Skip to main content
Zondex
login
Browse Stats Pricing Blog Dorks How-To Docs
description

RSA

A widely used public-key cryptosystem for secure data transmission, based on the difficulty of factoring large numbers, enabling both encryption and digital signatures.

What is RSA?

RSA, named after its inventors Rivest, Shamir, and Adleman, is one of the earliest and most widely adopted public-key cryptosystems. Developed in 1977, it revolutionized secure communication by allowing two parties to encrypt and decrypt messages without ever sharing a secret key beforehand. RSA is an asymmetric algorithm, meaning it uses a pair of mathematically linked keys: a public key for encryption and a private key for decryption.

The core strength of RSA lies in the computational difficulty of factoring the product of two large prime numbers. This mathematical problem is easy to perform in one direction (multiplying two primes) but extremely difficult to reverse (factoring a large number back into its prime components), forming the basis of its security.

RSA is used extensively for: * Secure Data Transmission: Encrypting sensitive data exchanged over networks (though often used for exchanging symmetric keys, not bulk data directly). * Digital Signatures: Authenticating the sender of a message and ensuring message integrity by allowing the sender to 'sign' a message with their private key, which can then be verified by anyone with their public key.

How RSA Works

The process of generating and using RSA keys involves a few steps:

  1. Key Generation: Two large prime numbers, p and q, are chosen. These are kept secret. Their product, n = p * q, forms the modulus for both public and private keys. Another number, e (the public exponent), is chosen such that it is coprime to (p-1)(q-1). A corresponding private exponent, d, is calculated such that (d * e) mod ((p-1)(q-1)) = 1. The public key is (n, e), and the private key is (n, d).
  2. Encryption: To encrypt a message, the sender obtains the recipient's public key (n, e). The message M (represented as a number) is encrypted as C = M^e mod n.
  3. Decryption: The recipient uses their private key (n, d) to decrypt the ciphertext C back to the original message M = C^d mod n.
  4. Digital Signatures: To create a digital signature, the sender computes a hash of the message, then 'encrypts' the hash with their private key (n, d). The recipient verifies the signature by 'decrypting' it with the sender's public key (n, e) and comparing the resulting hash to a freshly computed hash of the message.

RSA in Security Research

Despite its widespread use, RSA's security is constantly under scrutiny. Security researchers focus on:

  • Key Size: The primary determinant of RSA's strength is its key length. Smaller key sizes (e.g., 512-bit, 1024-bit) are increasingly vulnerable to factorization attacks. Modern standards recommend 2048-bit or 3072-bit keys.
  • Padding Schemes: Proper padding (e.g., OAEP rather than older PKCS#1 v1.5) is crucial to prevent various attacks like chosen-ciphertext attacks. Flaws in padding can undermine the security of even strong RSA keys.
  • Side-Channel Attacks: RSA implementations can be vulnerable to attacks that exploit information leaked during cryptographic operations, such as timing differences or power consumption variations.
  • Fault Injection Attacks: Physical attacks that induce errors during cryptographic computations can sometimes extract private keys.
  • Improper Key Management: Weaknesses in how RSA private keys are generated, stored, or managed can render the strongest algorithm insecure.

Using Zondex to Find RSA

Zondex provides powerful capabilities to scan the internet and identify services utilizing RSA. This allows security professionals and researchers to assess the prevalence of specific RSA key sizes, algorithms, and configurations, helping to identify potential vulnerabilities at scale.

Here are some Zondex query examples:

  • ssl.cert.public_key.type:"RSA": Find all internet-facing services whose SSL/TLS certificates use RSA public keys.
  • ssl.cert.public_key.size:"1024": Identify systems with 1024-bit RSA keys, which are generally considered insecure for modern applications.
  • ssh.key.type:"RSA" AND ssh.key.size:"4096": Discover SSH services using strong 4096-bit RSA keys.
  • ssl.cipher.kex_alg:"RSA" AND ssl.cipher.strength:<128: Find TLS services using RSA for key exchange with weak cipher strengths.
  • product:"OpenVPN" ssl.cert.public_key.type:"RSA" ssl.cert.public_key.size:"2048": Locate OpenVPN servers configured with 2048-bit RSA certificates.
  • ssl.cert.public_key.exponent:"3": Search for certificates using a specific, sometimes less common, public exponent (e=3).

Key Takeaways

RSA remains a cornerstone of public-key cryptography, essential for securing digital communications and authenticating identities. Its security fundamentally depends on the difficulty of factoring large numbers and, critically, on using sufficiently large key sizes and robust implementation practices. While powerful, RSA requires careful management to mitigate evolving threats. Zondex serves as an invaluable tool for surveying the internet landscape for RSA implementations, allowing organizations to identify and address cryptographic weaknesses proactively, thereby enhancing their overall security posture.

search

Try it on Zondex

See RSA data in action with these search queries:

Open Search
arrow_back
Previous
RDP
Next
Ransomware
arrow_forward

At a Glance

Term RSA
Updated Mar 14, 2026
menu_book
Browse All Terms
138 terms in the glossary
arrow_forward
support_agent
Zondex Support
Usually replies within minutes
Hi there!
Send us a message and we'll reply as soon as possible.