Diffie Hellman and RSA are both asymmetric key algorithms, also known as public-key cryptography system which uses two keys to encrypt a plain text.
|DH stands for Diffie Hellman||RSA stands for Rivest, Shamir, Adleman.|
|First published in 1976||First published in 1977|
|Diffie Hellman was designed by Whitfield Diffie and Martin Hellman||RSA was designed by Ron RIvest, Adi Shamir, and Leonard Adleman|
|Allows two parties to establish a connection over an insecure communication channel, a shared secret key that only the two parties know.||In RSA, the sender encrypts the data using the public key and the receiver decrypts the data using his private key.|
|Generating ephemeral keys for Diffie Hellman is extremely easy||Generating ephemeral keys for RSA is extremely difficult|
|Encryption is expensive||Encryption is cheaper|
|Diffie Hellman 1024 bits is more robust than RSA||RSA 1024 bits is less robust than Diffie Hellman|
|Public-key is bigger to encode||Public-key is smaller to encode|
|Diffie Hellman is less secure than RSA||RSA is more secure than Diffie Hellman|
Advantages and Disadvantages of Diffie Hellman
Advantages of Diffie Hellman
Sharing of secret-key is safe.
Sender and receiver don’t need any prior knowledge of each other.
Once the keys are exchanged the communication of data can be done through an insecure channel.
Disadvantages of Diffie Hellman
The algorithm cannot be used for signing digital signatures.
The Diffie Hellman key exchange is susceptible to man-in-the-middle attack.
Only used for symmetric key exchange.
Advantages and Disadvantages of RSA
Advantages of RSA
Easier to implement and understand.
RSA is stronger than other symmetric key algorithms.
RSA has overcome the weakness of symmetric algorithms i.e. authenticity and confidentiality.
Very fast and simple encryption and verification.
Disadvantages of RSA
RSA has too much computation.
It requires a more computer power supply compared to single-key encryption.
Protocols that use Diffie-Hellman to enhance security
Transport Layer Security (TLS) / Secure Socket Layers (SSL)
Internet Protocol Security (IPSec)
Secure Shell (SSH)
What kind of attack is a standard Diffie-Hellman key exchange vulnerable to?