The ability to create secure key-exchange systems is one of the advantages of combining DES or AES and PKA support in the same cryptographic system. Because PKA cryptography uses more intensive computations than DES or AES cryptography, it is not the method of choice for all cryptographic functions. PKA cryptography enhances the security of DES or AES key exchanges. DES or AES data-encrypting keys that are encrypted using an RSA public key can be exchanged safely between two systems. The sending system and the receiving system do not need to share a secret key to be able to exchange RSA-encrypted DES or AES data-encrypting keys. Figure 1 shows an example of this. The sending system enciphers the DES data-encrypting key under the receiver's RSA public key and sends the enciphered data-encrypting key to the receiver. The receiver deciphers the data-encrypting key by using the receiving system's RSA private key.
