O'Reilly logo

Oracle Security by Marlene Theriault, William Heney

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Ways to Authenticate Users

As we said in the previous section, keys are actually parameters you reference when you run your program (algorithm) to either encrypt or decrypt a message or a piece of data. Keys were first used with algorithms to enable people to communicate electronically in a more private manner. Originally, the same algorithm was used to both encrypt and decrypt a message. But that approach often proved vulnerable to the sophisticated computer programs hackers wrote to break the encrypted messages. By necessity, keys have had to become more complex, and their use and protection more secure. Different approaches have been used to try to ensure that encrypted material cannot be decrypted by anyone other than the intended receiver. This section describes some of these approaches.

Private Keys

One way for two people who want to communicate privately with each other to do so is for them to ensure that they each have a copy of the same key, referred to as a private key, which they use for both encryption and decryption of their message. But to use this approach, they need to find a way to exchange the key information so no one else can get the key.

If Mary and Ralph want to communicate, they will each need a copy of a key to encrypt and decrypt their messages. Let’s say that Ralph and Ed also want to communicate privately. They will need a different key so that Mary cannot read their messages. Now Ralph needs to maintain, protect, and track two different keys — one for ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required