Euthentication and Ecryption from the book ISBN 0-7821-2916-1

The framework that provides services like encryption and signing is known as Public Key Infrastructure.

	Different names: Security tokens, Smart cards (with CPU), PKI cards, Smartcard PKI, mobile PKI (different standards between the banks, telecom and computer industry).
	PKI (Public key infrastructure) sold/used by companies like Netware and Novell.
	Function for a digital signature, stores certificates and secret keys.
	Based on one public key to encrypt and one private (secret) key to decrypt data. Anyone with your public key can encrypt data and send it to you. Only you can decrypt the data since you have the private key.
	Using a PKI card is an easy way to store passwords and keys (a problem today is that users set easily guessed passwords and forget them also).
	The KEY is the key to decrypt data which has been encrypted.
	The Hash value of a document is sent to the card, here it will be signed (really encrypted) by the cards secret key.
	Smartcards can also have radio communication, so in the future you might just leave your access card around your neck.
	Smartcards is a safer way of keeping certificates for accessing your bank account without leaving them on different computers.
	1 standard for a whole country; you get a PKI card as a citicen of the country you have a passport in. Finland and Denmark have this type of card already and can use this as a passport within EU. The rest of Europe is getting a standard also (www.europepki.org).
	Smart cards store their data encrypted, not open as on an ATM (automatic teller machine) card with a magnetic strip.

Why would you need it?

When you send a message to your bank, the bank wants to know if it's really you who is mailing them. You might want to sign for a loan on a house or a new car and instead of sending the signed papers with the normal mail, you send it with an e-mail and your digital signature over the internet. Telenor (a Norwegian telecom company) and others have integrated PKI technology within the SIM cards in mobile phones, this to enable secure transaction when you use your phone to pay for services. In Estland you pay for the bus-ride by using your mobile phone.

Different methods of Encryption:

Stream Cipher (Symmetric): Each bit is sequentially encrypted. One bit of data being combined with one bit of the key. The key can be a fixed length key, or a key that varies in length or a key that varies randomly for every bit of data. Continually varying the encryption key is called a "one-time pad" and would not generate any repeating patterns and could be impossible to crack.

Block Cipher (Symmetric): A block of a specific size is being encrypted using a specific size key. DES (Data encryption standard) specifies that encrypted data should be processed in 64-bit blocks using a 56-bit key.

Public/Private Crypto Keys (Asymmetric/Symmetric) : The need for sender and receiver to share keys via a secure channel is eliminated. Diffie and Hellman introduced this type of key in 1975. The British Secret Service invented it 5 years before, but kept it a military secret until recently.

There is a relationship between these:

	Algorithm
	Key
	Original data
	Cipher text

If you know any of these 3, you can determine the fourth.

Back to start