Introduction

Introduction

Cryptography, which literally means "secret writing," is the process of turning a string of plain text into something that looks like chicken scratches, and is more or less thoroughly unreadable (encrypting), and optionally, turning it back into legible text again (decrypting).

Until the early 1990s there was virtually no information publicly available on cryptography. I know, because I looked. With the advent of the Internet and the obvious need for good data security, this is no longer the case, and there are some excellent books and software easily available. The U.S. government is still somewhat grumpy about this, however. The PGP software discussed in this section is not part of a common Linux release. It is, in fact, illegal to export it beyond the boundaries of the United States. The source code, however, is covered under the freedom of the press laws and is promptly disseminated across the borders to any interested terrorists, conveniently formatted for electronic scanning and later compilation.

PGP is an implementation of a concept called Public Key Cryptography. In public key cryptography, there are two keys (sequences of bits referred to in the encoding and decoding processes). One of them, the public key, is, as the name implies, publicly available. You give it out to anyone from whom you might want to receive a private message. The other, private key, is used to decrypt messages encrypted with the public key. The private key is not derivable from the public key. In this way, secret communication is possible.

PGP stands for pretty good privacy. It is the brainchild of Phillip Zimmerman. It is a suite of programs that implement public key cryptography and comprises a large portion of this chapter.

A firewall is a specially configured computer through which all the traffic on your network passes.

The commands covered in this section include: