RSA, The Security Division of EMC, is the premier provider of security solutions for business acceleration.
As the chosen security partner of more than 90% of the Fortune 500, we help the world’s leading organizations succeed by solving their most complex and sensitive security challenges.
Securing Your Future with Two-Factor Authentication
Do you really know who's accessing your most sensitive networked information assets? Unfortunately, security built on static, reusable passwords has proven easy for hackers to beat.
RSA SecurID® two-factor authentication is based on something you know (a password or PIN) and something you have (an authenticator)—providing a much more reliable level of user authentication than reusable passwords.- The only solution that automatically changes your password every 60 seconds
- 20-year history of outstanding performance and innovation
RSA offers enterprises a wide range of user authentication options to help positively identify users before they interact with mission-critical data and applications through:
- VPNs & WLANs
- Intranets & extranets
- Microsoft® Windows® desktops
- Web servers
- Other network resources
How the RSA System Works
The mathematical details of the algorithm used in obtaining the public and private keys are available at the RSA Web site. Briefly, the algorithm involves multiplying two large prime numbers (a prime number is a number divisible only by that number and 1) and through additional operations deriving a set of two numbers that constitutes the public key and another set that is the private key . Once the keys have been developed, the original prime numbers are no longer important and can be discarded. Both the public and the private keys are needed for encryption /decryption but only the owner of a private key ever needs to know it. Using the RSA system, the private key never needs to be sent across the Internet.
The private key is used to decrypt text that has been encrypted with the public key. Thus, if I send you a message, I can find out your public key (but not your private key) from a central administrator and encrypt a message to you using your public key. When you receive it, you decrypt it with your private key. In addition to encrypting messages (which ensures privacy), you can authenticate yourself to me (so I know that it is really you who sent the message) by using your private key to encrypt a digital certificate . When I receive it, I can use your public key to decrypt it. A table might help us remember this.
