Public Key Encryption
Public key encryption is a
cryptographic system that uses two keys—a public key known to everyone and a
secret key known only to the person receiving the message. This system has been
put in place to ensure the privacy of the message being sent both for the
sender and the receiver. There is a lot of debate about allowing government
access in response to preventing criminal activity vs. breech of privacy. It is
important for all users to be aware of the debate, the pros, and the cons.
Either can affect the future of messages sent.
History
In 1976 cryptography was invented
by Whitfield Diffie and Martin Hellman
·
May also be called, “Diffie- Hellman encryption or
·
Asymmetric encryption (uses two keys instead of one)
Encryption is the
translation of data into a secret code. A mathematical process that uses
formulas to scramble information and makes it unreadable to anyone who might
intercept it. Encryption is the most effective way to achieve data security.
To read an encrypted file,
you must have access to a secret key or password that enables you to decrypt
it. Traditional encryption called, secret-key encryption enables the sender to
use a secret key to scramble the message and the receiver uses the same key to
unscramble it. The problem comes when the two individuals must decide on a key
without anyone else knowing what it is. If someone overhears or intercepts the
message and determines what the key is, that individual will be able to decode
the message and use the information to their advantage or change the
information that is being sent.
A safer, more reliable
method is public-key encryption. This gives the users a pair of keys, a public
key and a private key. Each person’s public key is made available on a public
directory (so messages can be sent) but the private key is kept confidential.
This way if a message is intercepted the individual will be unable to decode it
as well as tamper with the message being sent.
Some governments want the
private keys to be stored with a Third Trusted Party, which is called key
escrow. But many do not agree with this. Some believe that this is still a
breech in privacy and may tempt the users to abuse the privilege of being able
to obtain the information confidentially.
“National Security or the empowerment of Big Brother?” This is the
debate in question. If the National Security is given power to implement key
escrow, then the government has the ability to retrieve the receiving key and
decode the message. Key escrow is a policy that the government wishes to
implement, specifically in Europe that would require an individual to deposit
their computer code with a Trusted Third Party and allow the government to have
access to it. Civil liberties are concerned because they look at it as handing
the keys of your house over to strangers so they can rummage through it.
On the other hand, the British
Home Secretary, Jack Straw, says that Key escrow is a matter of national
security. Access to the code in order to crack down on organized criminals who
use the Internet will enable law enforcement to increase arrests and will
hamper criminal activities.
The business view of key escrow:
1.
Strongly opposed to key escrow
2.
Objections from invasion of privacy to lack of confidence in
the system
3.
Business partners would not trust encryption when the key
had been given to someone else
The law enforcement view of key escrow:
1.
Afraid if technology develops unchecked, encryption
technology could become the standard means of criminal activity
2.
Wants law enforcement to have effective tools to tackle
serious crimes
3.
Mandatory key escrow policy of licensed bodies – Trusted
Third Parties – so that law enforcement agencies can retrieve when needed.
The civil Libertarian view of key escrow:
1.
Unworkable, infringement on individual privacy and destined
to stunt the growth of electronic commerce.
2.
Campaigning to break down the technical language of
encryption
3.
Worried about the ease the government would have accessing
the public keys lodged with the Trusted Third Parties.
4.
Could give government too much power and create a temptation
for abuse.
The experts view of key escrow:
1.
Holding of keys by a Trusted Third Party member is unsafe
and an impractical solution
2.
Laws that make public cryptography more expensive will harm
consumers and have an adverse affect on crime prevention
3.
Consumer rights will be jeopardized
Webopedia’s Definition
of PK Encryption (A great site to define any technical words)
Mathematical explanation
of the way encryption works
Public
Key Encryption for Dummies. by Mike Rothman
Terena’s
Guide to Network Resource Tools
Digital
Certificates and Encryption