RSA vs ECC : The biggest differentiator between ECC and RSA is key size.
Experts predict that RSA will be replaced as the current standard by ECC, as the scalability of RSA is looming as an issue. The age of the Internet of Things is knocking the door, and there will be many different devices to access the Internet. With these demands, the limitations of RSA became clear when we moved to 2048-bit encryption. The projection of 2048-bit security lasting us until 2030 may turn out to be inadequate due to the increasing strength of computational power.
The future of the Internet of Things demands a huge number of devices to be connected and certainly, the rising level of attacks on secure information will also require vigorous algorithm. In this regard, the cyber world indeed wishes for such algorithm that is of short in key length, provides strong security, and consumes low computational resources.
RSA – Rivest-Shamir-Adleman
- Well established. RSA was first described in the seventies, and it is well understood and used for secure data transmission. It lasted spectacularly as an encryption scheme for decades in which public key is used to encrypt the information while the private key is used to decrypt the information.
- RSA is based on the difficulty of factoring large integers. Factoring large integers in order to identify prime numbers is processor-intensive, and hence has been very effective as a defense until now. But it comes with overhead: slow key generation, maximum consumption of computer resources, for instance.
- Scalability is not optimal. This is a significant flaw at a time when we know that the proliferation of internet-linked devices – the Internet of Things – will put demands on a system that’s already expected to be obsolete by 2030. RSA is vulnerable against quantum computers and brute force attack, hence a new algorithm is required, which can offer a better performance for a specified security level.
- Very fast, very simple encryption. RSA encryption is based on simple principles, and in the right environment can run faster than ECC. RSA might not be scalable, but in certain situations, for instance, for internal organizations, it may be faster. In RSA, the reliability and security devolves on the level of difficulty of integer factorization.
ECC – Elliptic Curve Cryptography
- Need Special Adjustment. Depending on your audience and your ability to maintain your systems for legacy equipment, you might need to implement ECC encryption in an environment that is not prepared for it. There is a way to set up called hybrid SSL that allows implementation of ECC cryptography on RSA trusted root keys, for that, you will have to discuss this with your CA and hosting provider.
- Relies on detecting the separate logarithm of a random elliptic curve. The ECC algorithm works on Elliptic Curve Discrete Logarithm Problem (ECDLP) that is hard to crack for hackers. There is no known solution to the mathematical problem posed by the equation that produces the elliptical curve in a graph, and so the only solution is to try random numbers. However, each bit size provides more options than RSA, making it hard that the brute force approach is unlikely to succeed.
- Shorter keys in ECC encryption are as strong as long keys for RSA. This results in much less network overhead, allowing faster performance and a better customer or user experience. It also means that in the long term, there is more room for growth, because each additional bit gives more options than each additional bit in RSA. That also means a slower growth in bit size over time, which makes it more scalable, potentially, for the Internet of Things.
- Smaller certificate size. Again, the amount of information necessary to exchange for validation is significantly less than RAS, lowering network overhead and increasing performance, which provides an improved user or customer experience. It also improves scalability by providing an environment in which increased traffic can be handled by the server because of the lower overhead, without changing the infrastructure.
- Low on CPU consumption and memory usage. For both client and server, this is an improved experience, streamlining the connection and simplifying the process. ECC consumes less computing power and battery resource. RSA certificate can hold 450 requests per second with 150 millisecond average response time where ECC requires only 75 milliseconds for responding to the same amount of requests per second. ECC has great response time when it communicates for server to desktop.
- Hybrid SSL for ECC to work. For some organizations, it is necessary that a website works successfully with an older equipment, and in that case, each organization must consider a technique of hybrid certificates that allows an ECC algorithm to support even on RSA trusted root certificate.
However, each organization must evaluate its priorities. For some organizations, long-term security solutions must be the first concern in that case, ECC cryptography is highly suitable as it is very secure, and provides no loopholes to breaking its keys. For some organizations, network performance along with high security is key exchange, and the quick key generation and shorter key length, again makes ECC cryptography the better choice.
RSA vs. ECC Algorithm Strength
Security depends on the specific algorithm and key length. In the below table, there is a clear comparison of RSA and ECC algorithms that shows how key length increase over a period due to upgrade in computer software and hardware combination. The reason behind choosing ECC for organizations is a shorter key used against lengthy RSA keys.
Minimum size (bits) of Public Keys | Key Size Ratio | |||
---|---|---|---|---|
Security (bits) | DSA / RSA | ECC | ECC to RSA / DSA | Valid |
80 | 1024 | 160-223 | 1:6 | Until 2010 |
112 | 2048 | 224-255 | 1:9 | Until 2030 |
128 | 3072 | 256-383 | 1:12 | Beyond 2031 |
192 | 7680 | 384-511 | 1:20 | |
256 | 15360 | 512+ | 1:30 |
If we use ECC curves for AES-256 session, then 512-bit ECC key is required while 15360-bit RSA key is required which is computationally impracticable in the current system. This huge difference makes ECC dearer and potential algorithm for the current embedded system.
Which Certificate Authorities offer ECC Certificates?
Certificate authorities (CAs) have started to embed ECC and DSA algorithm in their SSL certificates. Some CAs provide certificates with the ECC algorithm along with DSA and RSA algorithms, and are prepared to offer any combination that suits your needs.
DigiCert offers ECC algorithm with their Secure Site Pro and Pro with EV SSL certificate that will work in all modern browsers. |
Comodo is another provider of certificates who has a wide offering of ECC cryptographic options and configurations. |
GlobalSign issue ECC certificates. GlobalSign is a recent adopter, having just started to issue ECC certification in 2015. |
This can by no means be an exhaustive list, as more CAs will be looking to issue some form of ECC certificates as they keep up with the latest best practices in web security.