Cryptography and Encryption


Knowing a secret is one thing. Keeping it safe and protected from others is another. Making sure an enemy doesn't alter it while we're blabbingI mean, confidingit to someone else is still another issue. Confirming that a secret coming from someone else is reliable is yet another issue. Making sure that I get the best deal on car insurance is again another issue entirely.

Clearly, data security is about more than just keeping a piece of data protected from prying eyes. And it's not only prying eyes that concern us. Just yesterday I experienced the Windows "blue screen of death" when I tried to synchronize the data on my desktop system with my electronic handheld scheduler. The potential for data corruption through the normal everyday use of technology is vast. Fortunately, the word processor I am using to type this chapter is free fôm su©h ¢or®Keeping Secrets

When people think about encryption and data security, they generally focus on the "keeping secrets" aspect. The ability to cryptographically encode content, keep it from an adversary, and still have it decoded by you or an associate at some later time is important. Encryption techniques range from simple language aberrations (such as Pig Latin) and replacement ciphers (letter substitutions, used in cryptogram puzzles) to complex enigma-machine-quality encoding systems.

Software-enabled encryption is now a part of our everyday experience. When you make credit card purchases from web sites, the chance is pretty good that your credit card information is encrypted and transferred in 128-bit secret fidelity.

Typical encryption methods make use of one or more keys, plus a combination of hashing functions and encryption algorithms, to convert sensitive content into a form that is not easily accessible without the original or related key. Symmetric cryptography is the name used for encryption methods using a single secret key.

Public-key encryptionalso know as asymmetric cryptographyuses a pair of keys to encrypt and decrypt data. One of the keys, a public key, can be given to anyone who cares about communicating with you securely. You can even give it to your enemies; it's public. The related private key is kept safe for your use; you never show it to anyone, not even your mother. Content encrypted using one of the keys (and an encryption algorithm) can only be decrypted later using the other key. If your friend encrypts some information using the public key, nobody except you will be able to decrypt it, and it will require your private key. You can also encrypt data with your private key, but anyone would be able to decrypt it with the public key. We'll see uses for this seemingly insecure action a little bit later.

Data Stability

Data encryption helps ensure the integrity of a block of data, even if that data is not encrypted. If you send someone an email during a lightning storm, there is certainly the chance that some or all of the email content could be electronically altered before it reaches the recipient. Let's say that some static in the transmission line just happens to cause one sentence of the content to be duplicated. Let's say that some static in the transmission line just happens to cause one sentence of the content to be duplicated. How would you know whether it was the author trying to make some clever point, or simply a computer glitch?

Including a checksum with the content can help identify data problems during transmission. A checksumsometimes called a hash valuetakes the original content and passes it through a function that generates a short value that "represents" the original data. Checksum functions (or hashing algorithms) are very sensitive to even single-byte changes on the content, whether that single byte was altered, repositioned, added, or removed from the original data. By generating a checksum both before and after data transmission, you can confirm whether the content changed at all during the transfer.

Checksums represent a unidirectional encryption of the original data. It is impossible to use the checksum to obtain the original data content. That's all right, though, because the purpose of a checksum is not to deliver content secretly, but to deliver it unchanged. Bidirectional encryption is what I talked about in the "Keeping Secrets" section. If you have the right key and the right algorithm, bidirectional encryption restores original content from encrypted content.

Identity Verification

Let's say that you receive an email from your boss that says, "Order 50 copies of Tim Patrick's newest book, and hurry." How do you know this message is reliable, or really from your boss? In this case, the content alone should prove that it is trustworthy. But if you really wanted to verify the source, and your boss was unavailable, you could employ digital signatures to confirm the identity of the sender.

One method of using digital signatures employs public-key encryption to transmit an agreed-upon password or message, and passes that encrypted content along with the larger email. For instance, your boss could encrypt the text "I'm the boss" using his private key. When you receive the email, you could decrypt the digital signature using your boss's public key. If the decryption resulted in the "I'm the boss" message, you would know that the message did, in fact, come from your boss.




Start-to-Finish Visual Basic 2005. Learn Visual Basic 2005 as You Design and Develop a Complete Application
Start-to-Finish Visual Basic 2005: Learn Visual Basic 2005 as You Design and Develop a Complete Application
ISBN: 0321398009
EAN: 2147483647
Year: 2006
Pages: 247
Authors: Tim Patrick

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net