Allied Telesis AT-S60 User Manual

Chapter 20: Encryption

Section III: Security Features

344

digital signature. The signature station publishes its public key, and then
signs its messages by encrypting them with its private key. To verify the
source of a message, the receiver decrypts the messages with the
published public key. If the message that results is valid, then the signing
station is authenticated as the source of the message.

The most common asymmetrical encryption algorithm is RSA. This
algorithm uses mathematical operations which are relatively easy to
calculate in one direction, but which have no known reverse solution.
The security of RSA relies on the difficulty of factoring the modulus of
the RSA key. Because typical key lengths of 512 bits or greater are used
in public key encryption systems, decrypting RSA encrypted messages is
almost impossible using current technology.

Asymmetrical encryption algorithms require enormous computational
resources, making them very slow when compared to symmetrical
algorithms. For this reason they are normally only used on small blocks
of data (for example, exchanging symmetrical algorithm keys), and not
for entire data streams.