The ability to create more-secure key-exchange systems is one of the advantages of combining DES or AES and PKA support in the same cryptographic system. Because PKA cryptography is more computationally intensive than DES or AES cryptography, it is not the method of choice for all cryptographic functions. It can be used, however, in combination with DES and AES cryptography to enhance the security of key exchange. DES data-encrypting keys and AES data-encrypting keys can be exchanged safely between two systems when encrypted using an RSA public key. Sending system and receiving system do not need to share a secret key to be able to exchange RSA-encrypted data-encrypting keys. An example of this is shown in Figure 4. The sending system enciphers the data-encrypting key under the receiver's RSA public key and sends the enciphered data-encrypting key to the receiver. The receiver uses his or her RSA private key to decipher the data-encrypting key.

Figure 4. Distributing a DES Data-Encrypting Key Using an RSA Cryptographic Scheme