Ways to Authenticate Users
As we said in the previous section, keys are actually parameters you reference when you run your program (algorithm) to either encrypt or decrypt a message or a piece of data. Keys were first used with algorithms to enable people to communicate electronically in a more private manner. Originally, the same algorithm was used to both encrypt and decrypt a message. But that approach often proved vulnerable to the sophisticated computer programs hackers wrote to break the encrypted messages. By necessity, keys have had to become more complex, and their use and protection more secure. Different approaches have been used to try to ensure that encrypted material cannot be decrypted by anyone other than the intended receiver. This section describes some of these approaches.
Private Keys
One way for two
people who want to communicate privately with each other to do so is
for them to ensure that they each have a copy of the same key,
referred to as a private key, which they use for
both encryption and decryption of their message. But to use this
approach, they need to find a way to exchange the key information so
no one else can get the key.
If Mary and Ralph want to communicate, they will each need a copy of a key to encrypt and decrypt their messages. Let’s say that Ralph and Ed also want to communicate privately. They will need a different key so that Mary cannot read their messages. Now Ralph needs to maintain, protect, and track two different keys — one for ...
Get Oracle Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
