Most of us automatically use our credit cards online because we know that our information is encrypted so that only the website can view our information. Considering how important it is to protect the privacy of tax, finance and stock transactions, websites that offer these services must have superior ways of ensuring user’s privacy. Ensuring tight security on a website means focusing on the right encryption method and using digital certificates. Encryption systems belong to one of two types: symmetric-key encryption or public-key encryption. In order to decipher a message with symmetric-key encryption, the receiving computer uses an algorithm to decode it. Both computers share the same secret key code.
Cool Fact One:
Today’s computers use the Advanced Encryption Standard (AES) which offers quadrillions of possible key combinations. However, a weakness was found with symmetric key encryption because the code could be retrieved from the data by a hacker. Public-key encryption was introduced to address this weakness because it simultaneously uses two different keys, a public one and a private one. Only the originating computer knows the private key. If the message is picked up by a hacker, even though the public key is available to anyone, the hacker cannot decipher the message without the private key which is located on the originating computer.
Cool Fact Two:
Almost an infinite number of keys exist, making it nearly impossible to generate the key code using an algorithm because there are too many possibilities. When a Web site, such as a tax, finance or stock site, needs public-key encryption, it uses a digital certificate that states that the Web server has earned the trust of the certificate authority. The certificate authority authenticates the identity of both computers in the transaction and then gives each computer the public key.
Cool Fact Three:
Internet security uses a special security protocol called Transport Layer Security (TLS). When you use TLS, such as when you access an online bank website, your browser window changes from “http” to “https.” If you check your status bar, you will see the padlock symbol, which indicates encryption.
Cool Fact Four:
The padlock symbol in your status bar lets you know you are using encryption. TLS uses certificate authorities. Your browser initiates the public key and checks the certificate to make sure it is from a proper authority, is valid and is related to the originating site. The two computers can then communicate using both public- and symmetric-key encryption.
Cool Fact Five:
Public keys using a 128-bit number can generate 3,402,823,669,209,384,634,633,746,074,300,000,000,000,000,000,000,000,000,000,000,000,000 possible combinations. Authentication is another way of ensuring that information on the computer can be trusted. Forms of computer authentication include passwords, pass cards, digital signatures, and fingerprint, retina and face scans.
Cool Fact Six:
Checksums and CRC’s are performed to ensure that your data has not been corrupted during encryption. A checksum uses the value of 255 or 256 to calculate the sum of the bytes in a packet of information. Once the checksum is arrived at, mathematical calculations can verify that the data has not been corrupted. Another more accurate method is the cyclic-redundancy check (CRC) which uses polynomial division.
Cool Fact Seven:
Sending information over the Internet is one of the most secure ways of transmitting information. Although cell phones are popular, they are not a secure way to conduct transactions, since a cell phone conversation can be intercepted.
As you can see, encryption and the Internet is the best combination to use when sending sensitive information.