Chapter 11. Cryptography and the Web
Encryption is the fundamental technology that protects information as it travels over the Internet. Although strong host security can prevent people from breaking into your computer—or at least prevent them from doing much damage once they have broken in—there is no way to safely transport the information that resides on your computer to another computer over a public network without using encryption.
But as the last chapter explained, there is not merely one cryptographic technology: there are many of them, each addressing a different need. In some cases, the differences between encryption systems represent technical differences—after all, no one solution can answer every problem. Other times, the differences are the result of restrictions resulting from patents or trade secrets. And finally, restrictions on cryptography sometimes result from political decisions.
Cryptography and Web Security
Security professionals have identified four keywords that are used to describe all of the different functions that encryption plays in modern information systems. The different functions are these:
- Confidentiality
Encryption is used to scramble information sent over the Internet and stored on servers so that eavesdroppers cannot access the data’s content. Some people call this quality “privacy,” but most professionals reserve that word to refer to the protection of personal information (whether confidential or not) from aggregation and improper use.
- Authentication ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access