Databases Reference
In-Depth Information
alphabet from A to Z as 1 to 26. For each letter in the data to be encrypted, add the
secret key (some number in this case) to the letter's numeric value and change the
letter to the letter represented by the new number. For example, if the key is 4, an
A (value 1) becomes an E (since 1
+
4 = 5 and E is the fifth letter of the alphabet),
a B becomes an F, and so on through the alphabet. W wraps around back to the
beginning of the alphabet and becomes an A, X becomes a B, and so forth. The
recipients must know both the algorithm and the secret key so that they can work
the algorithm in reverse and decrypt the data.
Modern encryption techniques typically encrypt data on a bit-by-bit basis
using increasingly long keys and very complex algorithms. Consider the data
communications case. The two major types of data encryption techniques are
symmetric or ''
private key
'' and asymmetric or
''public key'' encryption
.Private
key techniques require the same long bit-by-bit key for encrypting and decrypting
the data (hence the term ''symmetric''). But this has an inherent problem. How
do you inform the receiver of the data of the private key without
the key itself
being compromised en route? If the key itself is stolen, the intercepted data can
be converted once the conversion algorithm is identified. There are only a few
major conversion algorithms; the security is in the key, not in having a great many
different conversion algorithms.
The key transmission problem is avoided using algorithms that employ the
very clever public-key technique. Here there are two different keys: the public
key, which is used for encrypting the data, and the private key, which is used for
decrypting it (hence the term ''asymmetric'').
The public key is not capable of
decrypting the data.
Thus, the public key can be published for all the world to
see. Anyone wanting to send data does so in complete safety by encrypting the
data using the algorithm and the openly published public key. Only the legitimate
receiver can decrypt the data because only the legitimate receiver has the private
key that can decrypt the data with the published public key. The downside of the
public-key technique is that encrypting and decrypting tend to be slower than with
the private-key technique, resulting in slower application transactions when the
public-key technique is used.
A particularly interesting combination of private-key and public-key
encryption is used in
Secure Socket Layer (SSL) technology
on the World
Wide Web. Consider a person at home who wants to buy something from an online
store on the Web. Her PC and its WWW browser are the ''client'' and the online
store's computer is the ''server.'' Both sides want to conduct the secure transaction
using private-key technology because it's faster, but they have the problem that one
side must pick a private key and get it to the other side securely. Here are the basic
steps in SSL:
1. The client contacts the server.
2. The server sends the client its
public key
for its public-key algorithm (you'll
see why in a moment). No one cares if this public key is stolen since it's, well,
public!
3. The client, using a random number generator, creates a ''session key,''
the key
for the private key algorithm
with which the secure transaction (the actual online
shopping) will be conducted once everything is set up. But, as we've described,
the problem now is how the client can securely transmit the session key it
generated to the server, since both must have it to use the faster private-key
algorithm for the actual shopping.
Search WWH ::
Custom Search