Encryption

Unlike symmetric encryption (where the same key is used for encrypting and decrypting), asymmetric encryption uses two different keys:

• Public Key: Freely shared, anyone can use it to encrypt messages for you.
• Private Key: Kept secret, only you have access. Used to decrypt messages encrypted with your public key and for signing data.

Think of a mailbox. Your public key is the slot – anyone can drop letters (encrypt) into it. Only you have the key to open the mailbox (decrypt).

2. RSA Encryption

RSA (Rivest–Shamir–Adleman) is one of the oldest and most common asymmetric algorithms.

2.1 How it Works

1. Key Generation: Choose two large prime numbers, p and q. Calculate n = p * q (the modulus).
2. Public Key: Derived from n and another number e (encryption exponent) that is coprime with (φ(n), where φ is Euler’s totient function).
3. Private Key: Derived from n and d (decryption exponent), which is the modular multiplicative inverse of e modulo φ(n)).
4. Encryption: Message M is encrypted as C = M^e mod n.
5. Decryption: Ciphertext C is decrypted as M = C^d mod n.

2.2 Example (Simplified)

Let’s use very small numbers for demonstration – in reality, these would be hundreds of digits long!

• p = 11, q = 13
• n = 11 * 13 = 143
• φ(n) = (p-1)*(q-1) = 10 * 12 = 120
• Choose e = 7 (coprime with 120)
• Calculate d = 103 (modular inverse of 7 mod 120)
• Public Key: (143, 7)
• Private Key: (143, 103)

To encrypt the message M = 5:

C = 57 mod 143 = 78125 mod 143 = 98

To decrypt:

M = 98103 mod 143 = 5

2.3 Considerations

• RSA is relatively slow, especially with large keys.
• Key size matters: larger keys are more secure but slower. Common sizes are 2048-bit and 4096-bit.

3. ECC Encryption

ECC (Elliptic Curve Cryptography) is a newer algorithm offering similar security to RSA with smaller key sizes.

3.1 How it Works

1. Key Generation: Choose an elliptic curve and a point on the curve.
2. Public Key: A multiple of that point on the curve (derived using scalar multiplication).
3. Private Key: The original random number used for the initial point selection.
4. Encryption & Decryption: Involves complex mathematical operations based on elliptic curve points and modular arithmetic.

3.2 Advantages of ECC

• Smaller Key Sizes: A 256-bit ECC key provides similar security to a 3072-bit RSA key.
• Faster Performance: Smaller keys mean faster encryption and decryption, especially important for mobile devices and embedded systems.
• Lower Power Consumption: Less computational overhead translates to lower power usage.

3.3 Example (Conceptual)

ECC calculations are too complex to demonstrate simply here. They involve points on an elliptic curve defined by an equation like y² = x³ + ax + b.

4. Choosing Between RSA and ECC

• RSA: Use if you need compatibility with older systems or have specific requirements for RSA-based standards.
• ECC: Preferred for new applications where performance, key size, and power consumption are critical. It’s becoming the standard in many modern protocols (e.g., TLS 1.3).

5. Practical Tools

• OpenSSL: A powerful command-line tool for generating keys, encrypting/decrypting data, and creating certificates.
• Programming Libraries: Most programming languages have libraries supporting both RSA and ECC (e.g., Python’s cryptography library).