Not since World War II has encryption received so much attention. Germany, during that time, had some of the most able scientists and cryptographers, but the Allies cracked Germany's submarine codes and discovered valuable information on Germany's strategic plans.
Today, encryption has become an important key in securing computer data from prying eyes. Users can encrypt files that contain sensitive data and protect them from theft or access by unauthorized co-workers or network hackers. Information traveling between computers goes through numerous routes, systems and servers. A hacker can intercept message packets in transit and attempt to reconstruct your message before it reaches its destination.
Computer data security concerns are similar to those of any confidential communication. The reality is that the Internet is no more insecure than any other medium of commerce, such as bank, postal or telephone credit card transactions. But Internet security concerns cannot be overstated either, because computerized tools such as network "sniffers" are employed by hackers to sort, filter and intercept sensitive information from a network.
Many of the newer versions of popular applications -- Microsoft Word, Excel, Corel WordPerfect and others -- already provide encryption. Many experts predict that encryption will soon become an integral part of any application.
While these applications feature less secure algorithms, their encryption is sufficient for most needs. Inexpensive but very effective software programs such as Symantec's Norton DiskLock, Pretty Good Privacy and Netscape Communicator 4.0 provide an excellent way for users to test encryption.
Asymmetric or Symmetric Keys
While the technical details of cryptography are very complicated, the concept is rather simple. Basically, encryption is the scrambling and altering of data until it is no longer readable by anyone who does not have the proper decryption key.
Cryptographers have developed various methods to perform this task. The asymmetric method, also called public-key cryptography, requires two keys -- one to encrypt, and the other to decrypt a message. The user's public key is freely distributable to anyone through several key servers on the Internet. These servers act as public-key white pages.
For example, say Joe wants to send Mary some secure files or messages. To do so, he must request and receive Mary's public key via e-mail or look for it in a public-key server and use that key to encrypt the files. When Mary receives the message, she uses her private key to decrypt the message, which was encrypted with her public key. The security of this system resides in the combination of the two keys; if the keys don't match, the file or message can't be viewed.
Similarly, Mary uses Joe's public key to encrypt her reply before sending it. To assure Joe that she sent the answer and that it was not forged, Mary signs this message with her private key, which generates a digital signature block that Joe can verify using Mary's public key.
Digital certificate authorities issue digital signatures and verify the user's identity much the same way a DMV verifies an identity and issues a driver's license.
Symmetric cryptography uses a single key to encrypt and decrypt messages. Its weakness is that, to transmit an encoded message, users must also send the private key, which means a secure distribution route is needed.
Key Bit Rate
No matter how securely the doors are locked, a persistent intruder can find a way through. While no encryption program is 100 percent uncrackable, most intruders lack the time or skill to bypass or dismantle such security tools.
One primary indicator of encryption strength is the key's bit rate, which is the number of bits in a key. A bit is a single digit in a binary number -- either 0 or 1. The amount of time required to decode depends on the length of