Asymmetric algorithms use a PKI environment as they use two keys: a private key that is always kept and a Public key that is always given away. Let us now look at different asymmetric techniques:

• Diffie Hellman: Diffie Hellman does not encrypt data; its main purpose is to create a secure session so that symmetric data can travel down it. The Diffie Hellman handshake is shown in the following diagram:

Diffie Hellman creates the keys used in the Internet Key Exchange (IKE); it uses UDP Port 500 to set up the secure session for the L2TP/IPSec VPN. Once the secure tunnel has been created, then the symmetric encrypted data flows down the tunnel.

• Rivest, Shamir, and Adelman (RSA): RSA is named after the three people who invented the algorithm. The keys were the first private and public key pairs, and they start are 1,024, 2046, 3,072 and 4,096 bits. They are used for encryption and digital signatures.
• Digital Signature Algorithm (DSA): DSA keys are used for digital signatures; they start at 512 bits, but their 1,024-bit and 2046-bit keys are faster than RSA for digital signatures.
• Elliptic Curve Cryptography (ECC): ECC is a small, fast key that is used for encryption in small mobile devices, however AES-256 is used in military mobile telephones.
• Ephemeral keys: Ephemeral Keys are short-lived keys; they are used for a single session, and there are two of them:
  • Diffie Hellman Ephemeral (DHE)
  • Elliptic Curve Diffie Hellman Ephemeral (ECDHE)
• Pretty Good Privacy (PGP): PGP is used between two users to set up an asymmetric encryption and digital signatures. For PGP to operate, you need a private and public key pair. The first stage in using PGP is to exchange the keys. It uses RSA keys.

• GnuPG: GnuPG is a free version of the OpenPGP; it is also known as PGP. It uses RSA keys.