Information Technology Reference
In-Depth Information
Other Encryption Methods
Data Encryption Standard (DES) is an early data encryption standard developed in the 1970s
that uses a 56-bit private key algorithm. Today's computers can crack the DES code in a
matter of minutes. 42 As a result, the Triple-DES algorithm was developed. This algorithm
encrypts the data with one 56-bit key and then encrypts it a second time with a different
56-bit key. The result is encrypted a third time using the original 56-bit key. 43
State and federal regulatory requirements do not allow banks to use wireless communi-
cations without an approved encryption system to protect communications. ERF Wireless
is a communications service provider whose broadband wireless service called BankNet meets
these requirements for several financial institutions in Texas, Missouri, and Louisiana. The
system is based on use of Triple-DES encryption and can transmit data at 10 Mbps. 44
Advanced Encryption Standard (AES) is an extremely strong data encryption standard
sponsored by the National Institute of Standards and Technology based on a key size of 128
bits, 192 bits, or 256 bits. It replaces DES and can encrypt data much faster than Triple-
DES. It is used to send and receive unclassified material by U.S. government agencies and
may eventually become the encryption standard for commercial transactions in the private
sector. If a computer could crack a DES key in one second, it would take that machine
approximately 149 trillion years to crack a 128-bit AES key. To put that into perspective,
the universe is believed to be less than 20 billion years old.
Encryption for the U.S. military and other classified communications is handled by other
secret algorithms.
Data Encryption Standard
(DES)
An early data encryption standard
developed in the 1970s that uses a
56-bit private key algorithm.
Advanced Encryption Standard
(AES)
An extremely strong data encryption
standard sponsored by the National
Institute of Standards and Technol-
ogy based on a key size of 128 bits,
192 bits, or 256 bits.
Virtual Private Network (VPN)
The use of a virtual private network is another means used to secure the transmission of
communications. A virtual private network (VPN) is a private network that uses a public
network (usually the Internet) to connect multiple remote locations. A VPN provides net-
work connectivity over a potentially long physical distance and thus can be considered a form
of wide area network. VPNs support secure, encrypted connections between a company's
private network and remote users through a third-party service provider. Telecommuters,
salespeople, and frequent travelers find the use of a VPN to be a safe, reliable, low-cost way
to connect to the corporate intranet.
ROI, the Dutch Institute for Public Administration, provides training programs for gov-
ernment agencies. Each year its 400-plus employees train thousands of civil servants in the
Netherlands and throughout Europe. Much of the information customers share with ROI
is highly confidential so that IT security is critical. The bulk of ROI employees do not work
at the headquarters in The Hague. To access data stored there, they use a VPN to commu-
nicate with each other and to share customer information confidentially. 45
Often users are provided with a security token that displays a constantly changing pass-
word to log onto the VPN. This solution avoids the problem of users forgetting their pass-
word while providing added security through use of a password constantly changing every
30-60 seconds. Technological and Commercial joint-stock Bank (Techcombank) is one of
Vietnam's largest and fastest growing banks with 110 branches and offices in 20 provinces
and cities. Over 100,000 customers access its services online via a secure Web site. The
customer's identity is verified using two parameters: the customer-created password and a
one-time six-digit secure password generated by an RSA SecurID security token. This two-
factor security solution is considered to be an extremely secure and strong approach to
Internet banking consistent with global best practices. 46
virtual private network (VPN)
A private network that uses a public
network (usually the Internet) to
connect multiple remote locations.
TELECOMMUNICATIONS SERVICES AND NETWORK
APPLICATIONS
Telecommunications and networks are a vital part of today's information systems. In fact, it
is hard to imagine how organizations could function without them. For example, when a
 
Search WWH ::




Custom Search