What SSH Key Should I use?

What SSH Key Should I use?
Photo by Nerene Grobler / Unsplash

Short Answer:

EdDSA using the Ed448 curve

Long Answer:

RSA

RSA (Rivest–Shamir–Adleman) is a cryptographic algorithm used in public-key cryptography. It is named after its inventors: Ron Rivest, Adi Shamir, and Leonard Adleman. The algorithm is widely used for secure data transmission and is one of the most widely used encryption techniques on the internet.

The RSA algorithm is based on the mathematical concept of prime factorization. In the RSA algorithm, each participant generates a public key and a private key. The public key is used to encrypt data and the private key is used to decrypt the data.

The security of the RSA algorithm is based on the fact that it is computationally difficult to factor large numbers into their prime factors. This means that it is difficult for an attacker to determine the private key from the public key, even if they have access to the encrypted data and the public key.

RSA is used in a variety of applications, including secure email, secure web browsing, and secure messaging applications. It is also used in digital signatures and in the creation of digital certificates.

DSA

DSA (Digital Signature Algorithm) is a cryptographic algorithm used for digital signatures. It was developed by the US National Security Agency (NSA) and published by the National Institute of Standards and Technology (NIST) as a US government standard in 1994.

The DSA algorithm is used for verifying the authenticity of digital messages or documents. It uses a mathematical process called modular exponentiation, which involves taking the remainder of a number when it is divided by another number. This process is used to generate a signature that can be verified by anyone with access to the signer's public key.

The security of the DSA algorithm is based on the difficulty of solving the discrete logarithm problem. This means that it is computationally difficult to determine the private key from the public key, even if an attacker has access to a large number of digital signatures.

DSA is commonly used in applications such as secure email, digital certificates, and other digital signature applications. It is also used in conjunction with other cryptographic algorithms, such as symmetric key encryption and hash functions, to provide a secure digital signature mechanism.

ECDSA

Elliptic Curve Digital Signature Algorithm is a cryptographic algorithm used for digital signatures. It is based on the mathematics of elliptic curves and is a variant of the Digital Signature Algorithm (DSA). It offers smaller key sizes and faster computations compared to traditional public-key cryptography systems such as RSA and DSA, making it more suitable for use in resource-constrained environments.

EdDSA

Edwards-curve Digital Signature Algorithm. A modern digital signature scheme based on elliptic curve cryptography (ECC). It is designed to be faster and more secure than earlier ECC-based signature schemes such as ECDSA.

Ed25519 vs. Ed448

Ed25519 and Ed448 are both digital signature algorithms based on elliptic curve cryptography (ECC). The main difference between them is the size of the elliptic curve they use and the resulting key sizes.

Ed25519 is based on the twisted Edwards curve known as Curve25519, which has a 256-bit key size. The Ed25519 algorithm generates 256-bit public and private keys, and produces 512-bit digital signatures. It is a widely used and popular algorithm due to its security, speed, and efficiency.

Ed448, on the other hand, is based on a different elliptic curve known as  , which has a 448-bit key size. The Ed448 algorithm generates 448-bit public and private keys, and produces 896-bit digital signatures. It is a relatively new algorithm that provides higher security but at the cost of slower computations and larger key sizes.

In general, both algorithms are considered to be highly secure and suitable for different use cases depending on the specific requirements for key size, signature size, and computational performance. Ed25519 is often preferred for its efficiency and popularity, while Ed448 is chosen for its higher security guarantees.