CHAPTER 18
Hashing in E-Commerce
18.1 THE VARIED APPLICATIONS OF CRYPTOGRAPHY
The three principal roles of cryptography are secrecy, access control, and authentication. Secrecy is needed to deny information contained in text by disguising its form; for example, to do the following:
i) To prevent an eavesdropper from learning the content of the communication when two users communicate over an open or insecure network
ii) To hide information in a file stored on some system
Cryptographic techniques are used to limit access to other facilities in information processing systems, but now the purpose is to authenticate or verify the user’s identity. For example, when a customer engages in an automated teller machine transaction (ATM), the customer:
i) Must be in possession of a valid ATM card on which the customers’s personal account number (PAN) is recorded
ii) Must know the corresponding personal identification number (PIN).
The Web has provided the third and most widespread application; when two parties communicate over an open and possibly insecure network, the following is true:
- Each party needs to be confident of the identity of the other
- Secrecy or privacy of the information exchanged must be provided.
Webster’s dictionary defines authentication as “a process by which each party to a communication verifies the identity of the other.” There are significant risks if my credit card information is revealed when purchasing goods or services during a Web transaction. Clever but criminal ...
