Electronic Commerce

To conduct business on the Internet, merchants and customers need a way to automatically and safely collect and process credit card payments. The Secure Electronic Transaction (SET) protocol, developed by Microsoft, IBM, Netscape, GTE, Visa, and MasterCard, provides this security.

SET authenticates cardholders, merchants, and banks and provides secure transactions by using cryptographic techniques. Certificates are required to ensure that all parties involved are legitimate. An important feature of SET is that it is integrated into the existing credit card processing system. The Joint Electronic Payment Initiative project (JEPI) works to make secure credit card transactions a reality.

Another aspect of online security that involves certificates is code signing. Basically, web users need a way to know that programs and data they download from sites on the Internet are authentic and have not been altered. Code signing is like “shrink-wrap” that seals information so the recipient can trust its contents. Basically, a publisher encrypts its certificate into the code with its private key. Verifying the code is a matter of opening it with the publisher’s public key and then verifying the certificate with the CA’s public key.

Microsoft’s code signing initiative is called Authenticode. At the same time Netscape and JavaSoft have developed their own code signing technology called JAR (Java Archive Format). The World Wide Web Consortium (W3C) at http://www.w3.org is attempting to consolidate these digital signing and certificate technologies into a single framework called the Digital Signature Initiative or DSig. You can find additional information about DSig at http://www.w3.org.

Now that you understand the practical applications of cryptography, the rest of the chapter will discuss the mechanics of several encryption processes.

Symmetric (Secret Key) Cryptography

This section and the next outline details of encryption technologies. As illustrated in figure 10.2-A, symmetric encryption schemes transform plaintext into ciphertext using the same key. In contrast, public key asymmetric schemes use two keys as shown in figure 10.2-B.

As mentioned, the single key method makes it difficult to distribute keys to other users, but single key encryption techniques are fast and efficient, especially if large amounts of data must be encrypted. They are also useful for in-house use where keys can easily be exchanged in private and for encrypting data to be stored on internal file systems.

In general, public-key systems are more useful on the Internet and other public networks and provide a better way to exchange keys. With secret key systems, people must share the secret or trust a third party. The potential exists that a sender might repudiate a message by claiming that the secret key was compromised and the message was forged. Public key schemes do not have this problem. They tend be slower, however, in operation.

Because secret key cryptography is fast, it is often used in conjunction with public key cryptography. For example, a document can be encrypted using a secret key scheme, and then a recipient’s public key can be used to encrypt the secret key. This encryption produces what is called a digital envelope or “cryptolope” in IBM terminology.

Some important points about symmetric cryptography are outlined below:

•  People that exchange messages will use the same algorithm. The key changes. The algorithm will produce a different output when different keys are used even when the input is the same.

•  An encryption algorithm is typically available to the public and therefore must be strong and well tested. The more powerful the algorithm, the less likely that an attacker will be able to decrypt the resulting ciphertext.

•  The size of the key is critical to producing strong ciphertext. A 40-bit key, which is commonly used in public encryption schemes’ is now considered weak. The U.S. Government’s DES (Digital Encryption Standard) uses a 56-bit key. The most secure schemes use 128-bit or greater keys.

•  A cryptographic algorithm transforms plaintext into ciphertext using transposition and substitution, which are discussed next.

•  A cryptographic algorithm processes plaintext into ciphertext using either block ciphers or stream ciphers as discussed in a moment.

The next few sections explain the transposition and substitution process. In addition, the CD included with this book contains a DOS-executable file called ENCRYPT, in which you can choose options from a menu and practice encrypting and decrypting messages. The main menu of ENCRYPT is pictured in figure 10.6. The use of this utility is discussed in the appropriate following sections.

Figure 10.6  Using ENCRYPT to encrypt a message.