Widespread availability of data networks has significantly altered the way people use computers for both personal and business purposes. Merchants, financial institutions and many other businesses make their computers available over data networks. People can access these computers for shopping, banking or transacting business of almost any type. Moreover, because these computers can be accessed over public networks, such as the Internet, people can perform these transactions from almost any place in the world. For example, people can work from home, connecting to office computers through a public network, such as the Internet.
However, the widespread availability of public networks, and ease of accessing information on them, has created security problems. Unauthorized users can gain access to information over the network, sometimes almost as easily as authorized users, creating a risk of misuse of a wide range of personal and business information.
Accordingly, sensitive information transmitted over public networks, such as the Internet, is frequently transmitted using secured connections. Secured connections are generally established using cryptographic processing to allow one or more authorized users to engage in certain functions involving an exchange of information. To create a secured connection, some form of cryptographic information, frequently including “keys,” is used to apply a cryptographic function to messages transmitted over the network. The keys are provided only to users authorized to access information carried by the secured connection. Thus, even if unauthorized recipients can obtain messages as they are transmitted, only the users connected through the secured connection have the keys needed to perform the functions protected by the secured connection.
The specific functions protected by a secured connection may depend on the level of protection required. Secured connections frequently provide protection at the authentication level and/or the confidentiality level. For authentication, the keys may be used to apply a “signature” to a message that can only be duplicated by someone who has a key. The signature is generated by applying a cryptographic function to the message to generate a code, which is uniquely associated with the specific message and the specific key. A recipient may apply a cryptographic function to the message upon receipt to determine that the signature was generated using the specific key held by a specific authorized sender. Further, the recipient may verify that the message matches the signature, which allows the recipient to verify that the message was not altered after it was signed. In an authentication system, many users may be able to authenticate messages, but only users entrusted with keys can generate signatures.
If confidentiality is required, a key may be used to apply a cryptographic function to portions of the message that are to be maintained as confidential. The output of the cryptographic function is an encrypted message that can only be decrypted by an authorized recipient who has a key. The encrypted message is transmitted in place of the underlying unencrypted message. Though others may receive the encrypted message, only an authorized recipient with a key is able to decrypt it to access the underlying unencrypted message.
A drawback of using a secured connection is that network devices, even those that have a legitimate basis for accessing messages transmitted over the network, may be precluded from functioning. For example, routers that perform network address translation are precluded from operating on packets for which authentication is used because the translation of a network address in a message alters the message so that the signature no longer matches the message. Similarly, network monitoring devices are precluded from gathering statistics on encrypted packets because they cannot interpret what data is in the packets. Because of the disruption that secured connections can cause, adoption of certain security protocols has been hampered. For example, the IPsec protocol, though providing desirable attributes for security, has seen generally limited use because of its incompatibility with many network devices that have a legitimate need to access information conveyed over secured connections.