Interactions with computers and hence the Internet rely heavily on the input and output devices of a computer, namely the keyboard, mouse, and display. A majority of these interactions are driven by the information presented to a user on the display. The content and source of this information is usually processed and taken for granted by a user, increasingly leading to phishing, spoofing, and other visually-based attacks. These attacks are successful because the information displayed is what is expected to the user. As attackers become savvier, users may find it increasingly difficult to determine the integrity of visual information presented to them. Not only is it difficult for the user to determine the integrity of the presented information, but it is also becoming increasingly difficult for users to guarantee the integrity of computer systems. Consequently, users can have little confidence in the confidentiality of data, particularly when using remote inter-networked applications such as web banking.
Spyware is software that aids in gathering information about a person or organization without his or her knowledge and sends such information to another entity without the user's consent, or asserts control over a computer without knowledge. Spyware is typically classified into four types: system monitors, trojans, adware, and tracking cookies. Spyware is mostly used for purposes such as tracking and storing internet users' movements on the web, and serving up pop-up ads to internet users. Whenever spyware is used for malicious purposes, its presence is typically hidden from the user and can be difficult to detect. Some spyware may be installed by the owner of a shared, corporate, or public computer intentionally in order to monitor users. While the term “spyware” suggests software monitoring a user's computer usage, the functions of spyware can extend beyond simple monitoring.
A commonly used method of encryption for online communications is asymmetric encryption. Encryption key encryption is a type of asymmetric encryption where a party has a pair of keys. One key is a encryption key, which can be made freely available to the public. The other key, carefully guarded by the party, is a private key. A message encoded with a encryption key can only be decoded using the corresponding private key, and vice versa. RSA (Rivest-Shamir-Adleman) is a commonly used asymmetric key algorithm. In symmetric encryption, the sender and the recipient use the same key to encrypt and decrypt the message. For example, the Advanced Encryption Standard (AES) is a widely used symmetric key algorithm. AES is a cipher with a 128 bit block size and it uses keys of 128, 192 or 256 bits.