A cryptographic system generally provides two functions:
encryption and decryption.
The encryption function converts data from 'plaintext,' or normal text, into 'ciphertext,' which is incomprehensible to the casual observer. The decryption function reverses this process, restoring the data to its original form. In order to perform either of these functions (i.e. to send or receive an encrypted message), the system's user must have a unique 'key,' a sequence of bits. This key is input to the algorithm to successfully perform the desired conversion. The strength of an encryption scheme is dependent both upon the strength of its algorithm and, often, on the length of the keys used for encryption and decryption. Longer key lengths mean more possible keys for an intruder to try and thus imply greater security. Encryption and decryption are generally performed by a computer with the assistance of hardware and/or software cryptographic products.
Commercial encryption technology has evolved since the popular 'Data Encryption Standard' (DES) was released to the public in 1977 and will continue to do so during the foreseeable future. From a situation then when only private key systems were generally in use, public key systems have become increasingly popular, especially for authentication. Under a more traditional single key system, the same key is used both for encrypting and decrypting the message. Although this is reasonably secure, there is a risk that this key will be intercepted when the parties involved exchange keys. A public key system, however, does not necessitate the exchange of a secret key in the transmission of messages. The sender encrypts the message with the recipient's freely-disclosed, unique public key. The recipient, in turn, uses their unique private key to decrypt the message. It is also possible to encrypt messages with the sender's private key, allowing anyone who knows the sender's public key to decrypt the message.
Public-key cryptography also enables the user to produce a digital signature by encrypting with their private key, which, when decrypted with their public key, provides verification that the message originated from that user. Possible applications for this technology include online financial transactions and business negotiations. The DES (Data Encryption Standard) and RSA (named after its inventors Rivest, Shamir, and Adelman) algorithms are generally considered two of the strongest algorithms on the market. DES is a strong, private-key algorithm developed by IBM and made a standard by the United States government in the late 1970's. RSA, in turn, is the most popular public-key algorithm. It is based on prime number generation, using the fact that it is very difficult to factor the product of two large prime numbers. Encryption hardware and software products incorporating DES and RSA are widely available both domestically and abroad. Over two million instantiations of RSA have been distributed in the United States, in almost every case seamlessly embedded by the vendor. By the end of 1994, this number will rise to five million and by the end of 1995, it will double. PGP (Pretty Good Privacy)(click for details), developed by Philip Zimmerman, incorporates RSA, employs public-key cryptography and puts together strong algorithms for both authentication and message transmission. It now uses a combination of the IDEA (International Data Encryption Algorithm) and MD5 algorithms and can be obtained over the Internet via anonymous FTP.
DES continues to be an important standard for encrypting data, particularly within the U. S. and foreign financial communities. However, the security of DES in the future is worrisome to some scientists, who contend that advances in technology will soon make it possible to reak DES by 'brute force,' using a powerful computer to try every possible combination of keys until the correct key is discovered. DES may no longer be secure. Many industry representatives believe that computer processing power doubles about every 18 months. In order to maintain security, encryption technology should try to keep pace with the increasing power for decryption.
A trend in encryption products, concurrent with the same trend in computer technology in general, is towards increasing miniaturization. For example, in 1988 the primary encryption device manufactured by AT&T weighed seventeen pounds. Now, with the advent of PCMCIA (Personal Computer Memory Card Industry Association) technology, it is widely anticipated that one or more manufacturers will soon release encryption-capable modems the size of a credit card. This process is crucial to creating digital signatures. Coincident with the increase in electronic communications is the need to write one's own signature on both business and personal transactions. At the moment, writing one's own signature requires written messages. Now, however, electronic communications have become so heavily used that many business and personal transactions will flourish between parties who never actually see each other and physically sign no paper; increasingly, digital signatures will be used to provide message authentication.
The growth in the popularity of the Internet has created
a demand for security. Electronic mail users who desire confidentiality
and sender authentication increasingly are demanding encryption.
Some are already using PGP. Others are starting to use Privacy Enhanced
Mail (PEM), an Internet encryption mechanism which was funded by the Advanced
Research Projects Agency of the Defense Department and has recently been
introduced as a commercial product by Trusted Information Systems, Inc.
It uses the DES algorithm for encryption and the RSA algorithm for sender
authentication and key management. Privacy Enhanced Mail also provides
support for nonrepudiation; this allows the third-party recipient of a
forwarded message to verify the identity of the message originator (not
just the message forwarder) and to verify if any of the original text has
been altered. Although PEM is not yet widespread, a number of vendors
are offering it in conjunction with or integrated into their commercial
electronic mail applications and the European Community has adopted PEM
for its PASSWORD project which is part of an attempt to establish a pilot
security infrastructure for network applications for the European research
Click Here to learn how to use RSA & Encrypt Your own message!
Click Here for to learn the history of Cryptology, starting with the Greeks
Here for other Data Encryption Techniques