Cryptography Reference
In-Depth Information
• How can we be sure that nobody else can read an email that we have just sent
to a colleague?
• How can we accept an electronic contract received by email from a client on
the other side of the world?
Without the adoption of some information security mechanisms, the answer to all
of these questions is probably 'with great difficulty'. While even a non-expert may
notice that a physical envelope has a damaged seal (and hence get suspicious), it is
almost impossible to recognise whether an unprotected email has been accessed
by an unauthorised party. It is certainly possible to communicate much more
easily in this modern office, but there is a real case for claiming that we have much
less inherent security in this environment than in the strictly physical world of
the old office.
1.1.3
Differing perspectives
It should already be clear that there is a need for translation of the basic security
mechanisms used in the physical world into mechanisms suitable for application
in an electronic environment. In essence, this is what modern cryptography
is all about. A central aim of this topic is to demonstrate precisely what role
cryptography plays in this translation process.
If this topic was just about cryptography itself, then we could immediately
proceed to a discussion of cryptographic mechanisms. However, this topic is not
just about the principles, but also the
application
of cryptography. We thus need
to understand in a wider sense how cryptography fulfils a role in the provision of
information security.
We now identify three different perspectives on the use of cryptography. The
vested interests that these represent have helped to shape the modern use of
cryptography.
INDIVIDUAL PERSPECTIVE
Cryptography is a technology just like any other. Thus the perspective of many
individuals is that they have a right to use cryptography for any purpose that
they deem fit. As we later discuss, using cryptography to encrypt data can serve
a similar function to sealing a document in an envelope in the physical world.
Thus, why should individuals be denied the right to use encryption? Further,
many people regard cryptography as a technology that enables them to realise
other rights. Foremost amongst these are rights to privacy and freedom of
expression.
BUSINESS PERSPECTIVE
For businesses, computer networks, especially open networks such as the
Internet, provide both great opportunities and significant risks. From a business
perspective, cryptography is a technology that can be used in order to implement
