With the increase of digital communications and transactions, a stronger level of security is required to protect the user and their data transactions. Systems, servers, personal computers, mobile devices, tokens and smart cards are all being used ubiquitously to view protected communications. With the influx of data management, there is an ever-apparent contest between the two adversaries in the game of Information Security: the developers and the hackers. PKI was designed to leverage the Internet infrastructure for communications (CITE Samuelle 2009). While minimizing hostile exploitation of data, decreasing data theft, and providing an additional layer of trust through keys pairs and digital certificates, PKI is used to verify the identity of the user and the authenticity of the data.
A Public Key Infrastructure is not a single device or entity; it is a compilation of technology, infrastructure, and practices that enables large scale use of public key cryptography to provide authenticity, confidentiality, integrity, and non-repudiation services (CITE). The word cryptography is derived from the Greek word “kryptos”(CITE), which means hidden. It is the technique in which a cryptographic algorithm is used to take the original plaintext information and then make it unreadable to everyone except for those it was initially intended for by scrambling it into ciphertext. This is known as encryption, and the process that unscrambles the message to make it readable again is called decryption. The National Security Agency (NSA) even defines cryptography as the science and art of making codes and ciphers(CITE NSA 2009). In cryptography, a key or code is used to scramble the message which results in a cipher.
Cryptography has not alw...
... middle of paper ...
...rce. (2007, Sept 18). Public Key Infrastructures - Federal PKI. Retrieved Sept 15, 2009, from NIST-Computer Security Division: http://csrc.nist.gov/groups/ST/crypto_apps_infra/pki/index.html
NIST. (2009). Federal Information Processing Standard (FIPS) Publication 186-3, Digital Signature Standard (DSS). Washington, D.C.: Department of Commerce.
NSA. (2009, 01 12). Frequently Asked Questions Terms and Acronyms - NSA/CSS:. Retrieved 10 11, 2009, from National Security Agency: http://www.nsa.gov/about/faqs/terms_acronyms.shtml
US-CERT. (2008, 12 31). Vulnerability Note VU#836068. Retrieved 10 12, 2009, from US-CERT: http://www.kb.cert.org/vuls/id/836068
VeriSign, Inc. (2009). National PKI: The foundation of trust in government programs (A White Paper). Retrieved Sept 15, 2009, from VeriSign White Paper: http://www.verisign.com/static/national-pki-government-trust.pdf
Created by Philip Zimmermann in 1991, this program has been widely used throughout the global computer community to protect the confidentiality and integrity of the users’ data, giving them the privacy of delivering messages and files only to their intended individual or authorized person (Singh, 2012). Not only being useful for individuals as a privacy-ensuring program, it has also been used in many corporations to protect their company’s data from falling into the wrong hands (Rouse, 2005).
PKC is the enabling technology for all Internet security and the increasing use of digital signatures, which are replacing traditional signatures in many contexts. However, RSA is better than PKC because RSA doesn’t need digital signature. As a result, the RSA algorithm turned out to be a perfect fit for the implementation of a practical public security system. In 1977, Martin Gardner first introduced the RSA system. After 5 years, company RSA used secure electronic security products. Nowadays many credit companies of all over the world use the RSA system or a similar system based on the RSA system.
The RSA cryptosystem, imagined by Ron Rivest, Adi Shamir, and Len Adleman , was pitched in the August 1977 issue of Scientic American. The cryptosystem is generally ordinarily utilized for giving security and guaranteeing legitimacy of advanced information. Nowadays RSA is sent in numerous business frameworks. It is utilized by web servers and programs to secure web traffic, it is used to guarantee security and legitimacy of Email, it is utilized to secure remote login sessions, and it is at the heart of electronic Visa installment frameworks. In short, RSA is much of the time utilized within provisions where security of advanced information is a worry.
RSA is the encryption and network security division of EMC, assisting top organizations to solve complex IT security challenges. RSA’s products and mission consist of a combinations of business-critical controls, encryption, and tokenization to secure access to organizations IS infrastructure. The Security Division offers a wide range of two-factor authentication solutions to help organizations assure user identities and meet regulatory compliance requirements. The authentication keys come in a variety of forms such as hardware and software authenticators that can be applied to a range of computer devices.
Digital Privacy." http://rescomp.stanford.edu/~pweston/privacy.html. December 1995. Froomkin, A. Michael. "The Metaphor is the Key: Cryptography, The Clipper Chip, and the Constitution."
The Web. 4 Dec. 2013. Calamur, Krishnadev. A.P.S. & B.A.S. 5 Things To Know About The NSA's Surveillance Activities. NPR.com - "The New York Times" NPR, n.d. -
Data encryption refers to the process of transforming electronic information into a scrambled form that can only be read by someone who knows how to translate the code. In nowadays business world, it’s the easiest and most practical way to secure the information that we stored and processed, and it’s significant for our sensitive information. For example, as electronic commerce is popular now, the vendors and retailers must protect the customers’ personal information from hackers or competitors. They also have many business files or contracts that need to be strictly protected. Without data encryption, these important information may fall into wrong hands and be misused by others. Besides, data encryption may be used to secure sensitive information that exists on company networks, or create digital signatures, and help to authorize in business. No one should underestimate the importance of encryption. A little mistake in encryption may make sensitive information revealing, or even result in illegal and criminal accuse.
Computer science is a vast field that includes nearly everything relating to computers. Everyday there is information transmitted all over the Internet. Pictures are uploaded, transactions are made on thousands of online retail websites, and banking transactions take place everyday on the Internet. All of these transactions have created a need for secure communications. People wish to keep things like banking, medical, and political information from the eyes of unwelcome parties. This has created a need for cryptography. Cryptography is the science or study of the techniques of secret writing, especially code and cipher systems, and is used by everyone from the average citizen to the government and military.
Despite the numerous advantages offered by cloud computing, security is a big issue concerned with cloud computing. There are various security issues and concerns associated with cloud computing, among them being phishing, data loss and data privacy. There are different mitigation measures that cloud pioneers are currently using to ensure data stored in the cloud remain secure and confidential as intended. Encryption is one mitigation method used to ensure security in cloud computing. According to Krutz and Vines (2010), encryption involves coding of the data stored in the computing cloud such that hackers cannot gain access to the data. Data encryption seems to be the most effective method of ensuring security in computing (Krutz and Vines, 2010). However, it is of paramount importance to note that encrypted data is usually difficult to search or perform various calculations on it.
Modern encryption systems are obtained from one of two basic systems: symmetric key (sometimes called shared key) systems, and asymmetric key (often called public key) systems. An encryption process the sender and receiver share a single and common key that is used to encrypt and decrypt the message, then is called as symmetric key systems. Symmetric-key systems are simpler and faster, but their main drawback is th...
The usage of information systems within daily business and personal affairs for the transmission of confidential or even personal identifiable information, requires the usage of such as cryptography technology to secure the information. Three major forms of cryptography for digital transmission and data storage are hybrid, asymmetric, and symmetric cryptography algorithms, that provide security to protect the integrity, confidentiality, reliability, and authenticity of data transmissions and storage. (Rouse, 2008) However, each technology possesses individual traits and characteristics best suited for types of data transmission and storage. As symmetric key uses two identical keys for transmission and decryption, asymmetric employs a private
United States Executive Office of the President. (2009). Cyber space policy review: Assuring a Trusted and Resilient Information and Communications Infrastructure. (pp. 1-38). Retrieved from http://www.whitehouse.gov/assets/documents/Cyberspace_Policy_Review_final.pdf
" Detangling the web: a screenshot of U.S. government cyber activity." Joint Force Quarterly July 2015: 75+. War and Terrorism Collection. Web.
In this era when the Internet provides essential communication between tens of millions of people and is being increasingly used as a tool for security becomes a tremendously important issue to deal with, So it is important to deal with it. There are many aspects to security and many applications, ranging from secure commerce and payments to private communications and protecting passwords. One essential aspect for secure communications is that of cryptography. But it is important to note that while cryptography is necessary for secure communications, it is not by itself sufficient. Cryptography is the science of writing in secret code and is an ancient art; In the old age people use to send encoded message which can be understand by the receiver only who know the symbolic and relative meaning of that encoded message .The first documented use of cryptography in writing dates back to circa 1900 B.C. Egyptian scribe used non-standard hieroglyphs in an inscription. After writing was invented cryptography appeared spontaneously with applications ranging from diplomatic missives to war-time battle plans. It is no surprise, then, that new forms of cryptography came soon after the widespread development of computer communications. In telecommunications and data cryptography is necessary when communicating in any untrusted medium, which includes any network, particularly the Internet [1].Within the context of any application-to-application communication, there are some security requirements, including:
Cryptography is an interesting field in the world of computer security. This has been boosted by the increase in computer attacks emanating from the Internet. With large and confidential data being transferred over the Internet, its security must be addressed. It is because of this that encryption techniques are continually evolving. With computer hackers being IT experts who are hungry to get at personal data on the Internet, IT security experts have also made sure that they come up with products to combat and stay ahead of the hackers.