Security has long been an important issue in the design of computer systems and communication networks. Government agencies, standards organizations, and private concerns have created many techniques and tools for insuring the integrity and security of data as they are stored on or transmitted between computer systems. The current level of technology and structure of its knowledge can almost be considered a field of science today.
Encryption techniques scramble data into an unrecognizable form. There are two basic types of encryption--one-way and two-way. In addition, each type may either be "keyed" or "non-keyed". One-way encryption techniques are the most secure. It is impossible (or virtually impossible) to unscramble the data back into their original form. This is useful for storing passwords on a storage mechanism. Authentication is done by having a user enter a password, encrypting it into its one-way form and seeing if the scrambled results match the scrambled results that are stored. This technique, however, assumes that the user is directly connected to the computer's security system and that the keystrokes typed by the user as the password is being entered are not being transmitted to the computer doing the encryption over a non-secure medium. It is also not appropriate to use an intelligent terminal at the user's location to encrypt the password before sending it over a non-secure network, because the encrypted form can be intercepted and replayed by an unauthorized entity to gain access.
Two-way encryption techniques allow more flexibility for communication and in addition have more application. For example, a credit card number MUST be stored using a two-way encryption technique (assuming ANY encryption is to be used) so that it can be reassembled into a form that the credit card company can understand.
Two-way encryption techniques are the basis for most security methods employed over networks. The problem with this is that if the encryption technique becomes known, then the data being sent using it become vulnerable. This is where "keyed" two-way encryption techniques come in. These techniques scramble the data using a two-way technique which uses certain intrinsic information of a supplied "key" or password to determine how the data are altered. The data can be reassembled back into their original content by applying the key to the appropriate decryption method. Therefore, it is not enough to know the method used; one must also know the key (password) that was used as well. Security leaks (from insiders) can destroy the security of such systems. Therefore, keys are changed often.
Certain security systems use different encryption mechanisms to have computers at both ends of a communication session agree on an encryption key before data are sent. This means the information necessary to reassemble the transmitted data exists somewhere, and the data are therefore not totally secure. In addition, these techniques require intelligent software at both ends of the communication channel to agree on the keys and encrypt and decrypt the data.
Users of the Internet (more specifically the World Wide Web) typically have an intelligent processor at their ends (i.e. their PCS) however most of the information being presented by individuals and businesses on the Web use non-secure protocols like HTML for sending information. Other developments, such as Kerberos and SSL have created methods for sending fairly secure transactions; however even these can fail. A recent announcement from the COAST Laboratory (Computer Operations, Audit, and Security Technology) at Purdue describes a serious security flaw in Kerberos version 4 and the existence of a similar problem in version 5. And one leading vendor that uses an SSL-based protocol built into their commercially-available browser carefully reminds users that their sensitive information, even if transmitted securely, is only as secure as the administrators of the system to which they sent their information. Repeated transmissions of sensitive data over non-secure networks like the Internet continues to raise the risk of these data being misused.
Because of the explosive growth of the Internet, more specifically the World Wide Web, a tremendous need has appeared for the ability for users to send sensitive information like credit card numbers to other sites on the network. Many techniques have been developed using the encryption methodologies mentioned above. Some companies have recognized the dangers of sending even encrypted sensitive information over the Internet and have offered services using other methods of transmitting the information. Some use Fax services, and others use the telephone. However, in all cases so far, the user is still required at some point in time to transmit the sensitive data across a non-secure medium in one form or another. Therefore, all these methods open up a risk to the user, and this risk is usually repeated over and over. Even when credit card information is carried by the postal service to the vendor, it would be simple for an unscrupulous employee of that vendor to "embezzle" one or more incoming envelopes. Most people realize this and feel very nervous about having any of their credit card numbers floating around somewhere, totally in tact, and completely out of their control.
The common problem to all these techniques is that the sensitive information is always sent, in tact, over a single method that can be intercepted.