74 3.3 RSA: public and private key
3.3
RSA: public and private key
We now have a better idea about how the public-private system works. It is
based on a technique patented by Diffie-Hellman in 1974 and formatted
into architecture by Rivest, Shamir, and Adelman (RSA Data Security,
Inc.). You can find more information at http://www.rsa.com and http://
www.verisign.com.
One example of the RSA implementation is PGP (Pretty Good Privacy).
Philip Zimmermann originally created PGP. Zimmermann was the first
person to make military-grade cryptography available to the general public.
PGP can be used to send encrypted messages via most any e-mail system.
All that is needed is software available from http://www.pgp.com and the
public key of the party to whom you want to send an encrypted message.
There are several methods to encrypt messages. One standard is S/
MIME. There are also secret key systems and other systems to encrypt data
as it travels from one location to another.
One process that can be used from a byproduct of public-private keys is
"digital signatures." Digital signatures can be used to authenticate messages
and prevent forgeries and/or tampering.
Following are encryption techniques that you will need to be familiar
with:
DES~the U.S. government's data encryption standard, a cipher that
operates on 64-bit blocks of data using a 56-bit key. IBM developed
DES under contract to NIST (National Institute of Standards and
Technology).
Triple DES~a cipher like DES that operates on 64-bit data blocks.
The difference is that Triple DES uses the basic DES cipher three times.
RC2~a variable-key-size symmetric block cipher that can serve as a
replacement for DES.
RC4~a variable-key-size symmetric stream cipher known for being
faster than DES.
PEM~the Internet privacy-enhanced mail standard. PEM includes
encryption authentication and key management. The details of PEM
can be found in Internet RFCs (Requests for Comments) 1421
through 1424.
S/MIME (Secure/Multipurpose Internet Mail Extensions)~provides
a method to send and receive secure MIME messages. S/MIME is

Get Internet Security now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.