RSA vs ECDSA in HTTPS Certificates. Which is Best?

HTTPS (Hypertext transfer protocol secure) Certificates are required for HTTPS websites and they say which encryption algorithm (certificate type) they are using and the public key for the website. The two mainstream encryption algorithms in use for HTTPS are RSA (Rivest–Shamir–Adleman) and ECDSA (Elliptic Curve Digital Signature Algorithm). RSA uses the mathematics of multiplying two prime numbers as multiplying them is very easy but going in reverse and finding the prime numbers from the multiplication is very difficult. ECDSA uses Elliptic-Curve Cryptography (ECC) which is based on algebraic structure of elliptic curves over finite fields.

RSA is easier to understand than ECDSA, which makes it easier to trust for secure communication, however both are based on solid mathematical situations where one way is easy and the other way is very hard.

ECDSA (1992) is newer than RSA (1977) so ECDSA hasn’t been real world tested for the same amount of time as RSA. That said ECDSA has been available and used for over a decade for HTTPS since TLS1.2 (Transport Layer Security) in 2008.

ECDSA is smaller and faster for the same level of mathematical security as RSA which means it can work on smaller devices and reduces server loads.

ECDSA and RSA are both part of the US government standard (FIPS) for secure communication.

All mainstream browsers have supported ECDSA and RSA for more than a decade. RSA does work on some really old no longer supported browsers where ECDSA doesn’t work, but if you are using browsers and operating systems that old then you should upgrade as they would have a range of vulnerabilities.

In the future there may be new issues with either RSA or ECDSA but at this point they are both industry tested and approved for use. Technically with ECDSA being faster from a technical perspective that would give it the edge to being preferred over RSA.

Interestingly in the future HTTPS (TLS1.3) is no longer specifying the certificate type (encryption algorithm for initial connection) so it is future proof and can be used for any valid certificate type. This allows easy changing to quantum secure certificates if required, without changing the HTTPS standard.

Contact the team of experts at Vertex Cyber Security for all your cyber security needs.

CATEGORIES

-

TAGS

- - - - -

SHARE

Follow Us!

Facebook Twitter Linkedin Instagram
Cyber Security by Vertex, Sydney Australia

Your partner in Cyber Security.

Terms of Use | Privacy Policy

Accreditations & Certifications

blank
blank
blank
blank
blank
  • 1300 229 237
  • Suite 13.04 189 Kent Street Sydney NSW 2000 Australia
  • Level 4, 11 York Street Sydney NSW 2000 Australia
  • Goods Shed North, 710 Collins St Docklands, Melbourne, VIC 3008 Australia
  • Lot Fourteen, North Terrace Adelaide SA 5000 Australia
  • 44 Montgomery St San Francisco California USA
  • 9 Raffles Place #14-05 Republic Plaza Singapore 048619

(c) 2024 Vertex Technologies Pty Ltd.

download (2)
download (4)

We acknowledge Aboriginal and Torres Strait Islander peoples as the traditional custodians of this land and pay our respects to their Ancestors and Elders, past, present and future. We acknowledge and respect the continuing culture of the Gadigal people of the Eora nation and their unique cultural and spiritual relationships to the land, waters and seas.

We acknowledge that sovereignty of this land was never ceded. Always was, always will be Aboriginal land.