Digital Security, Part II

Abstract

By now, you have probably bought into the idea of using the Internet for e-mail, database searching, and surfing the World Wide Web. You may have even purchased items online and may subscribe to a journal or two in digital form. But is the Internet secure? If you don't know about security technology, the answer is no. If you read a little further, it could easily be yes. All items sent by e-mail without encryption are publicly accessible documents. Systems administrators can easily view all your outgoing and incoming mail without any prior approval. In fact, this information can be used against you in a court of law should you be subpoenaed. As seen in the recent Microsoft trial, Bill Gates' “private” e-mail messages are providing useful fodder for the prosecution. If you want to keep your e-mail messages from prying eyes, you must encrypt the messages before sending them. The message recipient must then be able to decrypt the message to restore it to readable form. Encryption of e-mail can be done either by symmetric key or asymmetric key encoding. In the first case, the sender and recipient both use the same key to scramble and unscramble the message. By a simple analogy, say the message is simply the number “7.” If the key is the product of the original message content and the number “3,” then the scrambled message is “21.” If the cipher text “21” is sent to someone who has the key, then the original message “7” can be decrypted. Symmetric key cryptography can be used for complex documents, but the sender and recipient must first exchange the shared key. The problem of exchanging the key safely makes symmetric cryptography difficult to use on the Web. Asymmetric cryptography (also called public key cryptography) is the system that you will most likely use to send secure e-mail. It is, for example, the technology behind Pretty Good Privacy (PGP), a commonly used commercial product for securing files and e-mail. Public key encryption works by taking advantage of special mathematical formulas in which the forward and reverse encoding can be performed by different keys. One key is called the private key and is used only by the owner of the key. Private keys are never distributed. The other key, called the public key, can be used by anyone. In fact, the public key is usually published in a Web directory for anyone to obtain and use. Asymmetric keys have many uses, from sending secure documents by e-mail between two users to enabling entire companies to interact with remote sales operations. As an example, say that person A wants to send a secure document to person B. First, both A and B obtain a pair of keys, one private and one public. Each could then publish their public keys or exchange them via the Web. Person A uses B's public key to encrypt the document and then sends the cipher text to B. When B receives the message, she uses her private key to decrypt it. Because B is the only one who has her private key, the document cannot be read by anyone else during Web transit. If the document were to be intercepted, only a scrambled message could be viewed. Even this scheme is too simple for most situations that arise on the Web where A may not even know B. Also, because Web identitites do not include faces or voices, how would A know that B's public key is really from B? An imposter can set up a Web site and distribute a false B public key. In practice, the public key is usually turned over to a third party, called a certificate authority, before it is distributed. The certificate authority must authenticate the identity of the user behind the public key. The resulting key is modified and is called a digital certificate. For the highest security, this could mean that the user must present the key to a registered professional in person for notarization. In next month's column, we will explain how to acquire and use a digital certificate with today's browsers.