Featured news

__Author's Homepage__- Thursday, 17 April 2003.

__A Practical Guide to Red Hat Linux 8__". An interview with the author is available

__here__.

**Public Key Encryption**

In order to use public key encryption, you must generate two keys: a public key and a private key. You keep the private key for yourself and give the public key to the world. In a similar manner your friends will generate a pair of keys and give you their public keys. Public key encryption is marked by two distinct features.

1. When you encrypt data with someone's public key, only that person's private key can decrypt it.

2. When you encrypt data with your private key, anyone else can decrypt it with your public key.

You may wonder why the second point is useful at all: Why would you want everybody else to be able to decrypt something you just encrypted? The answer lies in the purpose of the encryption. Although encryption changes the original message into unreadable ciphertext, the purpose of this encryption is to provide a digital signature. If the message decrypts properly with your public key, only you could have encrypted it with your private key, proving that the message is authentic. Combining these two modes of operation yields privacy and authenticity. You can sign something with your private key so that it is verified as authentic, and then you can encrypt it with your friend's public key so that only your friend can decrypt it.

Public key encryption has three major shortcomings.

1. Public key encryption algorithms are generally much slower than symmetric key algorithms and usually require a much larger key size and a way to generate large prime numbers to use as components of the key, making them more resource intensive.

2. The private key must be stored securely and its integrity safeguarded. If a person's private key is obtained by another party, that party can encrypt, decrypt, and sign messages impersonating the original owner of the key. If the private key is lost or becomes corrupted, any messages previously encrypted with it are also lost, and a new keypair must be generated.

3. It is difficult to authenticate the origin of a key, that is, to prove who it originally came from. This is known as the key-distribution problem and is the raison d'etre for such companies as

__VeriSign__.

Algorithms such as RSA, Diffie-Hellman, and El-Gamal implement public key encryption methodology. Today a 512-bit key is considered barely adequate for RSA encryption and offers marginal protection; 1,024-bit keys are expected to withhold determined attackers for several more years. Keys that are 2,048 bits long are now becoming commonplace and rated as espionage strength. A mathematical paper published in late 2001 and reexamined in the spring of 2002 describes how a machine can be built-for a very large sum of money-that could break 1,024-bit RSA encryption in seconds to minutes (

__www.counterpane.com/crypto-gram-0203.html#6__). Although the cost of such a machine is beyond the reach of most individuals and smaller corporations, it is well within the reach of large corporations and governments.

**Symmetric Key Encryption**

# Spotlight

## Infographic: 25 years of the firewall

Posted on 24 July 2014. | The firewall turned 25, and McAfee is celebrating with an infographic that creatively depicts its lifetime. If you take a moment to scan the infographic, you’ll notice the firewall's introduction and evolution coincide with certain security events.

## European Central Bank blackmailed in wake of data breach

Posted on 24 July 2014. | The European Central Bank - the central bank for the euro - has suffered a data breach, and has only discovered it after receiving a blackmail letter from the attacker.

## The psychology of phishing

Posted on 23 July 2014. | Cybercriminals no longer send out thousands of emails at random hoping to get a handful of hits, today they create highly targeted phishing emails which are tailored to suit their recipients.

## Internet Explorer vulnerabilities increase 100%

Posted on 23 July 2014. | Bromium Labs research determined that Internet Explorer vulnerabilities have increased more than 100 percent since 2013, surpassing Java and Flash vulnerabilities.

## Intentional backdoors in iOS devices uncovered

Posted on 22 July 2014. | A researcher has revealed that Apple has equipped its mobile iOS with several undocumented features that can be used by attackers and law enforcement to access the sensitive data contained on the devices running it.

Reading our newsletter every Monday will keep you up-to-date with security news.

Receive a daily digest of the latest security news.