HIPAA tech
HIPAA dvisory
HIPAAdvisory > HIPAAtech Phoenix Health Systems
news
regs
action
tech
wares
alert
live
latest
online HIPAA training
HIPAAstore
HIPAA help desk
search
contact us
site map

Cryptography

Definition:

The conversion of data into a secret code for transmission over a public network. The original text, or plaintext, is converted into a coded equivalent called ciphertext via an encryption algorithm. The ciphertext is decoded (decrypted) at the receiving end and turned back into plaintext. The encryption algorithm uses a key, which is a binary number that is typically from 40 to 128 bits in length. The greater the number of bits in the key (cipher strength), the more possible key combinations and the longer it would take to break the code. The data is encrypted, or "locked," by combining the bits in the key mathematically with the data bits. At the receiving end, the key is used to "unlock" the code and restore the original data.

Secret versus Public Key

There are two cryptographic methods. The secret method uses the same key to encrypt and decrypt. The problem is transmitting the key to the recipient in order to use it. The public key method uses two keys. One is kept secret and never transmitted, and the other is made public. Very often, the public key method is used to safely send the secret key to the recipient so that the message can be encrypted using the faster secret key algorithm.

The traditional method uses a secret key, such as the DES standard. Both sender and receiver use the same key to encrypt and decrypt. This is the fastest method, but transmitting the secret key to the recipient in the first place is not secure. Public-key cryptography, such as RSA, uses both a private and a public key. Each recipient has a private key that is kept secret and a public key that is published for everyone. The sender looks up the recipient's public key and uses it to encrypt the message. The recipient uses the private key to decrypt the message. Owners never have a need to transmit their private keys to anyone in order to have their messages decrypted, thus the private keys are not in transit and are not vulnerable. Sometimes, both DES and RSA are used together. DES provides the fastest decryption, and RSA provides a convenient method for transmitting the secret key. Both the DES-encrypted text message and the secret key needed to decrypt it are sent via the RSA method. This is called a digital envelope.

Cryptography methods change as computers get faster. It has been said that any encryption code can be broken given enough computer time to derive all of the permutations. However, if it takes months to break a code, the war could be won or lost, or the financial transaction has little meaning. As computers get faster, the keys get longer and the algorithms become more complex to stay ahead of the game.

From Computer Desktop Encyclopedia (reprinted with permission). Copyright © 1981-1999 The Computer Language Company Inc.

Related Articles

Crypto: The story of how a group of code rebels saved your privacy on the Internet

RSA Releases Encryption Algorithm into Public Domain Two Weeks Early

Go to TOP