Here the keys for encryption and decryption differ. There needs to exist a private key, which is only known to the individual, and a public key, which is published. Every person has her or his own private key that is never published. It is used for decrypting only. Mathematically the different keys are linked to each other, still it is nearly impossible to derive the private key from the public one.
For sending a message to someone, one has to look up the other's public key and encrypt the message with it. The keyholder will use his/her private key to decrypt it. While everybody can send a message with the public key, the private key absolutely has to stay secret - and probably will.
"The best system is to use a simple, well understood algorithm which relies on the security of a key rather than the algorithm itself. This means if anybody steals a key, you could just roll another and they have to start all over." (Andrew Carol)
very famous examples for public-key systems are:
· RSA:
The RSA is probably one of the most popular public-key cryptosystems. With the help of RSA, messages can be encrypted, but also digital signatures are provided.
The mathematics behind are supposedly quite easy to understand (see:
· PGP:
PGP is a public key encryption program. Most of all it is used for e-mail encryption.
It is supposed to be quite safe - until now.
· PGPi is simply the international variation of PGP.
for further information about the RSA and other key-systems visit the RSA homepage:
or:
All of those tools, like hash functions, too, can help to enhance security and prevent crime.
They can theoretically, but sometimes they do not, as the example of the published credit card key of France in March 2000 showed.
For more information see:
Still, cryptography can help privacy.
On the other hand cryptography is only one element to assure safe transport of data. It is especially the persons using it who have to pay attention. A key that is told to others or a lost cryptographic key are the end of secrecy.
TEXTBLOCK 1/2 // URL: http://world-information.org/wio/infostructure/100437611776/100438659074
The more so-called security measures are taken the more control and the less freedom is granted. Whereas criminals are flexible in their computer work/digital existence, the average person cannot be. So it is her/him who gets punished with an increase of control.
Of course security can be in favor of the population as well - and this is the case if cryptography is legal so that everyone has access to it to protect his/her data. This one needs for e-commerce, secure payments and transmission of private data, mostly e-mails or access to websites where one needs a password. E-mails are nothing else than postcards, letters without envelopes. Without encryption they are easy to open, read and trace back, even without knowing the password. Rumors that Echelon works with a list of key-words, controlling any e-mail in the world and reacting to words of that list, led to actions like the Jam Eschelon Day, last time held on October 21st, 1999, to confuse the espionage system.
for more information on Jam Eschelon Day see:
But the respect for privacy stands for an essential values in democratic societies.
So, how can it be regarded a governmental risk?
At a conference:
"How many people here fear a greater risk
from government abuses of power
than from criminal activity?"
The majority raised their hands,
one participant shouted "What's the difference?"
(anonymous)
If governments really care for the people and want to fight against cybercriminality they should rather support the work on the latest technologies for encryption than to restrict their access. Or even better: they should not intervene at all - to make sure they do not build in any trapdoors. Though it is already too late for discussion like this one as the trapdoors are already part of most of the key-systems. Rumors about PGP and trapdoors do not help the confidence in cryptology.
for information about the risks of cryptography see:
TEXTBLOCK 2/2 // URL: http://world-information.org/wio/infostructure/100437611776/100438659190
Bruce Schneier is president of Counterpane Systems in Minneapolis. This consulting enterprise specialized in cryptography and computer security. He is the author of the book Applied Cryptography and inventor of the Blowfish and Twofish encryption algorithms.
One of the largest and foremost communications and media conglomerates in the
world. Founded in 1971, the present form of the corporation dates from 1994 when Viacom Inc., which owned radio and television stations and cable television programming services and systems, acquired the entertainment and publishing giant Paramount Communications Inc. and then merged with the video and music retailer Blockbuster Entertainment Corp. Headquarters are in New York City.