# RSA

> Source: Courseiva IT Certification Glossary — https://courseiva.com/glossary/rsa

## Quick definition

RSA is a way to keep messages safe when they travel across the internet. It uses two special keys: one that anyone can see (public key) and one that only the owner knows (private key). The public key locks the message, and only the private key can unlock it.

## Simple meaning

Imagine you want to send a secret message to your friend across a crowded room. You have a special lock that everyone can see, but only you have the key to open it. RSA works the same way. It is a method for encrypting, or scrambling, information so that only the intended recipient can read it. The system uses two keys: a public key that you share openly and a private key that you keep completely secret. Anyone can use your public key to encrypt a message, but once it is encrypted, only your private key can decrypt it. This is called asymmetric encryption because the keys are different. Think of the public key like a mailbox with a slot that anyone can drop a letter into. The private key is the only key that can open the mailbox to retrieve the letters. This makes RSA extremely useful for secure communication on the internet, such as when you visit a secure website (HTTPS) or send an encrypted email. RSA also provides digital signatures, allowing someone to verify that a message really came from you and hasn’t been tampered with. In this case, you use your private key to “sign” the message, and anyone with your public key can check the signature. The security of RSA relies on the mathematical difficulty of factoring large numbers. While modern computers can multiply two large primes quickly, it is extremely hard to reverse the process and find the original primes from the product. This one-way property is what makes RSA secure. However, as computers get faster, larger key sizes are needed to maintain security. Today, 2048-bit keys are common, though 4096-bit is used for more sensitive data. RSA was invented in 1977 by Ron Rivest, Adi Shamir, and Leonard Adleman, and it remains one of the most widely used encryption algorithms in the world.

## Technical definition

RSA is an asymmetric cryptographic algorithm based on the practical difficulty of factoring the product of two large prime numbers. It is defined by the RSA cryptosystem and is used for secure data transmission, digital signatures, and key exchange. The algorithm involves three main steps: key generation, encryption, and decryption. In key generation, two large prime numbers p and q are chosen randomly and kept secret. Their product n = p * q is computed, where n is used as the modulus for both the public and private keys. Next, Euler’s totient function φ(n) = (p-1)*(q-1) is calculated. A public exponent e is chosen such that 1 < e < φ(n) and gcd(e, φ(n)) = 1, meaning e and φ(n) are coprime. The corresponding private exponent d is computed using the modular inverse of e modulo φ(n), so that e * d ≡ 1 (mod φ(n)). The public key consists of (n, e) and the private key is (n, d). Encryption involves converting the plaintext message m into an integer less than n, then computing the ciphertext c = m^e mod n. Decryption recovers the original message by computing m = c^d mod n. RSA is used in many internet protocols, including TLS/SSL for HTTPS, SSH for secure remote access, PGP for email encryption, and in digital signatures as part of X.509 certificates. In practice, RSA key sizes are typically 2048 bits or 4096 bits, as 1024-bit keys are now considered insecure due to advances in factoring algorithms. RSA is computationally expensive compared to symmetric algorithms like AES, and is therefore often used only to exchange symmetric session keys rather than encrypting bulk data. The security of RSA relies on the integer factorization problem being computationally infeasible for sufficiently large keys. However, it is vulnerable to side-channel attacks, timing attacks, and improper implementations such as weak random number generators. Standardization bodies like NIST and PKCS#1 provide guidelines for secure RSA usage, including padding schemes like OAEP for encryption and PSS for signatures.

## Real-life example

Imagine you are sending a locked treasure chest across the ocean. You want to send a valuable map to your business partner in another country. You have a special lock that has two keys: a gold key that you can duplicate and give to anyone, and a silver key that only you own. You give the gold key to anyone who wants to send you something. Your business partner wants to send you a map, so she puts the map in the chest, locks it with the gold key, and ships it. Now the chest is locked and only your silver key can open it. Even if someone else has another gold key, they cannot unlock the chest because the gold key only locks, it does not unlock. This is exactly how RSA works. The public key is the gold key that locks data, and the private key is the silver key that unlocks it. It does not matter if an attacker intercepts the locked chest while it is in transit; without the private key, they cannot read the contents. Similarly, if you want to prove that a message came from you, you can put your signature on a document using the silver key (your private key). Anyone with your gold key can verify that the signature is genuine. This is the basis for digital signatures in software distribution, email security, and secure login systems. In real life, when you visit a website with a padlock icon in your browser, RSA is very likely being used during the initial handshake to securely exchange the symmetric session key that will encrypt the rest of the connection. The analogy of the locked chest works well because RSA ensures both confidentiality (only the intended recipient can read) and authentication (only the true sender could have created the signature).

## Why it matters

In the world of IT and cybersecurity, the ability to communicate securely over an untrusted network like the internet is absolutely essential. RSA is one of the foundational technologies that makes this possible. Without RSA, you would not be able to securely log into your online bank, safely enter your credit card number on an e-commerce site, or send confidential emails. RSA underpins the PKI (Public Key Infrastructure) that issues and validates digital certificates used by web servers, code signing, and VPNs. Every time your browser displays a padlock icon, the TLS handshake almost certainly uses RSA or a related asymmetric algorithm to exchange a session key. Understanding RSA is critical for IT professionals who configure SSL/TLS certificates on servers, deploy secure email systems, or manage identity and access control. It also appears in compliance standards such as PCI DSS and HIPAA, which require encryption of sensitive data in transit. Knowing the basics of RSA helps troubleshoot common issues like certificate errors, weak key sizes, or performance problems related to encryption overhead. As quantum computing threatens to eventually break RSA, IT professionals need to understand the algorithm’s limitations and plan for post-quantum cryptography transitions. In short, RSA is not just a theory; it is a living, daily-use technology that every IT generalist and security specialist must understand thoroughly.

## Why it matters in exams

RSA is a high-weight topic in many IT certification exams, especially those that cover security, networking, or cryptography fundamentals. In the CompTIA Security+ (SY0-601) exam, cryptography is a domain under Architecture and Design, and RSA is frequently tested in questions about asymmetric encryption, digital signatures, PKI components, and secure protocols like TLS and SSH. Candidates are expected to know that RSA uses a public-private key pair, that it is used for key exchange and digital signatures, and that 2048-bit keys are the current standard. The exam may ask which algorithm is best for encrypting data in transit or for signing a software update. The Cisco CCNA exam (200-301) covers RSA in the context of SSH configuration, where RSA keys are generated on routers and switches for secure remote administration. Questions may involve the command `crypto key generate rsa` and interpreting key modulus sizes. The ISC2 CISSP exam includes RSA under the Cryptography domain, testing deeper understanding like the difference between RSA and Diffie-Hellman, key length security, and the role of RSA in digital certificates. EC-Council CEH exam may present RSA in scenarios of breaking weak RSA keys or using tools like John the Ripper to crack low-bit RSA. The AWS Certified Security Specialty and Azure Security Engineer exams touch on RSA in the context of managing customer master keys (CMKs) and how AWS KMS uses RSA for asymmetric key operations. Regardless of the exam, the pattern is clear: you need to know what RSA is, its two primary uses (encryption and digital signatures), the importance of key length, and common protocols that rely on it. Question types include multiple choice, drag-and-drop ordering of RSA steps, and scenario-based questions where you choose the correct encryption method. A solid grasp of RSA will directly earn you points in the cryptography portion of any security-related certification.

## How it appears in exam questions

RSA appears in exam questions in several distinct patterns. The most common is the “which algorithm” question: “Which asymmetric algorithm is used for key exchange and digital signatures?” The answer is RSA. Another pattern asks about key usage: “Which key is used to encrypt data in RSA?” The answer is the public key. A similar question flips to decryption: “Which key is used to decrypt data?” The private key. There are also comparison questions: “What is the difference between RSA and Diffie-Hellman?” The key point is that RSA can do both encryption and digital signatures, while Diffie-Hellman only does key exchange. Scenario-based questions describe a security problem: “A company wants to ensure that an email is not tampered with and confirms the sender’s identity. Which technology should be used?” The answer is RSA digital signature. Configuration questions appear in network exams: “An administrator needs to generate an RSA key pair on a router for SSH. What command is used?” In Cisco, it is `crypto key generate rsa`. A troubleshooting scenario could be: “Users are unable to connect to a secure website. The server certificate shows a key size of 1024 bits. Why is this a problem?” Because 1024-bit RSA keys are no longer considered secure and may be rejected by modern browsers. Another troubleshooting angle: “After generating a new RSA key pair on a server, existing SSH sessions are rejected. Why?” Because the server’s host key changed, causing a mismatch with the client’s known_hosts file. Some questions test understanding of mathematical foundations: “What mathematical problem is RSA based on?” The difficulty of factoring the product of two large prime numbers. Performance-related questions: “Why is RSA not used to encrypt large amounts of data?” Because it is computationally slower than symmetric encryption. Instead, RSA is used to encrypt a symmetric key. Finally, attack questions: “What type of attack exploits predictable random number generation in RSA key creation?” A weak key generation attack. These patterns repeat across CompTIA, Cisco, ISC2, and vendor-neutral exams, so prepare for these formats.

## Example scenario

You are an IT administrator for a mid-sized company, and the Chief Information Officer asks you to ensure that all remote access to the company’s file server is encrypted. You decide to use SSH. On the Linux file server, you generate an RSA key pair using the command `ssh-keygen -t rsa -b 2048`. This creates a private key (id_rsa) and a public key (id_rsa.pub) in the user’s .ssh directory. You then copy the public key to the client machine’s authorized_keys file. When the remote user attempts to connect, the SSH protocol uses the RSA key pair to authenticate the user. The server sends a challenge encrypted with the user’s public key; the user’s client must decrypt it with the private key to prove identity. Later, an auditor reviews the setup and asks why you chose RSA over a different algorithm. You explain that RSA is widely supported, provides both encryption and digital signatures, and 2048-bit keys offer a good balance of security and performance. The auditor then asks about key rotation policy. You set a policy to rotate RSA keys every 180 days, using a new 4096-bit key for the server’s host key. You configure the server to disable protocol versions that support only 1024-bit keys. During a routine security scan, the vulnerability scanner reports that the server’s key is still 2048 bits. You confirm that 2048 bits meets current best practices per NIST guidelines. This scenario mirrors real-world sysadmin tasks and is exactly the kind of context exam questions about RSA in SSH will reference.

## Common mistakes

- **Mistake:** Thinking that the private key is shared with the other party.
  - Why it is wrong: The private key must never be shared. Secrecy of the private key is the foundation of RSA security. Sharing it allows anyone to decrypt data meant only for you.
  - Fix: Always keep your private key confidential. Only distribute the public key.
- **Mistake:** Believing that RSA is used to encrypt the entire message in secure web connections.
  - Why it is wrong: RSA is slow for bulk data encryption. In practice, RSA only encrypts a symmetric session key during the TLS handshake. The session key then encrypts the actual communication using a faster algorithm like AES.
  - Fix: Understand that RSA provides secure key exchange, not bulk encryption.
- **Mistake:** Confusing RSA public key with a shared secret key used in symmetric encryption.
  - Why it is wrong: RSA is asymmetric: two different keys exist. Symmetric encryption uses a single shared key. The public key is not a secret; it is openly shared. Confusing them leads to incorrect usage and security risks.
  - Fix: Remember: RSA uses a public key and a private key. Symmetric algorithms use one secret key shared by both parties.
- **Mistake:** Assuming that a larger RSA key always provides proportionally better security and is always better.
  - Why it is wrong: While larger keys (like 4096-bit) do provide more security margin, they also increase computational overhead significantly. For most applications, 2048-bit keys offer sufficient security without excessive performance penalty. Using 4096 bits where not needed can degrade system performance.
  - Fix: Choose 2048 bits for standard use and 4096 bits only for high-security requirements where performance impact is acceptable.
- **Mistake:** Thinking RSA can be used for encryption of streaming data without any padding.
  - Why it is wrong: RSA without proper padding (like PKCS#1 v1.5 or OAEP) is deterministic and vulnerable to chosen plaintext attacks. Padding adds randomness and structure to the plaintext, preventing attackers from deducing information.
  - Fix: Always use a well-defined padding scheme like OAEP for RSA encryption and PSS for signatures.

## Exam trap

{"trap":"The exam offers a scenario where a company needs to securely transmit large amounts of data and asks which algorithm to use. Many learners choose RSA because it is the only encryption they recognize.","why_learners_choose_it":"Learners often overuse RSA because it is taught prominently. They do not think about performance differences or the hybrid encryption model commonly used.","how_to_avoid_it":"Remember that asymmetric algorithms like RSA are not designed for bulk data encryption due to speed. The correct answer is usually a symmetric algorithm like AES for the data encryption, possibly with RSA for key exchange. Look for keywords like 'large file' or 'encrypt the session' to decide."}

## Commonly confused with

- **RSA vs Diffie-Hellman:** Diffie-Hellman (DH) is used exclusively for key exchange, while RSA can both encrypt data and create digital signatures. DH only produces a shared secret, while RSA uses a key pair for multiple operations. (Example: Two parties use DH to agree on a common secret key over an insecure channel. They then use RSA to sign a message proving who sent it.)
- **RSA vs ECC (Elliptic Curve Cryptography):** ECC is another asymmetric algorithm that offers equivalent security with shorter key lengths. For example, a 256-bit ECC key provides comparable security to a 3072-bit RSA key, making ECC faster and more efficient for mobile devices. (Example: A modern web server might use ECDHE for key exchange during TLS handshake instead of RSA, because it is quicker and uses less bandwidth.)
- **RSA vs AES:** AES is a symmetric algorithm that uses the same key for encryption and decryption. RSA uses two different keys (public and private). AES is much faster and used for bulk encryption, while RSA handles key distribution and digital signatures. (Example: When you visit a secure website, the browser and server first use RSA to exchange an AES session key, then AES encrypts the actual web page data.)
- **RSA vs DSA:** DSA is an asymmetric algorithm only used for digital signatures, not encryption. RSA can do both encryption and signatures. DSA is less flexible and not as widely deployed for general-purpose cryptography. (Example: An old government system might use DSA to sign documents, but modern systems prefer RSA or ECDSA because of wider support and better performance.)

## Step-by-step breakdown

1. **Key Generation** — Two large prime numbers p and q are generated randomly. These primes must be kept secret. Their product n = p * q is computed, and this n is used as the modulus for both keys. The totient φ(n) = (p-1)*(q-1) is calculated. An encryption exponent e is chosen (commonly 65537) that is coprime to φ(n). Finally, the decryption exponent d is computed as the modular inverse of e modulo φ(n). The public key is (n, e) and the private key is (n, d).
2. **Encryption** — The sender converts the plaintext message into an integer m that is less than n. Padding is added to ensure security. The ciphertext c is computed as c = m^e mod n. This ciphertext can be transmitted over an insecure channel. Only someone with the private key can decrypt it.
3. **Decryption** — The receiver uses the private key (n, d) to compute the original message m = c^d mod n. The padding is then removed to recover the actual plaintext. Because d was computed as the modular inverse of e, this operation correctly reverses the encryption.
4. **Digital Signature Creation** — The signer creates a hash of the message (e.g., using SHA-256), then encrypts that hash with their own private key. The resulting signature is attached to the message. This proves that the signer possessed the private key at the time of signing.
5. **Digital Signature Verification** — The verifier decrypts the signature using the signer’s public key to recover the hash. The verifier also computes their own hash of the original message. If the two hashes match, the signature is valid: the message is authentic and has not been altered.

## Practical mini-lesson

As an IT professional, you will encounter RSA in many real-world administration tasks. The most common is configuring secure remote access. On a Linux server, you generate an RSA key pair using `ssh-keygen -t rsa -b 2048`. This creates a private key file (id_rsa) and a public key file (id_rsa.pub). The public key is placed on the server in the user’s `~/.ssh/authorized_keys` file. When a client connects, the server challenges the client to prove possession of the corresponding private key. If successful, the client is authenticated without a password. Known_hosts files store the server’s RSA host key to prevent man-in-the-middle attacks. For web servers, RSA is used in SSL/TLS certificate management. A certificate contains the server’s public RSA key, signed by a Certificate Authority (CA). During the TLS handshake, the server sends its certificate, the client verifies the signature using the CA’s public key, and then both parties use RSA to exchange a symmetric session key. As an IT admin, you may need to generate a Certificate Signing Request (CSR) with OpenSSL: `openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr`. The resulting CSR includes the public key; the private key stays on the server. You then send the CSR to a CA to get a signed certificate. Common pitfalls include leaving private keys with weak permissions (they must be readable only by root), using 1024-bit keys (now considered insecure), and failing to rotate keys periodically. In corporate environments, you may manage RSA keys through a Hardware Security Module (HSM) or cloud KMS for added security. Understanding RSA at this operational level is essential for daily IT work and directly maps to exam scenario questions.

## Memory tip

RSA: Rivest, Shamir, Adleman. Remember the two keys: Publish the Public, Protect the Private.

## FAQ

**What does RSA stand for?**

RSA stands for Rivest, Shamir, and Adleman, the three MIT mathematicians who first described the algorithm in 1977.

**Is RSA still secure in 2025?**

Yes, RSA with key sizes of 2048 bits or larger is still considered secure against classical computing attacks. However, it is expected to be broken by quantum computers, so post-quantum cryptography is being developed.

**Can RSA be used for both encryption and digital signatures?**

Yes, RSA supports both encryption (using the public key) and digital signatures (using the private key). This versatility makes it one of the most widely used asymmetric algorithms.

**Why is 1024-bit RSA considered weak?**

Advances in factoring algorithms and computing power have made 1024-bit RSA no longer safe. NIST and other standards bodies now require a minimum of 2048 bits for secure applications.

**What is the difference between RSA and AES?**

RSA is asymmetric (uses two keys) and slower, used for key exchange and signatures. AES is symmetric (one key) and fast, used for bulk data encryption.

**How does RSA work in HTTPS?**

During the TLS handshake, the server presents its RSA public key in a certificate. The client uses this public key to encrypt a symmetric session key and sends it to the server. The server decrypts it with its private key, and then both sides use the session key for fast symmetric encryption.

**Do I need to generate RSA keys for SSH setup?**

Yes, generating an RSA key pair is the standard way to set up passwordless authentication for SSH. Use `ssh-keygen -t rsa -b 2048` on Linux/macOS or a tool like PuTTYgen on Windows.

## Summary

RSA is a foundational asymmetric encryption algorithm that has been protecting data on the internet for decades. It relies on two mathematically linked keys: a public key for encrypting data and verifying signatures, and a private key for decrypting data and creating signatures. The security of RSA is based on the computational difficulty of factoring the product of two large prime numbers. In practice, RSA is used extensively in SSL/TLS certificates, SSH authentication, email encryption (PGP), and digital signatures. IT professionals must understand key generation, key length requirements (at least 2048 bits), and common use cases. For certification exams, RSA appears in questions about asymmetric cryptography, PKI, secure protocols, and configuration commands. Common mistakes include confusing the public and private key roles, thinking RSA encrypts bulk data, and neglecting proper padding. To succeed in exams and real-world IT work, remember that the public key is for enciphering and verifying, while the private key is for deciphering and signing. Protect the private key at all costs. RSA remains a cornerstone of modern cybersecurity, and a strong understanding of it will serve you well in any IT security role.

---

Practice questions and the full interactive page: https://courseiva.com/glossary/rsa
