When can I consider my personal data secure? - The Tao of Computing

Information Technology Reference

In-Depth Information

coding scheme is straightforward, fast (at least when machines do

the computation), and public. On the other hand, under certain cir

cumstances, the computation of d may be expected to require so

much time that data will remain secure for a long time. 4

With these formula encryption systems, there is always the possi

bility that a new discovery or insight will suddenly allow d to be com

puted easily and quickly from m and e , but this is beyond the capabili

ties of current knowledge. Thus, this approach currently is viewed as

reasonably secure, at least if m and e are chosen carefully. When you

use publickey encryption to store data or to send messages, therefore,

you can have some confidence that your material will be secure for

that storage or transmission. However, before the encryption (before

storage or transmission) or after decoding (when you retrieve your

data from the file or when the message is received), the data still will

be vulnerable, and this can threaten the security of your information.

Unfortunately, even limiting access to accounts and files by

passwords or encryption does not guarantee that data on multiuser

machines will be safe. At least three other types of risks should be

considered:

Programs accessing data may make unintended copies of the

material. An offending program could copy data to another

user's account as it was doing its work for an authorized user.

An intruder then could obtain information by just waiting for

an authorized user to access it. Alternatively, the offending

program could use an Internet connection to transmit your

data to another location. Often, you might expect such of

4 In one popular version of a public key system, developed by Rivest, Shamir, and Adleman, m , e ,

and d are obtained as follows: One starts with two large prime numbers, p and q . Then let

m pq and let L lcm (p 1, q 1), the least common multiple of p 1 and q 1. Then d and

e may be computed by taking any solutions to the equation de 1 mod L . Although such computa

tions are easy once p and q are known, the discovery of p and q is difficult given only n , because the

factoring of very large integers can require a large amount of time and energy. Although further mo

tivation for such work and the reasons this works are beyond the scope of this topic, details may be

found in Davies' Tutorial , already cited, or in the original paper, R. L. Rivest, A. Shamir, and L.

Adleman, “A Method for Obtaining Digital Signatures and PublicKey Cryptosystems,”

Communications of the ACM , Volume 21, Number 2, February 1978, pp. 120-126.

Search WWH ::

Custom Search

Home