Cryptography is the science and study of coded communication. It is used recreationally but also has important uses in many types of security application. Network cryptography refers to the use of cryptography on computer networks. Its application is used to keep data safe from alteration and theft. When well done, network cryptography helps reduce both cybercrime and cyberterrorism.
Cryptography serves four specific purposes. First, it helps assure privacy, controlling the parties who have access to data. Second, it helps assure integrity, making sure that the data is not altered from the original transmission. Third, it is used in authentication, the system for proving one’s identity, and — by extension — one’s right to do whatever it is one is doing, such as signing for a credit card purchase. Finally, it provides non-repudiation, which ensures that the sender really really and undeniably originated the message.
The encryption systems used in network cryptography are of two main types. They may be either Symmetric-Key Encryption systems, also called Secret Key Cryptography (SKC), on the one hand, or Asymmetric or Public-Key Encryption systems, also called Public Key Cryptography (PKC), on the other hand. The main difference between the two systems is that while the “Secret” method uses a single key for both encrypting and decrypting data, the “Public” method uses two keys, one for encrypting and the other for decrypting. The original Symmetric-Key Encryption system, DES (Data Encryption System), has been replaced by AES (Advanced Encryption Standard). The Public-Key Encryption system has been further secured with the use of digital certificates, which have become an important part of the network cryptography system.
In the Public-Key Encryption system, and therefore in network cryptography, dated digital certificates play an important role. If the digital certificate, issued by a Certification Authority (CA) — a trusted third party, such as Thawte® or VeriSign® — is verified by a user’s web browser, then the public key in the certificate is used for the transmission of data. If verification fails, the user is notified and may choose to leave the web page or trust the website in question despite the failure.
Secure Socket Layers (SSL) is one implementation of Public-Key Encryption. A newer version is called Transport Layer Security (TLS), and this may be the most familiar use of network cryptography to most individuals. The use of TLS is signaled in the web address window by the appearance of “https” rather than “http.” When a visitor lands on a secure site such as a financial site, a payment transfer service site, or an online banking site, and the digital certificate is verified, communications sent back and forth in encrypted. Depending on the browser settings, the site visitor is warned about any transmissions on the site that are not encrypted.