CRYPTOGRAPHY: THE GOOD & THE BAD

Cryptography: The Good & the Bad

Kimberly Workman
INSE 101 0AJ
Ivy Tech Community College

CRYPTOGRAPHY: THE GOOD & THE BAD

Cryptography: The Good & the Bad

Cryptography, the science of writing in secret code, is used in many arenas of life. The
use of cryptography can be seen in vast areas ranging from games found in the daily newspaper
to utility smart grids to international terrorism. The general purpose of cryptography is to protect
sensitive data from being discovered while in transmission, but not all uses of cryptography are
of a benevolent nature. Just as cryptography can be used to protect innocent people, it can also be
used to assist those people who harm others.
With the advent of advanced technology, the healthcare industry is using more and more
computer-based systems to maintain their patient record systems. With the passing by Congress
of the Health Insurance and Accountability Act of 1996 (HIPAA) which required the
Department of Health and Human Services to enact federal health privacy regulations, medical
providers are being forced to institute a plan of security to protect their patients right to privacy
and confidentiality (Health Insurance Portability and Accountability Act, 2010). The plan of
security for protecting patients privacy and confidentiality is through the use of cryptography.
The use of a Public-Key Infrastructure (PKI) and public-key enabled protocols are the
primary methods of securing patient record systems within the healthcare industry. A Public-Key
Infrastructure is a system of protocols and software designed to support digital certificates in
order to verify the authenticity and validity of the sender and receiver of data. A PKI, as used in
the healthcare industry, protects patients electronic medical records through the use of a
symmetric key algorithm (e.g. AES) to generate a ciphertext, hash function (e.g. SHA-1) to
produce a message digest, and public-key algorithm (e.g. RSA) to create a digital signature
(Hui-Mei, Shih-Hsiung, & Chin-Ming, 2005). The use of a PKI enables the sharing of electronic

CRYPTOGRAPHY: THE GOOD & THE BAD

medical records more readily and easily among medical providers and health insurance
companies without compromising the privacy and confidentiality of the patient by assuring the
sender and the receiver of the information are authenticated and valid transmitters and recipients.
While protecting electronic medical records from the exploits of ill-intended persons is a
reputable use for cryptography, there are other uses of cryptography that do not seem so virtuous.
The use of cryptography in the planning of international terrorist attacks is not the most orthodox
use of secret code writing. The planning of the terrorist attacks of September 11, 2001 against the
United States reportedly involved the use of cryptography as well as steganography, which is the
hiding of messages within an image. Stephen Budiansky (2002), journalist for Atlantic Monthly,
contends that, Some reports suggest al Qaeda not only used encrypted e-mail but also hid
encrypted message texts within picture files or other data that could be downloaded from a Web
site (p. 35).
The standard encryption used in email is the Pretty Good Privacy (PGP) system. The
PGP system is an asymmetrical encryption method which utilizes public-key cryptography. A
cryptographic algorithm, one of which is Secure Hash Algorithm -1 (SHA-1), is used to link a
users public and private key pair. The public key is for encrypting the files and the private key
for decrypting the files. The sender and recipient exchange keys in order to encrypt messages
with the others public key and the messages are decrypted using the others private key
(Peschel, 1997). The use of PGP cryptography permits users to transmit data more securely via
email, and in the case of al Qaeda, transmit the secret plan for the launching of attacks on the
United States on September 11, 2001 which resulted in the deaths of an estimated 2,977 innocent
victims.

CRYPTOGRAPHY: THE GOOD & THE BAD

Cryptography has a multitude of uses within the realm of technology. It can benefit and
protect the innocent from being exploited and from becoming a victim; however, it can also
assist the unlawful, immoral individuals who prey on others vulnerabilities. It appears that with
all things, You take the good, you take the bad; you take them both, and there you have, the
facts of life (Sanders, 2013).

CRYPTOGRAPHY: THE GOOD & THE BAD

References

Budiansky, S. (2002). Losing the code war. Atlantic Monthly (10727825), 289(2), 33. Retrieved
from
http://web.a.ebscohost.com.muncie.libproxy.ivytech.edu.allstate.libproxy.ivytech.edu/eho
st/pdfviewer/pdfviewer?sid=c13bc31a-38d4-4a40-82daf1bde3ec7d64%40sessionmgr4005&vid=202&hid=4207

Health Insurance Portability and Accountability Act (HIPAA). (2010). News Media & the Law,
34(2), 3. Retrieved from
http://web.a.ebscohost.com.muncie.libproxy.ivytech.edu.allstate.libproxy.ivytech.edu/eho
st/pdfviewer/pdfviewer?sid=c13bc31a-38d4-4a40-82daf1bde3ec7d64%40sessionmgr4005&vid=110&hid=4207

Hui-Mei, C., Shih-Hsiung, T., & Chin-Ming, H. (2005). A patient-identity security mechanism
for electronic medical records during transit and at rest. Medical Informatics & the
Internet in Medicine, 30(3), 227-240. doi:10.1080/14639230500209443. Retrieved from
http://web.a.ebscohost.com.muncie.libproxy.ivytech.edu.allstate.libproxy.ivytech.edu/eho
st/pdfviewer/pdfviewer?sid=c13bc31a-38d4-4a40-82daf1bde3ec7d64%40sessionmgr4005&vid=208&hid=4207

Peschel, J. (1997). PGP Mail brings strong encryption to 32-bit platforms. Infoworld, 19(13), 94.
Retrieved from
http://web.a.ebscohost.com.muncie.libproxy.ivytech.edu.allstate.libproxy.ivytech.edu/eho
st/detail?sid=c13bc31a-38d4-4a40-82da-

CRYPTOGRAPHY: THE GOOD & THE BAD

f1bde3ec7d64%40sessionmgr4005&vid=212&hid=4207&bdata=JnNpdGU9ZWhvc3Qtb
Gl2ZQ%3d%3d#db=aph&AN=9705023975

Sanders, J. (2013, September 13). The facts of life. [Video]. Retrieved from
http://www.youtube.com/watch?v=Sd6wEeKjbqg