According to the advantages of encryption technology, it is fast under the conditions of encryption and calculation. The disadvantage is that the encryption party and the decryption party must negotiate the key and ensure the security of the key. If one party reveals the key, the whole communication will be cracked and the encrypted information will no longer be safe.

Unlike symmetric encryption technology, which only uses one key, asymmetric encryption technology uses two keys for encryption and decryption, one is called public key and the other is called private key. The private key is kept by itself, and the public key can be made public. Data encrypted with public key must be decrypted with private key, and vice versa, because this encryption method is called asymmetric second technology. Compared with symmetric encryption technology, asymmetric encryption technology is more secure, but its performance is slower.

In the Internet backend technology, asymmetric encryption technology is mainly used in login, digital signature, digital certificate authentication and other scenarios.

Commonly used asymmetric encryption algorithms are:

RSA: RSA is an asymmetric key encryption technology, which is widely used and has a long history. It was put forward in 1977 by Ron Livingstone, Adi adi shamir and Leonard Aderman of MIT. Because it is difficult to crack, RSA is the most widely used digital encryption and signature technology, such as Alipay in China. Its security depends on the length of the key. At present, the main optional key lengths are 1024 bits, 2048 bits, 4096 bits and so on. Theoretically, the longer the key, the harder it is to crack. According to Wikipedia, a key less than or equal to 256 bits can be cracked in a few hours on a personal computer. The 5 12-bit key and 768-bit key were also successfully cracked in 1999 and 2009 respectively. Although there is no public information to prove that someone can successfully crack the 1024-bit key, it is obviously not far from this node, so at present, the industry recommends using 2048-bit or above keys, but at present, 2048-bit keys are safe enough.

DSA: Digital signature algorithm, proposed by NIST and 199 1 Unlike RSA, DSA can only be used for digital signature, but not for data encryption and decryption. Its security is equivalent to RSA, but its performance is faster than RSA.

Ecdsa: The elliptic curve digital signature algorithm is a combination of ECC (Elliptic Curve Cryptography) and dsa. The application of elliptic curve in cryptography was independently proposed by Neal Koblitz and Victor Miller in 1985. Compared with RSA algorithm, ECC can use a smaller key and has higher efficiency and security. It is said that the security of 256-bit ECC key is equivalent to 3072-bit RSA key. Compared with ordinary DSA, ECDSA adopts elliptic curve algorithm for some factors in the process of calculating the key.