One of the internet's most
popular encryption algorithms
is RSA.
This RSA stands for Ron
Rivest, Adi Shamir, and Leonard
Adelman, and it was
published back in 1977.
It uses this is public-key
cryptography system, where
you have a public
key and a private key
to be able to encrypt
information, decrypt that data,
and even digitally
sign information.
This is based on
an idea on finding
the product of two extremely
large, prime numbers.
You have to be able to
understand those two
factors to be able to decode
all of this information.
That's a very simplified way
of describing how this works,
but it does provide us with
some great capabilities
of sending encrypted
data across the network
and ensuring that it will
be secure from end to end.
The RSA algorithm used
to be proprietary,
but now, it's been released
into the public domain.
And we use it extensively
on our websites
to do SSL, or what's now
called TLS types of encryption.
If you see anybody using
a public or private-key
encryption mechanism
on the internet,
there's a good bet
that they're using RSA.
Another algorithm that
is used to protect keys
as they are exchanged
over the network
is called the
Diffie-Hellman key exchange.
This is the idea of
being able to send keys
across the network, but still
be ensured that nobody's
going to be able to use
those keys to decrypt
your private information.
This key transfer mechanism
was published in 1976
by Witfield Diffie, Martin
Hellman, and Ralph Merkle,
and one important
consideration here
is this was really
designed to transfer keys
across the network.
It's not, by itself, a method
of encrypting or authenticating
people's communications
over the network.
This is something
that simply allows
us to send keys from
one end to the other
and still protect that
key and the method that's
going to be used for encrypting
data using those keys.
It's very common to see
Diffie-Hellman key exchange
used in things like Perfect
Forward Secrecy, which is a way
to transfer keys and encrypt
information on web servers.
This uses is Ephemeral
Diffie-Hellman,
which means those
keys will only be
used for a short period of time.
You'll commonly see that
written as EDH or DHE,
and it's combined with the
elliptic curve cryptography
to be able to do the encryption.
So if you ever see a server
and it's using a key exchange
method of ECDHE,
it's really referring
to this method that's
used that we commonly
call Perfect Forward Secrecy.
