Cryptography Reference
In-Depth Information
Cryptography for identity cards
. The Belgian eID card provides a good example
of a technology that makes public-key cryptography widely available for use
by other applications.
Cryptography for home users
. Our last application concerns the potential use
of cryptography for securing everyday home user applications such as file
encryption, disk encryption and email security.
It is important to note that we will not attempt to provide a comprehensive
introduction to these applications, since we are only interested in the role that
cryptography plays in supporting them. In particular, for each application, we
will be exploring:
What are the security requirements
?
What are the application constraints that influence decision-making
?
Which cryptographic primitives are deployed
?
Which cryptographic algorithms and key lengths are supported
?
How is key management conducted
?
Once again we stress that the main reason that these particular applications have
been chosen is illustrative. It is likely that some of the cryptographic decisions
taken for these, and similar, applications will change over time.
At the end of this chapter you should be able to:
• Appreciate the influence of application constraints onmaking decisions about
how to deploy cryptography.
• Compare a number of different application environments and their
cryptographic requirements.
• Recognise the role that cryptography plays in supporting a range of
applications.
• Justify the decisions taken regarding deployment of cryptography in different
application environments.
• Identify appropriate key management techniques for a range of application
environments.
Perhaps one of the highest-profile uses of cryptography, at least to users of the
Internet, is the
Secure Sockets Layer
(SSL) protocol. SSL is one of the three most
important cryptographic protocols for establishing a secure network channel.
The Internet is often modelled as a four-layer
Internet Protocol Suite
. While SSL
operates at the Transport Layer of the Internet Protocol Suite, secure channels can
also be established at the higher Application Layer using the
Secure Shell
(SSH)
