RSA is a common public key algorithm, which can be used for encryption and signature. It is a core component of most the security protocols used on the Internet, including the SSL/TLS protocol suite.
RSA is a public key cryptography algorithm. It is used in many Internet protocols that use cryptography, including SSL/TLS-based protocols (HTTPS, etc.), IPSEC, DNSSEC, and more. The name RSA comes from its inventors: Rivest, Shamir and Adleman.
RSA Security, Inc. is also the name of a security firm. Among other things, RSA publishes a series of standards related to public-key cryptography known as PKCS. The PKCS#1 standard defines RSA.
RSA can be used for both encryption and signature. It is an asymmetric algorithm. A public key consists of two numbers: the modulus n, which is a large integer and determines the key size (1024 bits, 2048 bits and 4096 bits are common key sizes), and the public exponent e, which can be any odd integer between 3 and n but is often 3 or 65537. A private key consists of n and the private exponent d, which is generally almost as large as n. A private key may contain other fields to speed up computations.
The raw RSA operation is a mathematically simple operation: exponentiation modulo n. The exponent is the private exponent for encryption and signature, and the public exponent for decryption and verification. Only numbers up to n can be encrypted or signed. Therefore, instead of encrypting a whole message for RSA, one usually generates a session key (a symmetric key, for example an AES key) and encrypts this key with RSA. Instead of signing a message with RSA, one usually generates a cryptographic digest of the message (MD5, SHA-1, SHA-2, …) and signs this digest.
The raw RSA operation is not secure. RSA requires a padding scheme. Common padding scheme include OAEP for encryption and PSS for signing, as well as other algorithms defined by PKCS#1.
