2016 June 17
used in the following courses taught by Prof. Richardson
for this unit are to help the student understand
|INTRODUCTION||One of the important
consequences of the intense competitive market for consumer products and
services is an intensified enthusiasm for companies to possess more information
about existing customers in order to retain these customers. A big part
of retaining customers is obtaining customer profile information including
spending circumstances and personal information. The possession of such
information puts customers at risk for identity theft,
1. when their personal information is accessed by unauthorized peopleIt is these two reasons that are the main drive behind an increasing need to understand and employ the science of cryptography and utilize encryption techniques to keep customer profile information safe from misuse by criminals and diseffected employees.
Students reading this unit
should also look at the unit on Identity Theft
is a method of mathematically encoding used to transform messages inot
an unreadable format in an effort to maintain confidentiality of data"
a family of technologies
A "Google" search shows the terms noted above are widely replicated on many sites. One of the most reliable sources is the Glossary on the website of the Joint Information Systems Committee, based at Oxford University Computing Services. www.dcoce.ox.ac.uk/
|"Why Cryptography Is
Harder Than It Looks"
by Bruce Schneier, CTO and Founder, Counterpane Internet Security, Inc.
Here is a snapshot of some of the points made by Schneier
V in MGD415 at UTM in early Feb 2009 sent an email in which he discussed
an upcoming topic in class.
"The device will work in the same secure manner on any mobile network, according to Siegel". Plus, Its got the same, "Encryption, Decryption, Authentication and Digital Signature processing for extra security measures. RIM could have provided this security as well, since they would love to get free marketing for the next four years, however, the article mentioned an interesting point of how the government can't trust a Canadian company with such sensitive information and since they're already using over 90% of Microsoft's product, it would only make sense to go with the same company for all your product needs. "
pic provided by Umair
Commerce" Greenstein & Feinman,
Chpt 3, The Greenstein book titles this chapter "Regulatory Environment", but the beginning of the chapter deals mostly with the basics of Cryptography
see also Chpt 8 "Cryptography and Authentification"
for Chpt 3 used to be at
but the link is no longer active in 2007
|This "grinder" is a pretty
good representation of what a "key" does to a message that you want encrypted.
"Data is encrypted using an "algorithm" basically a mathematical formula that has only one non-factorable solution. Algorithms also use schemes such as double or triple encrypting the data. The "key" is the one and only number that the algorithm can use to decrypt the message. "
Much of the material in this inset table (either in direct quotes or summary form) comes from e-Scotia.com's site.
e-Scotia had a whole page
on Security and Cryptography at
|There are 5
key components of security in correspondence that business is trying to
establish in e-commerce situations
|Data is scrambled
or digitally encrypted and only parties who have
the right key can unlock and decode the data.
Encryption allows communication
to be confidential however it will not:
|Digital signatures can be
authenticated by third parties with credibility of the sender and receiver.
In e-commerce, leading financial institutions and government authorities
are positioning themselves to be "certification authorities". When the
digital signature of the recipient is validated by a "certification authority",
assurance can be provided that:
The length of the key is a factor in preventing brute force attacks. The longer a key is (in bits) the more tries one would need to make to find the right key. With a 56-bit key, there is a large but definite limit to the number of keys you need to check (72 quadrillion possible combinations). Some applications can test 200 million keys per second. With a little time and money, someone can build a specialized computer array that can break a 56 bit key encrypted message in a matter of minutes.
If the key is 128 bits long, or the equivalent of a 16-character message on a personal computer, a brute-force attack would be 4.7 sextillion (4,700,000,000,000,000,000,000) times more difficult than cracking a 56-bit key. Given the current power of computers, a 56-bit key is considered crackable; a 128-bit key isn't - at least not without an enormous amount of effort.
was formerly posted at www.cypost.com/encr_basic.html
RSA is a public key cryptosystem
for both encryption and authentication. It was invented in 1977.
It is an encryption algorithm that uses very large prime numbers
to generate the public key and the private key. RSA is typically used in
conjunction with a secret key cryptosystem such as DES. DES would be used
to encrypt the message as a whole and then use RSA to encrypt the secret
key. Thus, RSA provides a digital envelope for the message. RSA is in wide
use today, it is possibly the most commonly used public key algorithm
used. Because of this it has undergone a lot of public scrutiny and
there is much empirical evidence of its security. It can be used
for both encryption and signing.
|jj||The "Report on
Business" section of the Globe & Mail reported a story 2007 April
A Quantum Leap in Information Security: Pioneering physicist aims to lock out data hackers with speed-of-light cryptography
The story discussed the developments
of Dr. Wolfgang Tittel and his colleagues at the University of Calgary.
Dr. Tittel holds the news Chair in Quantum Cryptography
||CONTACT I MAIN PAGE I NEWS GALLERY I E-BIZ SHORTCUTS I INT'L BIZ SHORTCUTS I MKTG&BUSINESS SHORTCUTS I TEACHING SCHEDULE|
|MISTAKES ITEXTS USED I IMAGES I RANK IDISCLAIMER I STUDENT CONTRIBUTORS I FORMER STUDENTS I|