74 3.3 RSA: public and private key
3.3
RSA: public and private key
We now have a better idea about how the public-private system works. It is
based on a technique patented by Diffie-Hellman in 1974 and formatted
into architecture by Rivest, Shamir, and Adelman (RSA Data Security,
Inc.). You can find more information at http://www.rsa.com and http://
www.verisign.com.
One example of the RSA implementation is PGP (Pretty Good Privacy).
Philip Zimmermann originally created PGP. Zimmermann was the first
person to make military-grade cryptography available to the general public.
PGP can be used to send encrypted messages via most any e-mail system.
All that is needed is software available from http://www.pgp.com and the
public key of the party to whom you want to send an encrypted message.
There are several methods to encrypt messages. One standard is S/
MIME. There are also secret key systems and other systems to encrypt data
as it travels from one location to another.
One process that can be used from a byproduct of public-private keys is
"digital signatures." Digital signatures can be used to authenticate messages
and prevent forgeries and/or tampering.
Following are encryption techniques that you will need to be familiar
with:
• DES~the U.S. government's data encryption standard, a cipher that
operates on 64-bit blocks of data using a 56-bit key. IBM developed
DES under contract to NIST (National Institute of Standards and
Technology).
• Triple DES~a cipher like DES that operates on 64-bit data blocks.
The difference is that Triple DES uses the basic DES cipher three times.
• RC2~a variable-key-size symmetric block cipher that can serve as a
replacement for DES.
• RC4~a variable-key-size symmetric stream cipher known for being
faster than DES.
• PEM~the Internet privacy-enhanced mail standard. PEM includes
encryption authentication and key management. The details of PEM
can be found in Internet RFCs (Requests for Comments) 1421
through 1424.
• S/MIME (Secure/Multipurpose Internet Mail Extensions)~provides
a method to send and receive secure MIME messages. S/MIME is
Get Internet Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
