Data encryption is the only thing that will secure data transmission.
Confidentiality: Keeps information secret from all but authorized people
Integrity: Can enforce integrity with hashes
Authentication: Provides a way to authenticate entities
Non-repudiation: Prevents a party from denying a previous statement or action
Cryptology in Business
• Increasing concern about the security of data.
• More sophisticated attacks
• Tremendous growth of computer-related fraud and data theft
• Data protection as a business priority
Intrabusiness Security: Privacy, integrity, authorization, and access control.
Interbusienss ...view middle of the document...
Defacto standard today.
RC2: Designed by Ronald Rivest
RC4: Used in Internet browsers
Symmetric Key Principles
• The same key encrypts and decrypts
• Symmetric Algorithms can be fast and are well suited to encrypting lots of data
• They are often used once and then discarded
Asymmetric Key Principle
Any data encrypted by a Public Key can be decrypted only by the corresponding Private Key.
Asymmetric Key Crypto Standards
Rivest, Shamir, and Adleman
(RSA) encryption algorithm Considered by many as the standard for encryption.
Diffie-Hellman Key Exchange An early key exchange design
El Gamal encryption algorithm An extension of Diffie-Hellman
Elliptic Curve Cryptography (ECC) Used for compact design
Public Key Infrastructure (PKI) Terms
• Access Control
• Certification authority (CA)
• Registration authority (RA)
• Certificates and policies
Secure Sockets Layer (SSL)
• Ad-hoc secure communications are basis of Internet e-commerce.
• One of the most frequently used forms of cryptography today.
• With an asymmetric key, ad-hoc communications are straight forward.
• SSL is one of the most commonly used cryptographic protocols for managing secure communication between a client and server over the Web.