At its most basic definition, cryptography is the process by which
data or information is made secure. The use of encryption has been
around for centuries, maybe even thousands of years, and was made useful
during wartime and when sensitive information needed to be passed from
one person to another. The most common form of encryption is often a
scrambling of plain text in which a cipher or key is used to obtain the
encrypted information. Encryption encompasses several aspects that must
be maintained in the process.
The process must maintain confidentiality, integrity,
non-repudiation, and authentication. These are all extremely important
in the world of business, technology, and science where secure
information is of the utmost importance. Not to mention the protection
of personal information while using and surfing the internet.
A protocol is used when encrypting data. Some of the more common ones
are CIPE and SSL. CIPE has been developed mainly for Linux users and
works by wrapping the encrypted IP information in an encrypted datagram
(UPD packet). Data is encrypted using 128-bit keys and is then sent over
the networks to be decrypted by the receiving machine. Although CIPE is
a Linux system there are drivers available for Windows platforms as
well.
As most Internet users know, SSL, or secure sockets layer, is a data
encryption protocol used primarily over the Internet; SSL is now
referred to as Transport Layer Security. In SSL or TLS, encryption uses
certificates from the server to validate encryption. Only the server is
authenticated while the browser or end user are left unauthenticated or
anonymous. The locked icon in the browser, however, is not dependent
upon the URL or DNS; it is a shortcoming of the PKI not the SSL or TLS.
Cryptographic hashing is used as well as symmetric ciphers like RC4,
Triple DES, and Camellia. Most commonly TLS is found on HTTP and FTP
servers but can be used for internal networks and remote access.
Aucun commentaire:
Enregistrer un commentaire