Internet shoppers this past holiday season spent an estimated $2.35 billion online, according to The Commerce Threshold, published by Forrester Research. Forrester predicts that global Internet sales will reach $3.2 trillion in 2003 if businesses and government cooperate to develop electronic commerce.

With all this money changing hands, concern turns to transaction security. Unless consumers are assured of security and privacy, Internet transactions will not become mainstream.

For many vendors and Web-site operators, the primary concern is the confidence that their site will not be vandalized by crackers or used as a gateway to break into their local area networks.

According to the Clinton administration's 1997 report, "A Framework for Global Electronic Commerce," there are five basic principles of information security: privacy, integrity, authenticity, confidentiality and nonrepudiation.

Privacy involves keeping transaction information between agency and consumer. Integrity is a guarantee that the message is not altered, erased or intercepted by a third party. Authentication lets both sender and receiver know they're dealing with whom they think they're dealing with. Nonrepudiation ensures that parties involved can't deny that they actually sent the transmission.


Cryptography enables confidential information to be transmitted across unsecured networks without the risk of interception or tampering, essentially by putting the data into code. The receiver has a secret key used to decrypt the message. Only those having the correct key can decode the document.

It may be foolproof, but not expert-proof. Unauthorized users may decrypt a message by figuring out the key themselves. One way is to find a pattern that can be used to reconstruct the original message or the key used to encrypt it. Another is a full-frontal assault in which crackers try to break the code by guessing millions of possible keys until the right one is found. A fast computer is capable of trying millions of guesses in seconds, but the process is still no walk in the park.

In symmetrical encryption, the same secret key is used to both encrypt and decrypt a message. Symmetric algorithms present problems for users who have never met or exchanged keys.

Public Key Cryptography

Public key cryptography is also known as asymmetric cryptography. Keys come in pairs. One key is public, widely available. The other, private key is a closely guarded secret.

To send a secure message, one looks up the recipient's public key and uses it to encrypt the message. The message then can be sent over an unsecured channel without fear of interception. The private key is necessary to decode it. The advantage of public key encryption is that no arrangements need to be made in advance.

Digital Signatures

Another benefit of public key cryptography is that it allows users to create digital signatures. Digital signatures are a reversal of the public key encryption/decryption scheme. A digest of the text is encrypted and sent with the text message.

A "message digest function," or "one-way hash," takes a plain text message and transforms it into something that looks random. Message digest functions generate short, fixed-length values known as "hashes." The hash is much shorter than the original message. There is no known way to create two different messages that generate the same hash. The recipient decrypts the signature and recomputes the digest from the received text. If the two digests match, the message is authenticated, verifying that the text has not been altered in transit. Messages encrypted using an individual's

private key can only be deciphered with the public key.

Both symmetric and public key cryptography provide integrity-checking. If a message is modified in transit, either because of a communication error or deliberate intervention, the message won't decrypt correctly.

Digital Envelopes

While public key encryption systems seem ideal for the Internet, they