Most Effective Public Key Encryption Method

Question

There seems to be a lot of hype about asymmetric Public Key encryption. RSA, PGP... etc. You have a set of two keys and distribute one, so that either only you can encrypt the message or only you can decrypt the message. One method provides a way to verify the sender, while the other provides a way to secure the message. (Feel free to correct me if I am wrong.)

Now, I have also been reading about the Diffie-Hellman class of Key-Exchanges. This seems to be more secure as you can verify the sender and secure the message with the keys as each 'conversation' requires a computed 'shared key'.

So, my question is, are there any major disadvantages (besides the setup requirements) to using Diffie-Hellman over a more standard form of public key encryption?

Or, to put it more bluntly. If Diffie-Hellman makes more sense, why isn't it the standard form of encryption?

Answer 1

Diffie-Hellman key agreement provides a way of establishing a common secret key which is virtually impossible to determine by passive adversaries, i.e. people who only listen to the communications.

However, basic D-H is vulnerable to man-in-the-middle attacks. In other words, you can establish a shared secret key, but in the presence of active adversaries you don't know with whom you share the key.

That's where the public key cryptography has its place. When you have a genuine public key of someone, you can be sure that the encrypted data can be read only by that person.

Making sure that a given public key really belongs to someone is a separate issue and is solved e.g. by Public Key Infrastructure.