A Beginners Guide To Cryptography In Network Security
If you take a close look at the meaning behind the key word in the phrase cryptography in network security, you will have a good idea of what is meant by the term. Crypto means secret and graphy refers to writing. Cryptography is, therefore, the practice of secret or hidden writing.
While cryptography online is relatively new, actually developed and used in the mid part of the 1990s, it has been used by humans since very early times. Early ciphers used letter replacements or substitutions or other types of "codes" where the sender and the receiver had the "key" to the code.
These early letters may have been carried by hand, but they were still illegible to anyone intercepting the letter. Instead of something that could be read all they would see is a jumble of letters, numbers or symbols unless they had the "key" to unravel and reveal the message in the code.
Today's cryptography in network security is a lot more complex in use, but it is really still the same basics. To understand how this works, let's take a closer look at the basis of cryptography, the use of Public Key Infrastructure.
Public Key Infrastructure is not a specific software, hardware or combination of tangible and discrete applications. Instead, it is a framework for providing integrity, authentication, non-repudiation, confidentially and access control to information sent over the internet and through a network.
This is completed through specific types of components. One is a digital certificate or SSL certificate that is provided by a Certificate Authority. A Certificate Authority is a trust provider who is recognized by browser designers and device manufacturers as a trusted source for validating and verifying applications for the SSL/TLS products.
All SSL products are validated to a specific level. This level is basic as the domain validation level and much more complex and demanding at the extended validation or EV level. The Certificate Authority has to provide validation to the AICPA/CICA WebTrust for Certification Authorities Principles and Criteria and must submit to audits to prove they are following these guidelines and their own written policies.
Along with the certificates, cryptography in network security required the use of two keys, one which is a public key and one which is private. The private key is never shared and either says on the server (for domains) or stays on the device or email client for Personal Authentication Certificates (for email).
This public and private key are mathematically related, but not identical. What one key encrypts only the other key can decrypt. This is very much like those old codes and ciphers, but much more sophisticated. With the domain security, the public key encrypts the data and sends it to the server where it is decrypted. For email, the recipient's public key is used by the sender to encrypt the message, then when it is received it is decrypted with the private key.
At Comodo, our SSL/TLS products use 256 bit encryption and 2048 bit signing keys. This is considered to be virtually impossible to hack into and is highly resistant to even the most carefully orchestrated brute force attacks on a site.
As only one public key matches one private key and vice versa, the encryption is incredibly secure. Additionally, if a private key is ever lost or compromised the owner simply needs to notify the Certificate Authority and the certificate can be revoked and a new certificate issued.
Finally, with cryptography in network security all certificates issued by a Certificate Authority have an expiration date. This not more than three years. This means that the business or individual must re-apply at that time and be validated again. A new set of the public and private keys will also be provided, the private key from the server and the public key with the certificate.
There are different options for cryptography in network security that will more appropriate for use with one company or another. These can range from protection for a single website (domain) and a private, personal email to those used on government and private sites sharing highly sensitive information.
For any questions you may have on cryptography, Public Key Infrastructure and the use of SSL certificates for online security and website protection, see our sales staff at Comodo. Feel free to call us at +1 888 266 6361 or, if you prefer, text us through our Live Chat system at https://www.instantssl.com.