A Comparative Study of the Performance and Security Issues of AES and RSA Cryptography Abdullah Al Hasib and Abul Ahsan Md. Mahmudul Haque Helsinki University of Technology Telecommunication Software and Multimedia Laboratory Finland hasib iut@yahoo.com, ahaque@cc.hut.fi Abstract Security is always a major concern in the field of commu- nication. Advanced Encryption Standard (AES) and Rivest- Shamir-Adleman (RSA) algorithms are the two popular en- cryption schemes that guarantee confidentiality and authen- ticity over an insecure communication channel. There has been trifling cryptanalytic progress against these two al- gorithms since their advent. This paper presents the fun- damental mathematics behind the AES and RSA algorithm along with a brief description of some cryptographic prim- itives that are commonly used in the field of communica- tion security. It also includes several computational issues as well as the analysis of AES and RSA security aspects against different kinds of attacks including the countermea- sures against these attacks. 1. Introduction The fundamental necessity in security is to hide infor- mation from irrelevant public or malicious attackers. This requirement has given birth to different kinds of crypto- graphic primitives including symmetric and asymmetric cryptography, hash functions, digital signatures, message authentication codes etc. Symmetric cryptography: In symmetric encryption, a key is shared between the sender and the receiver which is kept secret from the intruder. Among the different kinds of symmetric algorithms, Advanced Encryption Standard (AES) is gaining popularity due to its better security and efficiency than its predecessors [10]. It was defined in Fed- eral Information Processing Standard (FIPS) 192, published in November 2001 [9, 8]. As a symmetric cipher, AES shares a secret key to en- crypt and decrypt any message and operates on 128 bit fixed block. AES may be configured to use 3 different key- lengths and the resulting algorithms are named AES-128, AES-192 and AES-256 respectively to indicate the length in bits of the key. Asymmetric cryptography: Unlike the symmetric cryp- tography, asymmetric cryptography uses a pair of keys to encrypt and decrypt message. One of these two keys is known as public key as it is distributed to others and the other is called private key which is kept secret. Normally public key is used to encrypt any message which can only be decrypted by the corresponding private key. There are essential properties that must be satisfied by the asymmet- ric cryptography [15] • The key generation process should be computationally efficient. • Sender should be able to compute the cipher text by using the public key of the receiver for any message. • The receiver should be able to decrypt the cipher easily to plain text by using his own private key. • It is impossible or at least impractical to compute the private key from the corresponding public key. • It is computationally infeasible to compute the plain text form the public key and cipher text. RSA is the most widely used asymmetric encryption sys- tem which was invented by Ronald Rivest, Adi Shamir, and Len Adleman in the year 1977 [4]. As a public key encryp- tion standard, the private key is kept secret but the public key is revealed to everybody in RSA. Since its innovation, RSA is regarded as one of the most secure cryptosystems in existence. The purpose of this paper is to describe the basic en- cryption and decryption method as well as to cover math- ematical and security aspects of the two most widely used encryption schemes. Third 2008 International Conference on Convergence and Hybrid Information Technology 978-0-7695-3407-7/08 $25.00 © 2008 IEEE DOI 10.1109/ICCIT.2008.179 505 Third 2008 International Conference on Convergence and Hybrid Information Technology 978-0-7695-3407-7/08 $25.00 © 2008 IEEE DOI 10.1109/ICCIT.2008.179 505