The conversion of data into a secret code for transmission over a public network. The original text, or "plaintext," is converted into a coded equivalent called "ciphertext" via an encryption algorithm. The ciphertext is decoded (decrypted) at the receiving end and turned back into plaintext.
Keys Are the Key
The encryption algorithm uses a "key," which is a binary number that is typically from 40 to 256 bits in length. The greater the number of bits in the key (cipher strength), the more possible key combinations and the longer it would take to break the code. The data are encrypted, or "locked," by combining the bits in the key mathematically with the data bits. At the receiving end, the key is used to "unlock" the code and restore the original data.
Secret Vs. Public Key
Secret key cryptography and public key cryptography are the two major cryptographic architectures.
Secret Keys - Symmetric System
The first method uses a secret key, such as the DES and AES algorithms. Both sender and receiver use the same key to encrypt and decrypt. This is the fastest computation method, but getting the secret key to the recipient in the first place is a problem that is often handled by the second method.
Public Keys - Asymmetric System
The second method uses a two-part key, such as RSA and El Gamal. Each recipient has a private key that is kept secret and a public key that is published for everyone. The sender looks up or is sent the recipient's public key and uses it to encrypt the message. The recipient uses the private key to decrypt the message and never publishes or transmits the private key to anyone. Thus, the private key is never in transit and remains invulnerable.
Both Are Used Together
Secret key and public key systems are often used together, such as the AES secret key and the RSA public key. The secret key method provides the fastest decryption, and the public key method provides a convenient way to transmit the secret key. This is called a "digital envelope." For example, the PGP e-mail encryption program uses one of several public key methods to send the secret key along with the message that has been encrypted with that secret key (see PGP).
Get Faster - Get Stronger
It has been said that any encryption code can be broken given enough time to compute all permutations. However, if it takes months to break a code, the war could already be lost, or the thief could have long absconded with the money from the forged financial transaction. As computers get faster, to stay ahead of the game, encryption algorithms have to become stronger by using longer keys and more clever techniques. See XOR, AES, DES, RSA, plaintext, digital signature, digital certificate, quantum cryptography, steganography and chaff and winnow.
Secret Key Vs. Public Key
The secret method uses the same key to encrypt and decrypt. The problem is transmitting the key to the recipient in order to use it. The public key method uses two keys: one kept private and never transmitted, while the other is made public. Very often, the public key method is used to safely send the secret key to the recipient so that the message can be encrypted using the faster secret key algorithm.
Some Public History About Secret Methods
The following is reprinted with permission from RSA Security, Inc.
In 1518, a Benedictine monk named Johannes Trithemius wrote "Polygraphiae," the first published treatise on cryptography. Later, his text "Steganographia" described a cipher in which each letter is represented by words in successive columns of text, designed to hide inconspicuously inside a seemingly pious book of prayer.
Polygraphiae and Steganographia attracted a considerable amount of attention not only for their meticulous analysis of ciphers but more notable for the unexpected thesis of Steganographia's third and final section, which claimed that messages communicated secretly were aided in their transmission by a host of summoned spirits.
As might be expected, Trithemius' works were widely renounced as having magical content - by no means an unfamiliar theme in cryptographic history - and a century later fell victim to the zealous flames of the Inquisition during which they were banned as heretical sorcery.
Keys Are the Key
The encryption algorithm uses a "key," which is a binary number that is typically from 40 to 256 bits in length. The greater the number of bits in the key (cipher strength), the more possible key combinations and the longer it would take to break the code. The data are encrypted, or "locked," by combining the bits in the key mathematically with the data bits. At the receiving end, the key is used to "unlock" the code and restore the original data.
Secret Vs. Public Key
Secret key cryptography and public key cryptography are the two major cryptographic architectures.
Secret Keys - Symmetric System
The first method uses a secret key, such as the DES and AES algorithms. Both sender and receiver use the same key to encrypt and decrypt. This is the fastest computation method, but getting the secret key to the recipient in the first place is a problem that is often handled by the second method.
Public Keys - Asymmetric System
The second method uses a two-part key, such as RSA and El Gamal. Each recipient has a private key that is kept secret and a public key that is published for everyone. The sender looks up or is sent the recipient's public key and uses it to encrypt the message. The recipient uses the private key to decrypt the message and never publishes or transmits the private key to anyone. Thus, the private key is never in transit and remains invulnerable.
Both Are Used Together
Secret key and public key systems are often used together, such as the AES secret key and the RSA public key. The secret key method provides the fastest decryption, and the public key method provides a convenient way to transmit the secret key. This is called a "digital envelope." For example, the PGP e-mail encryption program uses one of several public key methods to send the secret key along with the message that has been encrypted with that secret key (see PGP).
Get Faster - Get Stronger
It has been said that any encryption code can be broken given enough time to compute all permutations. However, if it takes months to break a code, the war could already be lost, or the thief could have long absconded with the money from the forged financial transaction. As computers get faster, to stay ahead of the game, encryption algorithms have to become stronger by using longer keys and more clever techniques. See XOR, AES, DES, RSA, plaintext, digital signature, digital certificate, quantum cryptography, steganography and chaff and winnow.
Secret Key Vs. Public Key
The secret method uses the same key to encrypt and decrypt. The problem is transmitting the key to the recipient in order to use it. The public key method uses two keys: one kept private and never transmitted, while the other is made public. Very often, the public key method is used to safely send the secret key to the recipient so that the message can be encrypted using the faster secret key algorithm.
Some Public History About Secret Methods
The following is reprinted with permission from RSA Security, Inc.
In 1518, a Benedictine monk named Johannes Trithemius wrote "Polygraphiae," the first published treatise on cryptography. Later, his text "Steganographia" described a cipher in which each letter is represented by words in successive columns of text, designed to hide inconspicuously inside a seemingly pious book of prayer.
Polygraphiae and Steganographia attracted a considerable amount of attention not only for their meticulous analysis of ciphers but more notable for the unexpected thesis of Steganographia's third and final section, which claimed that messages communicated secretly were aided in their transmission by a host of summoned spirits.
As might be expected, Trithemius' works were widely renounced as having magical content - by no means an unfamiliar theme in cryptographic history - and a century later fell victim to the zealous flames of the Inquisition during which they were banned as heretical sorcery.
 | Reproduced with permission from Computer Desktop Encyclopedia. Copyright (c) 1981-2008 The Computer Language Company Inc. All rights reserved. |
Additional Resources
- Security researchers hack the London underground train for free ride
- A group of Dutch security researchers were able to clone the "smartcards" that commuters use to pay fares in the London Underground system, allowing the group to ride for free. This is an interesting attack vector that I actually talked to Adam Laurie about when I was at Black Hat Amsterdam. ...
- Blog posts 2008-06-26
- Reformed computer criminals - your country needs you
- And trust me, they really do. Over the last year, the UK and US Governments have had an awful problem in keeping basic data protection rules in check, almost to the point where they may have been broadcasting over the radio minutes of the intelligence committee meetings. ...
- Blog posts 2008-06-26
- Red Hat takes the open source security challenge
- Red Hat takes the open source security challengeSilly MeAnd here I always assume that if it's closed it's insecure.Open Source = the possibility for peer review.Security: Obscurity or Design?This has been discussed [i]ad nauseam[/i] with the "security through obscurity" versus the "security by design" model. This all goes back to...
- Discussion threads 2008-03-21
- Got room in your heart for a hacker?
- I was looking over famed security researcher and cryptography expert Bruce Schneier's blog today and found an article on hacking medical devices. I have to admit that I was surprised, but I shouldn't have been. These days, if you can build it, we can break it seems to be the...
- Blog posts 2008-03-13
- Have a heart (attack): Defibrillators, pacemakers vulnerable to hackers
- Researchers have discovered that an implantable heart device, a combination of a defibrillator and pacemaker, is vulnerable to hackers. According to a study, authored by researchers at the University of Washington, University of Massachusetts Amherst and Harvard Medical School, hackers could get wireless access to a heart...
- Blog posts 2008-03-12
- What 2.484564472E24 means for internet security
- What 2.484564472E24 means for internet securityYou missed one...4) One time pads. Theoretically unbreakableAs for what 2.484564472E24 means for internet security, you didn't tell us. All you was list 2 common encoding techniques, missed off the most secure one of the lot and then babbled on about language and universal translators.Is...
- Discussion threads 2008-03-06
- Cisco confirms vulnerability in 7921 Wi-Fi IP phone
- Two days after news of the Vocera Wi-Fi VoIP communicator PEAP security bypass vulnerability, I received confirmation from Cisco that their model 7921 Wi-Fi VoIP phone is also vulnerable to the same issue where digital certificates aren't cryptographically verified. Both Cisco and Vocera have told me that they intend to...
- Blog posts 2008-02-23
- Design flaw in wireless VoIP handsets endanger the enterprise
- Update 2/23/2008 - Cisco confirms vulnerability in 7921 Wi-Fi IP phone Security conscious businesses and organizations who implemented 802.1x/EAP enterprise-grade authentication are at risk with certain implementations of wireless LAN VoIP handsets. I have verified that Vocera Communications is one of the vulnerable vendors and I have...
- Blog posts 2008-02-20
- MyPrivacyKey (zip)
- MyPrivacyKey is a suite of software tools that help protect your privacy in the digital form. The software uses industrial strength public-key cryptography to secure your data stored on your hard drive, removable media, transmitted on the Internet, etc. MyPrivacyKey is designed to be portable so that you can carry...
- Software downloads 2008-02-14
- US Government seeks to invest $6 Billion in security by obscurity
- According to the Wall Street Journal this morning the Bush administration is pushing to spend $6 billion on cyber security in one year! They claim that US telecom systems are not adequately protected and that they need to spend this money to protect it. Just one problem, the government is...
- Blog posts 2008-01-28
- Ruckus wireless LAN security method solves usability versus security dilemma
- One of the biggest problems with wireless LAN security standards is the lack of an intermediate solution. Your only choices in securing a wireless LAN were to deploy enterprise grade WPA wireless LAN security which requires RADIUS Remote Authentication Dial In User Service servers in addition to a PKI (Public...
- Blog posts 2008-01-04
- Essentials of Information Security - Security+
- View Available Dates and LocationsNetwork Security I: Policy, Administration, and Firewalls High-profile security breaches have made network access control one of the most important concerns for corporate and government network managers. It is your job to reduce the chance of security breaches. Do you know what attacks intruders use...
- Training 2008-01-01
- CISSP Prep Course
- View Available Dates and LocationsIf you are ready to take your security career to the next level, our Certified Information Systems Security Professional CISSP exam preparation course will help get you there. Get instruction from our experts with real-world experience as you cover all the material you need to be...
- Training 2008-01-01
- Androsa FileProtector (zip)
- Androsa FileProtector is a professional and freeware file encryption software that protects any type of file encrypting completely the content with the most advanced systems of cryptography. Androsa FileProtector allows to put to the sure sensitive file or personal file that do not have to be used/viewed from people not...
- Software downloads 2007-12-18
- 2008: The year of hack the vote?
- The state of Ohio has released a comprehensive study of voting machine security and the report will have you longing for paper. A 334-page PDF report from the Ohio Secretary of State reveals insufficient security, poor implementation of security technology, lax auditing and shoddy ...
- Blog posts 2007-12-17
- P2P Messenger .NET (exe)
- P2P Messenger .NET is secure Instant Messenging client, working by Peer-to-Peer technology. It is fully decentralized and does not require any servers. Supports public-key cryptography. Version 4.0.3 The project now based on Microsoft P2P infrastructure.
- Software downloads 2007-12-14
- CryptoLab (exe)
- CryptoLab is a cryptography application for Microsoft Windows, and incorporates text-based encryption/decryption through the use of plug-in cipher modules. Advanced features include: plug-in cipher modules; advanced pseudo-random key generation; key manager storage utility; full password protection; integrated SMTP e-mail support; PDF, HTML, and Word Document export options; statistics calculator. In...
- Software downloads 2007-12-12
- Sage - not a piece of cake, but powerful and open
- Developed at the University of Washington, with contributions from mathematicians worldwide, Sage is a relatively new open-source tool designed to supplant proprietary mathematical analysis programs like Maple, Matlab, and Mathematica. All of these programs are mainstays of most mathematicians' toolkits, but have recently come under scrutiny because of the...
- Blog posts 2007-12-09
- Overview of Certificates and Cryptographic e-Mail Messaging in Outlook
- The user can help prevent impersonation and tampering of e-mail messages in Microsoft Office Outlook 2007 by using cryptographic features such as S/MIME, digital signatures and encryption. The following introduces the basic terminology of cryptography and explains some of the common methods used. Cryptography is a set of standards and...
- White papers 2007-12-01
- Add or Import a Certificate Into Contacts
- Microsoft Office Outlook uses certificates in cryptographic e-mail messaging to help provide more secure communications. To use cryptography when one sends and receives e-mail messages, the user must first obtain a digital ID from a Certificate Authority CA. Digitally signing a message applies the sender's certificate and public key to...
- White papers 2007-12-01
Neighboring Terms
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
- Learn how collaboration fuels success with this FREE Economist report
-
According to a new study from the Economist, future success belongs to those who collaborate effectively. Learn how successful collaboration can improve profits, problem-solving, and competitive differentiation.
- Visit Cisco's Collaboration Resource Center today!
- Marc Canter: The master of multimedia speaks
-
In this Super Techies interview, larger-than-life techie Marc Canter talks with ZDNet's Editor in Chief Dan Farber about his career as a multimedia pioneer.
- Watch the video >>
- View exclusive resources for Intel Premier IT Professionals
-
Designed specifically to address the concerns of senior IT managers at organizations with more than 100 employees, the Intel Premier IT Professional Program provides best practices via local and e-Seminars and a members-only Web site.
- Sign-up free and access best practices resources >>
The Green Enterprise
-
- A look into the enterprise to explore eco-friendly practices and innovations. In this ZDNet video series learn about what's motivating green tech, and how green technologies are impacting IT. 0:42
-
Harnessing the power of waves
3:13
-
Planting solar gardens
5:06
-
Fill your car for $1.10 a gallon?
1:43
- All series videos »
