Cryptography is extremely useful; there is a multitude of applications, many of which are currently in use.

A typical application of cryptography is a system built out of the basic techniques. Such systems can be of various levels of complexity. Some of the more simple applications are secure communication, identification, authentication, and secret sharing. More complicated applications include systems for electronic commerce, certification, secure electronic mail, key recovery, and secure computer access. In general, the less complex the application, the more quickly it becomes a reality. Identification and authentication schemes exist widely, while electronic commerce systems are just beginning to be established. However, there are exceptions to this rule; namely, the adoption rate may depend on the level of demand. For example, SSL-encapsulated HTTP (see Question 5.1.2) gained a lot more usage much more quickly than simpler link-layer encryption has ever achieved. The adoption rate may depend on the level of demand. Secure Communication Secure communication is the most straightforward use of cryptography. Two people may communicate securely by encrypting the messages sent between them. This can be done in such a way that a third party eavesdropping may never be able to decipher the messages. While secure communication has existed for centuries, the key management problem has prevented it from becoming commonplace. Thanks to the development of public-key cryptography, the tools exist to create a large-scale network of people who can communicate securely with one another even if they had never communicated before. Identification and Authentication Identification and authentication are two widely used applications of cryptography. Identification is the process of verifying someone's or something's identity. For example, when withdrawing money from a bank, a teller asks to see identification (for example, a driver's license) to verify the identity of the owner of the account. This same process can be done electronically using cryptography. Every automatic teller machine (ATM) card is associated with a ``secret'' personal identification number (PIN), which binds the owner to the card and thus to the account. When the card is inserted into the ATM, the machine prompts the cardholder for the PIN. If the correct PIN is entered, the machine identifies that person as the rightful owner and grants access. Another important application of cryptography is authentication. Authentication is similar to identification, in that both allow an entity access to resources (such as an Internet account), but authentication is broader because it does not necessarily involve identifying a person or entity. Authentication merely determines whether that person or entity is authorized for whatever is in question. For more information on authentication and identification, see Question 2.2.5. Secret Sharing Another application of cryptography, called secret sharing, allows the trust of a secret to be distributed among a group of people. For example, in a (k, n)-threshold scheme, information about a secret is distributed in such a way that any k out of the n people (k e n) have enough information to determine the secret, but any set of k-1 people do not. In any secret sharing scheme, there are designated sets of people whose cumulative information suffices to determine the secret. In some implementations of secret sharing schemes, each participant receives the secret after it has been generated. In other implementations, the actual secret is never made visible to the participants, although the purpose for which they sought the secret (for example, access to a building or permission to execute a process) is allowed. See Question 2.1.9 for more information on secret sharing. Electronic Commerce Over the past few years there has been a growing amount of business conducted over the Internet - this form of business is called electronic commerce or e-commerce. E-commerce is comprised of online banking, online brokerage accounts, and Internet shopping, to name a few of the many applications. One can book plane tickets, make hotel reservations, rent a car, transfer money from one account to another, buy compact disks (CDs), clothes, books and so on all while sitting in front of a computer. However, simply entering a credit card number on the Internet leaves one open to fraud. One cryptographic solution to this problem is to encrypt the credit card number (or other private information) when it is entered online, another is to secure the entire session (see Question 5.1.2). When a computer encrypts this information and sends it out on the Internet, it is incomprehensible to a third party viewer. The web server ("Internet shopping center") receives the encrypted information, decrypts it, and proceeds with the sale without fear that the credit card number (or other personal

information) slipped into the wrong hands. As more and more business is conducted over the Internet, the need for protection against fraud, theft, and corruption of vital information increases. Certification Another application of cryptography is certification; certification is a scheme by which trusted agents such as certifying authorities vouch for unknown agents, such as users. The trusted agents issue vouchers called certificates which each have some inherent meaning. Certification technology was developed to make identification and authentication possible on a large scale. See Question4.1.3.10 for more information on certification. Key Recovery Key recovery is a technology that allows a key to be revealed under certain circumstances without the owner of the key revealing it. This is useful for two main reasons: first of all, if a user loses or accidentally deletes his or her key, key recovery could prevent a disaster. Secondly, if a law enforcement agency wishes to eavesdrop on a suspected criminal without the suspect's knowledge (akin to a wiretap), the agency must be able to recover the key. Key recovery techniques are in use in some instances; however, the use of key recovery as a law enforcement technique is somewhat controversial. See Question 7.12 for more on key recovery. Remote Access Secure remote access is another important application of cryptography. The basic system of passwords certainly gives a level of security for secure access, but it may not be enough in some cases. For instance, passwords can be eavesdropped, forgotten, stolen, or guessed. Many products supply cryptographic methods for remote access with a higher degree of security. Other Applications Cryptography is not confined to the world of computers. Cryptography is also used in cellular (mobile) phones as a means of authentication; that is, it can be used to verify that a particular phone has the right to bill to a particular phone number. This prevents people from stealing (``cloning'') cellular phone numbers and access codes. Another application is to protect phone calls from eavesdropping using voice encryption.

Application area of cryptography

Quantum cryptographic systems ensure the absolute and everlasting security of communications across a broad spectrum of end uses. QuintessenceLabs QKD systems are designed to suit numerous applications. Some of the most common applications include:        Link encryptors Ultrasecure optical fibre networks Wireless Point to point Free Space Optics Microwave Satellite QKD Uploads Handheld devices Link encryption ensures the secure communication of information in transit through an optical network. QuintessenceLabs QKD link encryption operates in real time and is transparent to all higher layer communications protocols. Link encryption is necessary when the security of a transmission channel cannot be assured, and it is not possible or desirable to modify existing communications protocols and equipment. For certain applications, including law enforcement and intelligence, link encryption is mandatory. QuintessenceLabs QKD provides ultrasecure communications over:      optical fibre metropolitan area networks direct point to point coverage up to 20 km extended range possible using relay stations tactical last mile fibre optical local area networks (LANs) for in-house high performance security

Wireless systems provide the same ultrasecure encryption of a standard QuintessenceLabs QKD system, but offer a low cost alternative for short range communications between sites where a dedicated fibre link is not essential. There are two types of wireless systems available: Free Space optics: The free space optics package uses line-of-sight laser transmission between rooftop systems, providing true one-time-pad data encryption over a 2km radius. Microwave: Similar to free-space optics, but incorporating microwave communications instead of lasers, this system supports longer haul metro line-of-sight data encryption but at a reduced data rate than the free space optics system. Current communication & military satellites are launched with a pre-defined encryption key sequence that, once exhausted cannot be refreshed. This defines the effective life of a satellite to be dependent on the quantity of data transmitted, rather than on the useable life of its hardware. Using a laser uplink and QuintessenceLabs QKD technology the encryption key database of a satellite can be securely re-keyed thus extending its useable life. Our quantum cryptographic system can also be integrated into handheld devices to transfer secure material, by means of true one-time pad encryption, between handsets without risk of interception. Other modes of operation suitable for defence or national security purposes are available. Contact us to
Home |

learn more.

Applications
Cryptography or cryptology is a Greek word that means 'hidden'. The verb form of the word, interestingly means 'write' and the term eventually stands for the exclusive study of message secrecy. Today, cryptography has become a branch of information theory and is used within a mathematical approach to study the transmission of information from place to place. The science of cryptography involves communication in the presence of adversaries. It even enhances the spheres of engineering and pure mathematics. It plays a very important role within the spheres authentication and access control. of information technology, Cryptography involves the hiding of the specific meaning of messages, but not their existence. The study also contributes to the development of computer science, particularly in the techniques used in network securities. It is crucial in application in the spheres that involve extensive and sensitive levels of access control and information confidentiality. Cryptography is also used in ATM cards and computer passwords and even within the world of electronic commerce. The hidden numbers that are a part of sensitive information that is also customer specific in

the application of the various identification codes like the PIN and TIN numbers issued to customers by the credit card companies and the banking institutions, depend upon the effective use of cryptography.

Earlier articles looked at particular cryptographic techniques. This one will consider how different kinds of ciphers, whether on their own or in combination, have practical application in areas such as digital signing or in popular programs such as PGP. A related matter is how issues that are not so much technical as social, managerial, or legal should be handled. For example, the matter of authenticating an individual's assertion to be the person claimed and the owner of a particular public key is handled by issuing a certificate. Matters such as this, together with the wider issues of vulnerabilities, key management, legal aspects, and other related issues are considered in the next article, Miscellaneous Issues. Back to top

Combining cryptographic methods

Digital signatures
Some cryptographers and writers on the subject object to the term "digital signature" for a variety of reasons, including that there are a number of important differences between this process and what is usually understood to be a "signature." This is perfectly correct but, in my view, misses the point. To sign something may usually be to append one's name in holograph, but the fundamental point is to associate an identifier of some sort with some object or action such that some responsibility is taken by the signer as to the integrity of the relevant thing. I've just as well signed a document if, being illiterate, I put an inky fingerprint on it or, having broken both wrists, use my foot or mouth to make a suitable mark or, being Whistler, sketch a butterfly in the corner of a lithograph -- or, replying to an e-mail, use a text sig. More contentiously, I might say I sign on occasions when I force a ring into hot sealing wax, or when I move my hands in particular patterns when conversing with someone who is deaf, or when I raise my eyebrows and tip my head to the door at a party. Any of these signings can be flawed through forgery ("The name wasn't written by me"), fraud ("The seal ring was stolen"), duress ("I was threatened with harm unless I signed"), misrepresentation (as with Dali, "The print made later on the blank sheet I signed wasn't mine"), misunderstanding ("The woman in front of my friend at the party thought I meant her"), and so on. If I've labored this, it's because it's na? to associate a conventional signature simply with a name in holograph. The important point is that any signature associates a person with some thing. That the association might later be shown to be flawed is a quite separate issue, although it's important to note that a digital signature verifies that a particular key was used, not that a particular individual actually signed the item. Encrypting with an asymmetric key is much slower that using a symmetric key and the usual practice is first to make a message digest and then to encrypt it using one's private key. This is the mechanism mentioned in the first article in this series. Asymmetric cryptography is vulnerable to misrepresentation, and the usual way to authenticate the relationship between a given individual and his public key is by issuing what are known as digital certificates. These are discussed in part 6, "Miscellaneous issues." The essence of the digital signature is encryption using a private key. This, subject to the caveats frequently mentioned, both authenticates the document as coming from the holder of that private key and validates the document as being unchanged since it was signed. The use of a message digest can be a considerable convenience, but is not essential. Transactions often require a guarantee against repudiation. Although a digital signature might seem to provide this, it's really little better than any o ther form of signature, such as those considered earlier. However, a digital timestamp -- a mechanism involving a third party which ties the signing of a document to a specific time -- goes a long way towards giving the necessary security, and this is also considered in "Miscellaneous issues."

Pretty Good Privacy

Invariably known by its initials, PGP, this program was developed by Phil Zimmerman to provide secure file storage and e-mail using complementary mechanisms. The original implementation

used IDEA as the symmetric cipher, MD5 as the one-way hash function for creating message digests, and RSA as the asymmetric cipher. PGP includes a pseudo-random number generator (PRNG), which samples the user's key stroke timings as part of what's required to generate a seed. It also includes algorithms for analyzing and, if required, subsequently compressing text. Compressing text saves disk space and transmission time, assuming that the resultant cipher text is always smaller than cipher text from uncompressed plain text. However, compressing text interferes with the patterns found in plain text. These will vary from language to language and within particular languages according to document type, but will almost always be present and can be exploited by a knowledgeable cryptanalyst. Similarly, letter frequencies can sometimes be used as aids to identification. In much English text, for example, the significant frequency order of letters is E, T, A, O, I, N S, H, R, D, L, U (the list used in the Soundex algorithm) this vanishes once the text is compressed. Where files are short, are already compressed, or don't have the capability to compress well, then they're left alone. The compression utility used is the freeware ZIP program, which is functionally equivalent to the algorithms used in PKWare PKZip 2. PGP uses the PRNG to generate a seed, which is used to create a session key. This is used to encrypt the plain text, using the symmetric cipher. The session key is then encrypted using the intended recipient's public key and the bundle is sent out. Optionally, PGP will also create a digital signature using a message digest encrypted with the sender's private key. Most digital certificates comply with the X.509 standard and so, theoretically at least, are interchangeable between different applications. However, PGP has criticisms of aspects of X.509 and has developed a similar system that, in its view, addresses the deficiencies. This is known as the PGP certificate format and is also considered later. PGP supports both PGP and X.509 formats. PGP now also offers Triple-DES and CAST as symmetric ciphers. There has also been a shift from RSA to new forms, complying with the NIST Digital Signature Scheme (DSS) -- although RSA is still supported. At the same time, MD5 has been replaced as the hash function except where RSA continues to be used; when DSS is used, then the hash function employed is SHA. In a sense the comments about the algorithms used in PGP are misleading. Further, issues surrounding PGP have gotten somewhat confused as a result of developments since the program appeared in 1991. PGP Inc. was bought in 1997 and is now owned by Network Associates (NAI), which now charges license fees for commercial use of PGP. PGP, apart from being free, was also open source. It wasn't quite open source in the way that term is currently understood, but it was open to anyone either to modify and compile or to use the published code as a standard against which compatible products could be created. The situation was -- and even now, to a some extent, still is -- complicated by US regulations on the export of cryptography which meant that US-created versions of PGP could not legally be exported from the US as binaries, but could be created externally from the published source code. A wide range of PGP versions exist of which PGP 6.5.1 is the most recent NAI version. This is free for private, non-commercial use. Earlier versions, mostly variation on 2.6n, are widely available and preferred by many users suspicious of later involvement by a commercial organization. These still require a license fee to be paid to NAI for commercial use as do versions created from the standard PGP source code (such as version 5.0i and 5.5i ). Lastly, Highware Inc. of Belgium offer a Mac product called SafeMail which is a PGP-compatible product created from the OpenPGP specifications. If you're thinking of following that route to develop your own version then you're free to do so without paying a license fee to NAI although you will have to agree license fees with any patent holders whose ciphers you use (such as IDEA and RSA in certain countries). PGP, properly used and with secure files, passwords and passphrases is effectively unbreakable. As with all other cryptographic products, however, it's vulnerable to a variety of attacks, some of which are considered in Miscellaneous Issues. However, it's also potentially vulnerable in being public code. Anyone can generate a copy of what purports to be PGP and then make that available for distribution. It's quite possible to incorporate some backdoor entry which allows apparently secure messages to be read. I say this not to encourage paranoia and suspicion, of which there's far too much about already, but simply to point out that it's prudent to take steps to be confident of the integrity of your copy of PGP whether it comes from an NAI reseller or from some other trusted source. Back to top

Covert communication
Steganography

Steganography is a method of hiding messages in innocent artifacts. Information may need to be exchanged without its being obvious that this is happening. In non-computer terms this can mean writing messages in invisible ink for later retrieval, inking on to a messenger's shaved scalp something later hidden by the regrown hair, or exchanging printed books where the message is picked out according to a particular formula. In computer data streams, the high-orders bit can variously be set or cleared, or non-printing characters can be brought into a data stream. Data is also frequently hidden in complex files, perhaps those of pictures or music where there's usually a considerable amount of redundancy such that including other material typically will have very little obvious effect. If it's a techno clip it's unlikely anyone would notice anyway. As with all cryptographic techniques, the major risks come not in breaking the encryption (although that's often pretty straightforward in the case of steganography) but from human error. Pictures and music used for this purpose need to be appropriate. If an artist or photographer sends and receives images with one advertising agency, that's fine. But if he's working at one firm and regularly bats the same picture back and forth to a colleague at a competitor's, then that's asking for trouble. Back to top

Security mechanisms
SecurID
Passwords and codes are used to secure important data, locations, and the like against unauthorized access. Assuming they are not compromised (by, for example, being written on a note taped to a desk or monitor), they take a finite amount of time to break. Various products use this as a partial defense by linking a passcode to a physical device and changing the key at short intervals. RSA Security's SecurID uses a battery-powered hand-held device known as a token. This stores the current time and holds a 64-bit value unique to that token. At specified intervals, typically every minute, the token calculates and displays a new code. The user combines this in some way with an agreed-upon secret code and enters this wherever a passcode is needed. An authentication server independently computes the token code for that particular time interval, combines it in the specified way with its copy of the user's secret code and allows access if the two passcodes match.

Smartcards
Smartcards are devices, typically in credit card form, that have limited processing power in the form of a specialized computer chip. Examples include French credit cards (now used increasingly in other European countries), GSM SIM cards, many building access cards, and so on. Smartcards are far more widely deployed in Europe than they are in the U.S., although this situation is changing. One recent report suggested that there were 420 million smartcards in use worldwide at the beginning of 2000, and that number is expected to grow to some four billion by 2005. Smartcards require readers in the form of POS terminals, building entry systems, ATMs, subscription readers for TV or video, computer access readers, and so on. In all cases, some kind of encryption is used to authenticate the holder or to allow access to particular areas or for particular periods of time. One benefit of the Rijndael cipher, provisionally selected for AES (qv), is that it's very small, an important requirement for smartcard use. Several companies are now developing toolkits and APIs that allow developers to produce applications for specific smartcard use. One such company is Thinkpulse, which is based in the US but formed by a group of French origin. Thinkpulse has taken the innovative approach of developing a standard run-time engine that software developers can target for different applications and different card types.

Biometrics
Biometrics denotes a wide range of techniques for authenticating an individual by reference to personal physical characteristics. These include fingerprint identification, iris and retina scanning, voice or face recognition, hand geometry measurement, and more. They vary greatly in reliability and in how intrusive and acceptable they are in use. Invariably there's a trade-off between false acceptance and false refusal, with some systems being far more accurate than others. The great advantage of biometric systems is that the identification token is unique (even if the interpretation might be faulty) and always present. These systems are increasingly used in conjunction with

smartcard systems and can often replace password-based authentication, or work in conjunction with conventional cryptosystems. Back to top

Electronic transfer of value

Among other things, money is a store of value. I do something that gains me more of this store, which I then exchange for something I want, and thus diminish the stored value. Subject to the risks of counterfeiting, theft, or loss, currency is a useful, familiar, and secure means of exchange. Once things become electronic, however, it's very different, as no tangible evidence exists and all parties need to be assured that the integrity of the transactions hasn't been compromised. SET was mentioned earlier as being a secure bank card information transfer system. Money, in the form of electronic cash, needs to be capable of being spent only once by whoever at that point has the authority to spend it. In addition, electronic money tokens need to be anonymous, as is the case with physical cash, and this introduces new difficulties in authentication schemes. Mondex is the name given to a system where currency is stored in smartcards periodically topped up from some other store, such as a bank account, and where the card can be used to make small purchases. It was tested, with very mixed results in Swindon, U.K.; one problem here was apparently caused later when the bank consortium decided to charge users for the use for the use of the cards. Prepaid phone cards are another form of stored value cards, and these are widely used in Japan. Again, the common factor with all such systems is the importance of cryptographically secure mechanisms for confirming the integrity of the amounts stored or transferred, and sometimes of the authentication of one or both parties. Small-value payments are likely to grow, so using mobile phones or PDAs, perhaps in conjunction with short range wireless connectivity, making this an area of increasing importance. Back to top

Conclusion
Cryptosystems are becoming vital in practical applications, often to authenticate the identity of a given person as an individual or as someone with authority to do something or be somewhere. They're also used to hide data from public view or to ensure that the integrity of the data has not been compromised. Applications such as PGP and its various clones can now be used by private individuals and businesses alike to ensure that the same objectives are met.