What does the RSA algorithm have to do with crypto?

The RSA cryptographic algorithm is an important algorithm in the crypto field. 

This is an asymmetric cryptography algorithm invented back in 1977, and it is used to encrypt or sign information.

In particular, in the crypto realm, it is crucial because it allows for the signing of transaction requests, thereby making them legitimate. 

The RSA Algorithm

RSA are the initials of the last names of the three inventors of this algorithm, namely Ronald Rivest, Adi Shamir, and Leonard Adleman.

The RSA algorithm is a public key cryptography system. It is defined as “asymmetric” because it is based on an encryption method that uses a pair of mathematically related but different keys: the private key, and indeed the public key.

The public key is shared with others, while obviously the private key must be kept absolutely secret. The public key is used to encrypt the data, but to decrypt it, the private key must be used. 

In classic symmetric cryptography, a single key is used for encryption and decryption, so this key must be kept secret and cannot be made public. On the other hand, asymmetric cryptography allows the secure exchange of the public key with anyone. 

Security

This method is considered secure because it is based on the mathematical principle that while it is relatively simple to multiply two very large prime numbers together, it is extremely difficult (and computationally expensive) to decompose the result into its original prime factors.

In practice, the user shares their public key with anyone, so that anyone can use it to encrypt a message and send it to them. When they receive the encrypted message, the user must use their secret private key to decrypt it.

In this way, only the user who possesses the private key can read it, while anyone else will see it encrypted and will not be able to actually decrypt it.  

In reality, it is not entirely impossible to decipher the message, because if one were to randomly guess the private key, it could be deciphered. However, it is so difficult to find the private key that it is either practically impossible or would require an immense effort, absolutely beyond reach for anyone. 

Usage

Probably the most widespread use of the RSA algorithm is for secure online browsing. 

When accessing a website, you now typically do so with the HTTPS protocol, where the final S stands for “Secure”. 

This secure protocol encrypts the data exchanged from the server to the user, and vice versa, using SSL/TLS protocols. These protocols use the RSA algorithm during the initial phase of the connection, known as the handshake, to establish a secure communication channel.

In particular, when connecting to a website via HTTPS (almost always nowadays), the server sends its SSL/TLS certificate, which contains its public key, often generated with the RSA algorithm. Your browser, in turn, generates a temporary key for symmetric encryption and encrypts it using the server’s RSA public key.

At that point, the browser sends the encrypted key to the server, which decrypts it using its own RSA private key. This ensures that both the browser and the server possess the same secret key, with which subsequent data packets will be encrypted using symmetric encryption, because this is much faster and more efficient for transferring large amounts of data.

The RSA algorithm is also used for digital signatures. 

However, it proceeds in the opposite way, using the private key for signing (i.e., encryption) and the public key for verification (i.e., decryption).

The Use in the Crypto Field

This is precisely the common use of asymmetric encryption algorithms in the crypto field.

When you want to execute an on-chain transaction, it must be signed so that the nodes recognize it as legitimate, meaning it originates solely from the owner of the address from which the funds are sent. 

Once the transaction is generated, it is processed by a hash function, which creates a unique digital fingerprint of the transaction itself. 

When the sender sends it to the nodes for confirmation, they effectively sign it with their private key, so that there is mathematical proof that it was requested only by the legitimate owner of the funds. 

The nodes can verify that the signature is valid using the sender’s public key, which corresponds to the wallet address from which the transaction originated. If the verification is successful, the transaction is accepted and added to a block. 

Moreover, everyone, not just the nodes, can perform this verification precisely because the public key is known to all, as it corresponds to the public address of the transaction sender, which is also public. 

The ECDSA Algorithm

To be honest, many crypto protocols, including Bitcoin and Ethereum, use another asymmetric cryptography algorithm to sign transactions. 

This is the Elliptic Curve Digital Signature Algorithm (ECDSA), whose operation is conceptually the same as RSA. 

ECDSA is preferred over RSA because it is more efficient and secure, as it uses smaller keys while maintaining the same level of security as RSA. For example, a 256-bit ECDSA key offers security comparable to a 3072-bit RSA key. 

This reduces the size of transaction data, saving space on the blockchain and lowering fees.

Additionally, the signing and verification operations with ECDSA are computationally faster than those with RSA.