The conversion of data into a secret code for transmission over a public network. The original text, or "plaintext," is converted into a coded equivalent called "ciphertext" via an encryption algorithm. The ciphertext is decoded (decrypted) at the receiving end and turned back into plaintext.
Keys Are the Key
The encryption algorithm uses a "key," which is a binary number that is typically from 40 to 256 bits in length. The greater the number of bits in the key (cipher strength), the more possible key combinations and the longer it would take to break the code. The data are encrypted, or "locked," by combining the bits in the key mathematically with the data bits. At the receiving end, the key is used to "unlock" the code and restore the original data.
Secret Vs. Public Key
Secret key cryptography and public key cryptography are the two major cryptographic architectures.
Secret Keys - Symmetric System
The first method uses a secret key, such as the DES and AES algorithms. Both sender and receiver use the same key to encrypt and decrypt. This is the fastest computation method, but getting the secret key to the recipient in the first place is a problem that is often handled by the second method.
Public Keys - Asymmetric System
The second method uses a two-part key, such as RSA and El Gamal. Each recipient has a private key that is kept secret and a public key that is published for everyone. The sender looks up or is sent the recipient's public key and uses it to encrypt the message. The recipient uses the private key to decrypt the message and never publishes or transmits the private key to anyone. Thus, the private key is never in transit and remains invulnerable.
Both Are Used Together
Secret key and public key systems are often used together, such as the AES secret key and the RSA public key. The secret key method provides the fastest decryption, and the public key method provides a convenient way to transmit the secret key. This is called a "digital envelope." For example, the PGP e-mail encryption program uses one of several public key methods to send the secret key along with the message that has been encrypted with that secret key (see PGP).
Get Faster - Get Stronger
It has been said that any encryption code can be broken given enough time to compute all permutations. However, if it takes months to break a code, the war could already be lost, or the thief could have long absconded with the money from the forged financial transaction. As computers get faster, to stay ahead of the game, encryption algorithms have to become stronger by using longer keys and more clever techniques. See XOR, AES, DES, RSA, plaintext, digital signature, digital certificate, quantum cryptography, steganography and chaff and winnow.
Secret Key Vs. Public Key
The secret method uses the same key to encrypt and decrypt. The problem is transmitting the key to the recipient in order to use it. The public key method uses two keys: one kept private and never transmitted, while the other is made public. Very often, the public key method is used to safely send the secret key to the recipient so that the message can be encrypted using the faster secret key algorithm.
Some Public History About Secret Methods
The following is reprinted with permission from RSA Security, Inc.
In 1518, a Benedictine monk named Johannes Trithemius wrote "Polygraphiae," the first published treatise on cryptography. Later, his text "Steganographia" described a cipher in which each letter is represented by words in successive columns of text, designed to hide inconspicuously inside a seemingly pious book of prayer.
Polygraphiae and Steganographia attracted a considerable amount of attention not only for their meticulous analysis of ciphers but more notable for the unexpected thesis of Steganographia's third and final section, which claimed that messages communicated secretly were aided in their transmission by a host of summoned spirits.
As might be expected, Trithemius' works were widely renounced as having magical content - by no means an unfamiliar theme in cryptographic history - and a century later fell victim to the zealous flames of the Inquisition during which they were banned as heretical sorcery.
Keys Are the Key
The encryption algorithm uses a "key," which is a binary number that is typically from 40 to 256 bits in length. The greater the number of bits in the key (cipher strength), the more possible key combinations and the longer it would take to break the code. The data are encrypted, or "locked," by combining the bits in the key mathematically with the data bits. At the receiving end, the key is used to "unlock" the code and restore the original data.
Secret Vs. Public Key
Secret key cryptography and public key cryptography are the two major cryptographic architectures.
Secret Keys - Symmetric System
The first method uses a secret key, such as the DES and AES algorithms. Both sender and receiver use the same key to encrypt and decrypt. This is the fastest computation method, but getting the secret key to the recipient in the first place is a problem that is often handled by the second method.
Public Keys - Asymmetric System
The second method uses a two-part key, such as RSA and El Gamal. Each recipient has a private key that is kept secret and a public key that is published for everyone. The sender looks up or is sent the recipient's public key and uses it to encrypt the message. The recipient uses the private key to decrypt the message and never publishes or transmits the private key to anyone. Thus, the private key is never in transit and remains invulnerable.
Both Are Used Together
Secret key and public key systems are often used together, such as the AES secret key and the RSA public key. The secret key method provides the fastest decryption, and the public key method provides a convenient way to transmit the secret key. This is called a "digital envelope." For example, the PGP e-mail encryption program uses one of several public key methods to send the secret key along with the message that has been encrypted with that secret key (see PGP).
Get Faster - Get Stronger
It has been said that any encryption code can be broken given enough time to compute all permutations. However, if it takes months to break a code, the war could already be lost, or the thief could have long absconded with the money from the forged financial transaction. As computers get faster, to stay ahead of the game, encryption algorithms have to become stronger by using longer keys and more clever techniques. See XOR, AES, DES, RSA, plaintext, digital signature, digital certificate, quantum cryptography, steganography and chaff and winnow.
Secret Key Vs. Public Key
The secret method uses the same key to encrypt and decrypt. The problem is transmitting the key to the recipient in order to use it. The public key method uses two keys: one kept private and never transmitted, while the other is made public. Very often, the public key method is used to safely send the secret key to the recipient so that the message can be encrypted using the faster secret key algorithm.
Some Public History About Secret Methods
The following is reprinted with permission from RSA Security, Inc.
In 1518, a Benedictine monk named Johannes Trithemius wrote "Polygraphiae," the first published treatise on cryptography. Later, his text "Steganographia" described a cipher in which each letter is represented by words in successive columns of text, designed to hide inconspicuously inside a seemingly pious book of prayer.
Polygraphiae and Steganographia attracted a considerable amount of attention not only for their meticulous analysis of ciphers but more notable for the unexpected thesis of Steganographia's third and final section, which claimed that messages communicated secretly were aided in their transmission by a host of summoned spirits.
As might be expected, Trithemius' works were widely renounced as having magical content - by no means an unfamiliar theme in cryptographic history - and a century later fell victim to the zealous flames of the Inquisition during which they were banned as heretical sorcery.
 | Reproduced with permission from Computer Desktop Encyclopedia. Copyright (c) 1981-2008 The Computer Language Company Inc. All rights reserved. |
Additional Resources
- Google releases open-source crypto toolkit
- Google's security team has released an open-source cryptographic toolkit aimed at making it easier and safer for developers to use cryptography in their applications. The toolkit, called KeyCzar, was originally developed by Steve Weis Google and Arkajit Dey MIT and is available under an Apache 2.0...
- Blog posts 2008-08-11
- How OpenDNS, PowerDNS and MaraDNS remained unaffected by the DNS cache poisoning vulnerability
- The short answer is being paranoid about tackling a known vulnerability. It's 2001, and Daniel J. Bernstein DJB, author of the then popular djbdns security-aware DNS implementation, is applying basic math principles to raise awareness on what's to turn into the "sky is falling" critical Internet vulnerability in 2008, in...
- Blog posts 2008-07-25
- E-gold owners plead guilty to money laundering
- E-gold owners plead guilty to money launderingGoodbye privacy?Cash leads to crime, too. Should we enforce credit/debit card payments only? If so, let's ban gold trading altogether!I will be obvious and boring then...[Please excuse my poor "Engrish" and my rushed-up style.]Hi guys.I don't agree with your opinion and thought a very...
- Discussion threads 2008-07-22
- Amanda Chapel, aka "Strumpette," needs some tough love
- I had a strange Twitter back-and-forth with "Amanda Chapel," the pseudonymous authors of a PR blog called "Strumpette," about the nature of the hacker ethic. I personally don't think the hacker ethic is very effective as a counterpoint to the system of intellectual property it decries, because hackers seem intent...
- Blog posts 2008-07-14
- $1 Million prize offered for cracking an encryption algorithm
- It's 2008, and companies perhaps rich on VC money to waste in a guerilla marketing tactic for generating viral buzz, still talk and act as the utopian "unbreakable encryption" algorithm is the panacea of security, or the "Hackers Hell: Privacy That Can't Be Compromised" as they pitch it. ...
- Blog posts 2008-07-07
- Security researchers hack the London underground train for free ride
- A group of Dutch security researchers were able to clone the "smartcards" that commuters use to pay fares in the London Underground system, allowing the group to ride for free. This is an interesting attack vector that I actually talked to Adam Laurie about when I was at Black Hat Amsterdam. ...
- Blog posts 2008-06-26
- Reformed computer criminals - your country needs you
- And trust me, they really do. Over the last year, the UK and US Governments have had an awful problem in keeping basic data protection rules in check, almost to the point where they may have been broadcasting over the radio minutes of the intelligence committee meetings. ...
- Blog posts 2008-06-26
- Red Hat takes the open source security challenge
- Red Hat takes the open source security challengeSilly MeAnd here I always assume that if it's closed it's insecure.Open Source = the possibility for peer review.Security: Obscurity or Design?This has been discussed [i]ad nauseam[/i] with the "security through obscurity" versus the "security by design" model. This all goes back to...
- Discussion threads 2008-03-21
- Got room in your heart for a hacker?
- I was looking over famed security researcher and cryptography expert Bruce Schneier's blog today and found an article on hacking medical devices. I have to admit that I was surprised, but I shouldn't have been. These days, if you can build it, we can break it seems to be the...
- Blog posts 2008-03-13
- Have a heart (attack): Defibrillators, pacemakers vulnerable to hackers
- Researchers have discovered that an implantable heart device, a combination of a defibrillator and pacemaker, is vulnerable to hackers. According to a study, authored by researchers at the University of Washington, University of Massachusetts Amherst and Harvard Medical School, hackers could get wireless access to a heart...
- Blog posts 2008-03-12
- What 2.484564472E24 means for internet security
- What 2.484564472E24 means for internet securityYou missed one...4) One time pads. Theoretically unbreakableAs for what 2.484564472E24 means for internet security, you didn't tell us. All you was list 2 common encoding techniques, missed off the most secure one of the lot and then babbled on about language and universal translators.Is...
- Discussion threads 2008-03-06
- Cisco confirms vulnerability in 7921 Wi-Fi IP phone
- Two days after news of the Vocera Wi-Fi VoIP communicator PEAP security bypass vulnerability, I received confirmation from Cisco that their model 7921 Wi-Fi VoIP phone is also vulnerable to the same issue where digital certificates aren't cryptographically verified. Both Cisco and Vocera have told me that they intend to...
- Blog posts 2008-02-23
- Design flaw in wireless VoIP handsets endanger the enterprise
- Update 2/23/2008 - Cisco confirms vulnerability in 7921 Wi-Fi IP phone Security conscious businesses and organizations who implemented 802.1x/EAP enterprise-grade authentication are at risk with certain implementations of wireless LAN VoIP handsets. I have verified that Vocera Communications is one of the vulnerable vendors and I have...
- Blog posts 2008-02-20
- MyPrivacyKey (zip)
- MyPrivacyKey is a suite of software tools that help protect your privacy in the digital form. The software uses industrial strength public-key cryptography to secure your data stored on your hard drive, removable media, transmitted on the Internet, etc. MyPrivacyKey is designed to be portable so that you can carry...
- Software downloads 2008-02-14
- US Government seeks to invest $6 Billion in security by obscurity
- According to the Wall Street Journal this morning the Bush administration is pushing to spend $6 billion on cyber security in one year! They claim that US telecom systems are not adequately protected and that they need to spend this money to protect it. Just one problem, the government is...
- Blog posts 2008-01-28
- Ruckus wireless LAN security method solves usability versus security dilemma
- One of the biggest problems with wireless LAN security standards is the lack of an intermediate solution. Your only choices in securing a wireless LAN were to deploy enterprise grade WPA wireless LAN security which requires RADIUS Remote Authentication Dial In User Service servers in addition to a PKI (Public...
- Blog posts 2008-01-04
- Essentials of Information Security - Security+
- View Available Dates and LocationsNetwork Security I: Policy, Administration, and Firewalls High-profile security breaches have made network access control one of the most important concerns for corporate and government network managers. It is your job to reduce the chance of security breaches. Do you know what attacks intruders use...
- Training 2008-01-01
- CISSP Prep Course
- View Available Dates and LocationsIf you are ready to take your security career to the next level, our Certified Information Systems Security Professional CISSP exam preparation course will help get you there. Get instruction from our experts with real-world experience as you cover all the material you need to be...
- Training 2008-01-01
- Laminarnet: A Simple, Secure and Practical Network Structure Based on VPN
- This paper shows a novel network structure called laminarnet, which is constructed by building virtual networks over existing physical or virtual networks using VPN Virtual Private Network technology. This structure can provide a simple and practical infrastructure for single and multiple levels of security assurance based on cryptography, PKI (Public...
- White papers 2008-01-01
- Androsa FileProtector (zip)
- Androsa FileProtector is a professional and freeware file encryption software that protects any type of file encrypting completely the content with the most advanced systems of cryptography. Androsa FileProtector allows to put to the sure sensitive file or personal file that do not have to be used/viewed from people not...
- Software downloads 2007-12-18
Neighboring Terms
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
- Access the latest Intel and industry best practices
-
Designed specifically to address the concerns of senior IT managers at organizations with more than 100 employees, the Intel Premier IT Professional Program provides best practices via local and e-Seminars and a members-only Web site.
- View the Intel Premier IT Professional web-site tour >>
- Sports and Technology
-
Major League Baseball pitches new app to iPhone users
At Apple's Worldwide Developers Conference in San Francisco, Jeremy Schoenherr of MLB.com demos At-Bat, a new iPhone app from Major League Baseball.
View the ZDNet video to learn more -
The SF Giants' new hi-tech ballpark
SF Giants CIO Bill Schlough discusses new technology upgrades at AT&T Park and outlines his dual role- managing technology operations at the backend while using hi-tech to improve player performance on the field.
View the ZDNet CIO Vision Series video - From our Sponsors
- Fantasy Football
-
-
3 Great Ways To Play Fantasy Football
Play for free, play to win cash prizes- up to $3500, or customize your own league.
Learn More » -
