If you work in IT, it’s impossible not to have heard of the famous RSA (Rivest, Shamir and Adleman) encryption algorithm. Even if it dates back to the 70s, it is still the most widespread algorithm for public key cryptography, and for good reasons too!
While being a rather inductive argument, it is valid. Since its invention in 1977, RSA remains unbroken from a mathematical point of view, and has been widely used to build secure encryption or signature protocols. I emphasized mathematical, because its strength relies on prime factorization of large numbers, which takes a lot of time to brute force, given sufficiently long keys are used. At the time of writing of this article, it is considered best practice to use 2048 bit private keys for RSA, as 1024 bit ones can be broken, given enough computing power. If you are a security paranoia (like me), you can use 4096 bit keys, but you should watch out for performance.
RSA is used everywhere, which makes keys of this type a safe default choice. RSA is widely used in SSL certificates that power secured protocols (HTTPS, POPS, SMTPS, etc) and is also commonly used in e-commerce protocols. It also happens to be one of the main methods used in PGP and GPG for encrypting and signing e-mails. So why change now? As my grandpa used to say: “if it ain’t broke, don’t fix it”.
As alternatives to RSA, you have DSA (Digital Signature Algorithm) or ECDSA (Elliptic Curve Digital Signature Algorithm). While these are newer algorithms and are considered safe, they might not be practical for use in all scenarios.
If you want to maintain backwards compatibility with older clients, you’re better off using RSA, because some clients are limited to 1024-bit DSA keys (Windows doesn’t support anything stronger). There are lots of legacy clients that follow the old FIPS 186-2 standard, which limits the key length for DSA to 1024 bits.
ECDSA is lighter and faster than RSA, and provides the same level of security while using smaller keys, but it is not yet widely supported by all Certificate Authorities and older clients. It is common practice to use both algorithms, preferring the use of ECDSA whenever possible, but fall back to RSA when talking to clients that do not yet support ECDSA.