RSA Algorithm

RSA generates a key pair by choosing two large primes p and q, computing the modulus n = p·q and the Euler totient φ(n), then selecting a public exponent e (commonly 65537) and computing the private exponent d as the inverse of e modulo φ(n). Encryption is m^e mod n; decryption is c^d mod n. RSA supports both encryption (via padding schemes like OAEP) and digital signatures (RSA-PSS). Its security relies on the assumed hardness of integer factorization; for 128-bit equivalent security NIST currently requires at least 3072-bit RSA keys. RSA is slower than elliptic-curve alternatives and will be vulnerable to large-scale quantum computers, so post-quantum schemes such as ML-KEM and ML-DSA are being standardised to replace it for new deployments.