There have been wars fought over RSA, DSA, and I\'m sure other public key encryp

Question

There have been wars fought over RSA, DSA, and I'm sure other public key encryption algorithms, and usually the arguments are "Algorithm A is faster to encode, but algorithm B is faster to decode".

However, from what I understand, the slow asymmetric encryption is only used to encrypt a single hash, after which point symmetric encryption is used. See Public Key, Private Key, Secret Key: Everyday Encryption

This leads me to wonder, in practice, does it actually matter which encryption algorithm is slower or faster than the other when they do the slow asymmetric encryption once and in a fraction of a second, and then proceed with fast symmetric encryption algorithms for the rest of the session?

Explanation / Answer

Yes, it matters when:

1) there is a constrained hardware and there are constrains on the time that it takes to run the whole operation (protocol) that includes authentication/encryption (e.g., waving a smartcard at a tourniquet when paying for entering a metro). The operation might include several encryption and decryption operations that take place in the smartcard, e.g., one decryption to authenticate the smartcard to the tourniquet, several encryptions to authenticate the tourniquet (e.g., there might be a chain of certificates that should be verified).

Another example is a passport with a chip that is controlled at state borders.

Conclusion: one crypto operation might be fine, but when several crypto operations are required, the resulting protocol at constrained hardware might have usability issues.

2) a number of operations is large (it has been already mentioned in the comments). E.g., a number of SSL sessions.

Related Questions

Navigate

• Browse (All)
• Browse T
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.